Title :
A federated identity management system with centralized trust and unified Single Sign-On
Author :
Jiang, Jian ; Duan, Haixin ; Lin, Tao ; Qin, Fenglin ; Zhang, Hong
Author_Institution :
Dept. of Comput. Sci. & Technol., Tsinghua Univ., Beijing, China
Abstract :
Federated identity management (FIM) is an effective technology that allows multiple organizations to share resources with each other. Proposed FIM solutions have faced deployment and maintenance barriers caused by lack of effective trust management mechanism. In this paper, we present a FIM system with a centralized trust management component named TSP. TSP can automatically establish trust relationship between federation parties in runtime with inexpensive overhead. We also propose a new interaction mode, indirect authentication exchange, to unify network access authentication with application level Single Sign-On (SSO) as an integrated one-step authentication. With the features of centralized trust management and indirect authentication exchange, FIM system can be more easily and flexibly deployed and maintained. We have implemented a prototype to demonstrate the feasibility of proposed features.
Keywords :
authorisation; organisational aspects; resource allocation; trusted computing; FIM solution; FIM system; TSP; authentication exchange; centralized trust; deployment barriers; federated identity management system; federation parties; integrated one-step authentication; maintenance barriers; multiple organisations resource sharing; network access authentication; trust management mechanism; unified single sign-on; Authentication; Organizations; Protocols; Public key; Relays; Standards organizations;
Conference_Titel :
Communications and Networking in China (CHINACOM), 2011 6th International ICST Conference on
Conference_Location :
Harbin
Print_ISBN :
978-1-4577-0100-9
DOI :
10.1109/ChinaCom.2011.6158260
