A conceptual model for attribute aggregation

Chadwick, David; Inman, George; Klingenstein, Nate

doi:10.1016/j.future.2009.12.004

Cited by 16 publications

(16 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Chadwick et al [34] developed another model by introducing a new SP called a linking service (LS). This conceptual model satisfies most of the identity management requirements and allows the collection of attributes from various sources.…”

Section: Related Workmentioning

confidence: 99%

A Hybrid Scheme for an Interoperable Identity Federation System Based on Attribute Aggregation Method

Haddouti

Kettani

2019

Computers

View full text Add to dashboard Cite

Several countries have invested in building their identity management systems to equip citizens with infrastructures and tools to benefit from e-services. However, current systems still lack the interoperability requirement, which is the core issue that could lower the wide benefits of having an identity management system. In fact, in the existing systems, the user is allowed to choose only one partial identity from an identity provider (IdP) during a single session with a service provider (SP). However, in some scenarios, an SP needs to retrieve information about user’s identities managed by multiple IdPs. The potential method to tackle these shortcomings is attribute aggregation from multiple identity providers. A number of initiatives and projects on attribute aggregation have been explored. Nevertheless, these constructions do not fulfill some identity management requirements. This paper describes a new flexible model that aims to provide the necessary mechanisms to ensure attribute aggregation in order to meet the interoperability challenges of current identity management systems. The proposed scheme is a scalable solution, based on identity federation technologies, that introduces a new IdP called an account linking provider (ALP). The purpose of this ALP is to link together different accounts, holding end users’ attributes, whenever more than one source of data is needed to grant access to the requested web resource in a single session. Furthermore, the proposed identity federation system is based on a streamlined, cost-effective, and interoperable architecture, which makes this model suitable for large-scale identity federation environments.

show abstract

Section: Related Workmentioning

confidence: 99%

A Hybrid Scheme for an Interoperable Identity Federation System Based on Attribute Aggregation Method

Haddouti

Kettani

2019

Computers

View full text Add to dashboard Cite

show abstract

“…Therefore, user impersonization by identity providers is inherent to the FIM model. Moreover, attribute aggregation [7] is often not supported. Further, many identity providers still use password based authentication since often no infrastructure for strong authentication is available.…”

Section: Related Workmentioning

confidence: 99%

A Smart Card Based Solution for User-Centric Identity Management

Vossaert¹,

Verhaeghe

Decker

et al. 2011

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Abstract. This paper presents a prototype of a previously proposed user-centric identity management system using trusted modules. The trusted module, implemented using a smart card, can retrieve user attributes from identity providers and offer them to service providers, after authentication. This paper allows an evaluation of the practical feasibility of the identity management architecture and provides insight in several design decisions made during the prototype implementation. Also, the cryptographic protocols implemented in the prototype are discussed.

show abstract

“…That is, neither the identity of the subject giving feedback nor the identity of the object on which feedback is given may change over multiple sessions or vary for different service providers. The TAS 3 architecture provides a federated identity management (FIDM) which lets users use different, non-linkable identifiers at different services and provides a linking service [7] with which users can combine attributes provided by different identity providers. This allows users to increase the impact of their feedback by linking relevant attributes without revealing their identity.…”

Section: Privacy Enhancement For Rtmmentioning

confidence: 99%

A Flexible Architecture for Privacy-Aware Trust Management

Böhm

Etalle

Hartog

et al. 2010

J. theor. appl. electron. commer. res.

View full text Add to dashboard Cite

In service-oriented systems a constellation of services cooperate, sharing potentially sensitive information and responsibilities. Cooperation is only possible if the different participants trust each other. As trust may depend on many different factors, in a flexible framework for Trust Management (TM) trust must be computed by combining different types of information. In this paper we describe the TAS 3 TM framework which integrates independent TM systems into a single trust decision point. The TM framework supports intricate combinations whilst still remaining easily extensible. It also provides a unified trust evaluation interface to the (authorization framework of the) services. We demonstrate the flexibility of the approach by integrating three distinct TM paradigms: reputation-based TM, credential-based TM, and Key Performance Indicator TM. Finally, we discuss privacy concerns in TM systems and the directions to be taken for the definition of a privacy-friendly TM architecture.

show abstract

A conceptual model for attribute aggregation

Cited by 16 publications

References 6 publications

A Hybrid Scheme for an Interoperable Identity Federation System Based on Attribute Aggregation Method

A Hybrid Scheme for an Interoperable Identity Federation System Based on Attribute Aggregation Method

A Smart Card Based Solution for User-Centric Identity Management

A Flexible Architecture for Privacy-Aware Trust Management

Contact Info

Product

Resources

About