• DocumentCode
    3435649
  • Title

    Authorisation Using Attributes from Multiple Authorities

  • Author

    Chadwick, David W.

  • Author_Institution
    Comput. Lab., Kent Univ., Canterbury
  • fYear
    2006
  • fDate
    38869
  • Firstpage
    326
  • Lastpage
    331
  • Abstract
    As attribute based authorisation infrastructures such as XACML gain in popularity, linking together user attributes from multiple attribute authorities (AAs) is becoming a pressing problem. Current models and mechanisms do not support this linking, primarily because the user is known by different names in the different AAs. Furthermore, linking the attributes together poses a potential risk to the user´s privacy. This paper provides a model and protocol elements for linking AAs, service providers and user attributes together, under the sole control of the user, thereby maintaining the user´s privacy. The paper also shows how the model and protocol elements can be implemented using existing technologies, namely relational databases or LDAP directories, and the SAML protocol
  • Keywords
    authorisation; cryptographic protocols; data privacy; relational databases; attribute based authorisation infrastructures; multiple attribute authorities; protocol elements; service providers; user privacy; Access control; Authorization; Councils; Joining processes; Paper technology; Pressing; Privacy; Protocols; Relational databases;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Enabling Technologies: Infrastructure for Collaborative Enterprises, 2006. WETICE '06. 15th IEEE International Workshops on
  • Conference_Location
    Manchester
  • ISSN
    1524-4547
  • Print_ISBN
    0-7695-2623-3
  • Type

    conf

  • DOI
    10.1109/WETICE.2006.22
  • Filename
    4092231
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3435649