Architectures for identity management

Chehab, Maya I. and Abdallah, Ali E. (2009) Architectures for identity management. In: International Conference on Internet Technology and Secured Transactions, ICITST 2009. IEEE Conference Publications, pp. 1-8. ISBN 978-1-4244-5648-2

Full text not available from this repository. (Request a copy)


Identity management (IDM) is a pillar upon which all security goals are usually founded. Recent years have witnessed the emergence of a large number of new technologies for IDM systems such as Kerberos, Microsoft Passport, Shibboleth and Liberty Alliance. On the one hand, these systems offer organizations and service providers features which widely open new opportunities for doing business and facilitating work internally within organizations. On the other, they present new threats because of the additional risks arising from implicit trust to third parties. Hence, all these gains may have to be carefully balanced with the non-transparent risks to information privacy and integrity arising from implicit chains of trusts inherent in IDM systems. This paper presents a sample of two abstract, concise and generic architectures upon which some of the emerging IDM systems are based. On one hand, these architectures allow us to understand the features provided in each system and, therefore, being able to compare, contrast and evaluate these systems. On the other hand, since the trust relationship in these architectures are make explicit, this work provides the foundation for future investigation and analysis of security risks emerging from the trust relationships inherent in each of these architectures.

Item Type: Book Section
Uncontrolled Keywords: Identity management systems, Disaster management, Security, Privacy, Public key, Web server, Collaboration, Electronic mail, Social network services, Electronic learning ,security risks, identity management, Kerberos, Microsoft Passport, Shibboleth, Liberty Alliance, information privacy, information integrity, trusts
Subjects: CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science
Divisions: Faculty of Computing, Engineering and the Built Environment
Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology
Depositing User: Oana-Andreea Dumitrascu
Date Deposited: 06 Apr 2017 14:40
Last Modified: 22 Mar 2023 12:02

Actions (login required)

View Item View Item


In this section...