Authenticated Dictionary-Based Attribute Sharing in Federated Identity Management

Author

Shin, Dongwan ; Lopes, Rodrigo ; Claycomb, William

Author_Institution

Comput. Sci. & Eng. Dept., New Mexico Tech, Socorro, NM

fYear

2009

fDate

27-29 April 2009

Firstpage

504

Lastpage

509

Abstract

Authenticated dictionaries have been primarily studied and used in the context of certificate revocation in public key infrastructure (PKI). This paper presents a novel approach to enabling controlled access to and selective sharing of sensitive user attributes in federated identity management (FIM) by integrating an authenticated dictionary (ADT)-based credential into FIM, while attempting to achieve both better privacy control and usability. Our approach is motivated by the notion of user-centricity, which is essentially to give users a larger degree of control over their attributes. We discuss the design of a security system based on the usage of ADT-based credentials. Finally we discuss a proof-of-concept implementation.

Keywords

authorisation; data privacy; public key cryptography; ADT-based credentials; access control; attribute sharing; authenticated dictionary; certificate revocation; federated identity management; privacy control; public key infrastructure; security system; usability; user-centricity; Conference management; Content management; Control systems; Cryptography; Dictionaries; Identity management systems; Information technology; Privacy; Security; Usability; Authenticated Dictionary; Credential; Federated Identity; Privacy;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology: New Generations, 2009. ITNG '09. Sixth International Conference on

Conference_Location

Las Vegas, NV

Print_ISBN

978-1-4244-3770-2

Electronic_ISBN

978-0-7695-3596-8

Type

conf

DOI

10.1109/ITNG.2009.193

Filename

5070669