A user-centric federated single sign-on system |
| |
Authors: | Suriadi Suriadi Ernest Foo Audun Jøsang |
| |
Affiliation: | 1. NEC Europe Ltd., Kurfürsten-Anlage 36, 69115 Heidelberg, Germany;2. Department of Information and Communications Engineering, University of Murcia, Murcia 30100, Spain;1. Department of Cardiology, Nagoya University Graduate School of Medicine, Nagoya, Japan;2. Department of Pathology, Nagoya University Graduate School of Medicine, Nagoya, Japan;1. Department of Pathology, University of Texas Health Science Center at San Antonio, San Antonio, Texas, USA;2. Department of Medicine, University of Michigan Medical Center, Ann Arbor, Michigan, USA |
| |
Abstract: | Current identity management systems are not concerned with user privacy. Users must assume that identity providers and service providers will ensure their privacy, which is not always the case. This paper proposes an extension of the existing federated single sign-on (FSSO) systems that adopts the beneficial properties of the user-centric identity management (UCIM) model. This new identity management system allows the users to control and enforce their privacy requirements while still retaining the convenience of single sign-on over a federation of service providers. Colored Petri Nets are used to formally model the new identity management system to provide assurance that the privacy goals are achieved. To our knowledge, Colored Petri Nets have not been used to model privacy in identity management systems before. |
| |
Keywords: | |
本文献已被 ScienceDirect 等数据库收录! |
|