零信任联合中不同数据源的链接上下文

Masato Hirai, Daisuke Kotani, Y. Okabe
{"title":"零信任联合中不同数据源的链接上下文","authors":"Masato Hirai, Daisuke Kotani, Y. Okabe","doi":"10.48550/arXiv.2209.11108","DOIUrl":null,"url":null,"abstract":"An access control model called Zero Trust Architecture (ZTA) has attracted attention. ZTA uses information of users and devices, called context, for authentication and authorization. Zero Trust Federation (ZTF) has been proposed as a framework for extending an idea of identity federation to support ZTA. ZTF defines CAP as the entity that collects context and provides it to each organization (Relying Party; RP) that needs context for authorization based on ZTA. To improve the quality of authorization, CAPs need to collect context from various data sources. However, ZTF did not provide a method for collecting context from data sources other than RP. In this research, as a general model for collecting context in ZTF, we propose a method of linking identifiers between the data source and CAP. This method provides a way to collect context from some of such data sources in ZTF. Then, we implemented our method using RADIUS and MDM as data sources and confirmed that their contexts could be collected and used.","PeriodicalId":390980,"journal":{"name":"International Workshop Emerging Technologies for Authorization and Authentication","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Linking Contexts from Distinct Data Sources in Zero Trust Federation\",\"authors\":\"Masato Hirai, Daisuke Kotani, Y. Okabe\",\"doi\":\"10.48550/arXiv.2209.11108\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"An access control model called Zero Trust Architecture (ZTA) has attracted attention. ZTA uses information of users and devices, called context, for authentication and authorization. Zero Trust Federation (ZTF) has been proposed as a framework for extending an idea of identity federation to support ZTA. ZTF defines CAP as the entity that collects context and provides it to each organization (Relying Party; RP) that needs context for authorization based on ZTA. To improve the quality of authorization, CAPs need to collect context from various data sources. However, ZTF did not provide a method for collecting context from data sources other than RP. In this research, as a general model for collecting context in ZTF, we propose a method of linking identifiers between the data source and CAP. This method provides a way to collect context from some of such data sources in ZTF. Then, we implemented our method using RADIUS and MDM as data sources and confirmed that their contexts could be collected and used.\",\"PeriodicalId\":390980,\"journal\":{\"name\":\"International Workshop Emerging Technologies for Authorization and Authentication\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-09-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Workshop Emerging Technologies for Authorization and Authentication\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.48550/arXiv.2209.11108\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Workshop Emerging Technologies for Authorization and Authentication","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.48550/arXiv.2209.11108","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

一种称为零信任体系结构(ZTA)的访问控制模型引起了人们的注意。ZTA使用用户和设备的信息(称为上下文)进行身份验证和授权。零信任联盟(Zero Trust Federation, ZTF)被提议作为扩展身份联盟思想以支持ZTA的框架。ZTF将CAP定义为收集上下文并将其提供给每个组织(依赖方;RP),需要基于ZTA的授权上下文。为了提高授权质量,cap需要从各种数据源收集上下文。但是,ZTF没有提供从RP以外的数据源收集上下文的方法。在本研究中,作为在ZTF中收集上下文的通用模型,我们提出了一种在数据源和CAP之间链接标识符的方法。该方法提供了一种从ZTF中某些此类数据源收集上下文的方法。然后,我们使用RADIUS和MDM作为数据源来实现我们的方法,并确认可以收集和使用它们的上下文。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Linking Contexts from Distinct Data Sources in Zero Trust Federation
An access control model called Zero Trust Architecture (ZTA) has attracted attention. ZTA uses information of users and devices, called context, for authentication and authorization. Zero Trust Federation (ZTF) has been proposed as a framework for extending an idea of identity federation to support ZTA. ZTF defines CAP as the entity that collects context and provides it to each organization (Relying Party; RP) that needs context for authorization based on ZTA. To improve the quality of authorization, CAPs need to collect context from various data sources. However, ZTF did not provide a method for collecting context from data sources other than RP. In this research, as a general model for collecting context in ZTF, we propose a method of linking identifiers between the data source and CAP. This method provides a way to collect context from some of such data sources in ZTF. Then, we implemented our method using RADIUS and MDM as data sources and confirmed that their contexts could be collected and used.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Linking Contexts from Distinct Data Sources in Zero Trust Federation Authentication, Authorization, and Selective Disclosure for IoT data sharing using Verifiable Credentials and Zero-Knowledge Proofs An Interface between Legacy and Modern Mobile Devices for Digital Identity Handling Meta Attribute Information in Usage Control Policies (Short Paper) Protecting FIDO Extensions Against Man-in-the-Middle Attacks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1