{"title":"联邦身份管理的动态信任模型","authors":"Hao Gao, Jun Yan, Y. Mu","doi":"10.1109/NSS.2010.40","DOIUrl":null,"url":null,"abstract":"The goal of federated identity management is to allow principals, such as identities and attributes, to be shared across trust boundaries based on established policies. Since current Single Sign-On (SSO) mechanism excessively relies on the specifications of Circle of Trust (CoT), the need for service collaboration from different domains is being addressed on CoT. For the motivating issue of the cross-domain SSO mechanism, we need an emergent dynamic trust list for calculating the trust parties, thus, the CoT specifications require an initial effort on enrolling members automatically to adapt to the dynamic open environment. In this paper, we propose a Dynamic Trust Policy Language to support trust negotiation. The formal syntax of this language is presented in Backus Naur Form (BNF) based on the concept of role membership. We also systematically develop the Dynamic Trust Model (DTM) to allow Untrusted SP to join the existing CoT by trust negotiation. Finally, we identify the process and algorithm for communication between negotiation entities.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":"{\"title\":\"Dynamic Trust Model for Federated Identity Management\",\"authors\":\"Hao Gao, Jun Yan, Y. Mu\",\"doi\":\"10.1109/NSS.2010.40\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The goal of federated identity management is to allow principals, such as identities and attributes, to be shared across trust boundaries based on established policies. Since current Single Sign-On (SSO) mechanism excessively relies on the specifications of Circle of Trust (CoT), the need for service collaboration from different domains is being addressed on CoT. For the motivating issue of the cross-domain SSO mechanism, we need an emergent dynamic trust list for calculating the trust parties, thus, the CoT specifications require an initial effort on enrolling members automatically to adapt to the dynamic open environment. In this paper, we propose a Dynamic Trust Policy Language to support trust negotiation. The formal syntax of this language is presented in Backus Naur Form (BNF) based on the concept of role membership. We also systematically develop the Dynamic Trust Model (DTM) to allow Untrusted SP to join the existing CoT by trust negotiation. Finally, we identify the process and algorithm for communication between negotiation entities.\",\"PeriodicalId\":127173,\"journal\":{\"name\":\"2010 Fourth International Conference on Network and System Security\",\"volume\":\"21 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"19\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 Fourth International Conference on Network and System Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NSS.2010.40\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Fourth International Conference on Network and System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NSS.2010.40","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Dynamic Trust Model for Federated Identity Management
The goal of federated identity management is to allow principals, such as identities and attributes, to be shared across trust boundaries based on established policies. Since current Single Sign-On (SSO) mechanism excessively relies on the specifications of Circle of Trust (CoT), the need for service collaboration from different domains is being addressed on CoT. For the motivating issue of the cross-domain SSO mechanism, we need an emergent dynamic trust list for calculating the trust parties, thus, the CoT specifications require an initial effort on enrolling members automatically to adapt to the dynamic open environment. In this paper, we propose a Dynamic Trust Policy Language to support trust negotiation. The formal syntax of this language is presented in Backus Naur Form (BNF) based on the concept of role membership. We also systematically develop the Dynamic Trust Model (DTM) to allow Untrusted SP to join the existing CoT by trust negotiation. Finally, we identify the process and algorithm for communication between negotiation entities.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
