Chadwick et al., 2010 - Google Patents
A conceptual model for attribute aggregationChadwick et al., 2010
View PDF- Document ID
- 12169122857802074566
- Author
- Chadwick D
- Inman G
- Klingenstein N
- Publication year
- Publication venue
- Future Generation Computer Systems
External Links
Snippet
This paper describes a conceptual model for attribute aggregation that allows a service provider (SP) to authorise a user's access request based on attributes asserted by multiple identity providers (IdPs), when the user is known by different identities at each of the IdPs …
- 230000002776 aggregation 0 title abstract description 66
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Application independent communication protocol aspects or techniques in packet data networks
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
- H04L69/32—High level architectural aspects of 7-layer open systems interconnection [OSI] type protocol stacks
- H04L69/322—Aspects of intra-layer communication protocols among peer entities or protocol data unit [PDU] definitions
- H04L69/329—Aspects of intra-layer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer, i.e. layer seven
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0815—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/02—Communication control; Communication processing contains provisionally no documents
- H04L29/06—Communication control; Communication processing contains provisionally no documents characterised by a protocol
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/30—Network-specific arrangements or communication protocols supporting networked applications involving profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/28—Network-specific arrangements or communication protocols supporting networked applications for the provision of proxy services, e.g. intermediate processing or storage in the network
- H04L67/2804—Network-specific arrangements or communication protocols supporting networked applications for the provision of proxy services, e.g. intermediate processing or storage in the network for adding application control or application functional data, e.g. adding metadata
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lopez et al. | Authentication and authorization infrastructures (AAIs): a comparative survey | |
| US7610390B2 (en) | Distributed network identity | |
| Werner et al. | Cloud identity management: A survey on privacy strategies | |
| Fischer-Hbner et al. | Privacy-enhancing technologies | |
| Bernstein et al. | Intercloud security considerations | |
| Chadwick et al. | Attribute aggregation in federated identity management | |
| KR20090068183A (en) | Self-registration enhanced digital identity sharing device and method | |
| US20240250931A1 (en) | A method for managing a digital identity | |
| Chadwick et al. | A conceptual model for attribute aggregation | |
| Chadwick et al. | The trusted attribute aggregation service (TAAS)-providing an attribute aggregation layer for federated identity management | |
| Taylor et al. | Implementing role based access control for federated information systems on the web | |
| Chadwick | Authorisation using attributes from multiple authorities | |
| Gomi | Dynamic identity delegation using access tokens in federated environments | |
| Augusto et al. | OFELIA–A secure mobile attribute aggregation infrastructure for user-centric identity management | |
| Yeh et al. | Applying lightweight directory access protocol service on session certification authority | |
| Papastergiou et al. | A federated privacy-enhancing identity management system (FPE-IMS) | |
| US7747850B1 (en) | Automated, internet-based secure digital certificate distribution and maintenance | |
| Ferdous et al. | A hybrid model of attribute aggregation in federated identity management | |
| Laborde et al. | A secure collaborative web-based environment for virtual organisations | |
| Vullings et al. | Secure federated authentication and authorisation to grid portal applications using saml and xacml | |
| Nasim | Privacy-enhancing access control mechanism in distributed online social network | |
| Inman et al. | A privacy preserving attribute aggregation model for federated identity managements systems | |
| Vullings et al. | Secure Federated Access to GRID applications using SAML/XACML | |
| Pimenidis et al. | Web services security evaluation considerations | |
| Huebner et al. | The CONVERGENCE Security Infrastructure |