Privacy-preserving identity federation middleware for web services (PIFM-WS)

The emergence of XML-based web services as a new software development paradigm increases the expectations of getting better software that address the various collaboration demands over Internet between organizations, or what´s termed virtual Organization (VO). The development of appropriate identity management systems between these heterogeneous security domains will be the key enabler for such collaboration. One major drawback resulted from VO is the real concerns and threats to human privacy. In this paper, we introduce a middleware (PIFM-WS) design to provide anonymous yet authenticated and accountable interaction between users and services in identity federation systems. The pivotal issue is the user privacy protection in cross-domains computing. A prototype is developed using state-of-the-art WS-* stack tools (.Net). The prototype implements the main core functionalities of access control where the privacy-protection measures get implemented. An analysis of the middleware features and performance evaluation results using the software prototype are presented. Slight overhead is exhibited and could be ignored in the prototype compared to features gained.