{"title":"泛在环境下基于SAML的安全委托模型","authors":"Kyu Il Kim, H. Lee, U. Kim","doi":"10.1109/ISA.2008.56","DOIUrl":null,"url":null,"abstract":"Ubiquitous environment is a post-desktop model of human-computer interaction in which information processing has been thoroughly integrated into everyday objects and activities. But hacker attack one of fragile point and can misuse legitimate user privilege because all of the connected devices provide services for the user control and monitoring in real time. Also, the users of web services must temporarily delegate some or all of their rights to agents in order to perform actions on their behalf. This fact risks the exposure of user privacy information. In this paper, we propose secure delegation model based on SAML that provides confidentiality and integrity about the user information in ubiquitous environment. The proposed mechanism defines extended agent delegation by Security Assertion Markup Language (SAML) and proposes not only authentication but also privilege grant by access control server based on extensible Access Control Markup Language (XACML).","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Secure Delegation Model based on SAML in Ubiquitous Environments\",\"authors\":\"Kyu Il Kim, H. Lee, U. Kim\",\"doi\":\"10.1109/ISA.2008.56\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Ubiquitous environment is a post-desktop model of human-computer interaction in which information processing has been thoroughly integrated into everyday objects and activities. But hacker attack one of fragile point and can misuse legitimate user privilege because all of the connected devices provide services for the user control and monitoring in real time. Also, the users of web services must temporarily delegate some or all of their rights to agents in order to perform actions on their behalf. This fact risks the exposure of user privacy information. In this paper, we propose secure delegation model based on SAML that provides confidentiality and integrity about the user information in ubiquitous environment. The proposed mechanism defines extended agent delegation by Security Assertion Markup Language (SAML) and proposes not only authentication but also privilege grant by access control server based on extensible Access Control Markup Language (XACML).\",\"PeriodicalId\":212375,\"journal\":{\"name\":\"2008 International Conference on Information Security and Assurance (isa 2008)\",\"volume\":\"54 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-04-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 International Conference on Information Security and Assurance (isa 2008)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISA.2008.56\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Conference on Information Security and Assurance (isa 2008)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISA.2008.56","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Secure Delegation Model based on SAML in Ubiquitous Environments
Ubiquitous environment is a post-desktop model of human-computer interaction in which information processing has been thoroughly integrated into everyday objects and activities. But hacker attack one of fragile point and can misuse legitimate user privilege because all of the connected devices provide services for the user control and monitoring in real time. Also, the users of web services must temporarily delegate some or all of their rights to agents in order to perform actions on their behalf. This fact risks the exposure of user privacy information. In this paper, we propose secure delegation model based on SAML that provides confidentiality and integrity about the user information in ubiquitous environment. The proposed mechanism defines extended agent delegation by Security Assertion Markup Language (SAML) and proposes not only authentication but also privilege grant by access control server based on extensible Access Control Markup Language (XACML).