Can We Create a Cross-Domain Federated Identity for the Industrial Internet of Things without Google?

Kim, Eun-Soo; Cho, Youngseob; Kim, Bedeuro; Ji, Woojoong; Kim, Seok-Hyun; Woo, Simon S.; Kim, Hyoungshick

doi:10.1109/iotm.0001.2000050

Cited by 3 publications

(2 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The adoption of IoT solutions, such as smart-home and e-health, raises a new security concern that requires providing an identity federation framework [4,5]. The information between multiple IoT devices should be seamlessly exchanged across all domains to achieve authentication and authorization.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Dynamic Federated Identity Management Using OpenID Connect

2022

View full text Add to dashboard Cite

Identity federation allows one to link a user’s digital identities across several identity management systems. Federated identity management (FIM) ensures that users have easy access to the available resources. However, scaling FIM to numerous partners is a challenging process due to the interoperability issue between different federation architectures. This study proposes a dynamic identity federation model to eliminate the manual configuration steps needed to establish an organizational identity federation by utilizing the OpenID Connect (OIDC) framework. The proposed model consists of three major steps to establish dynamic FIM: first, the discovery of the OpenID service provider, which indicates the location of the partner organization; second, the registration of the OpenID relying party, which allows the organization and its partner to negotiate information for establishing the federation; finally, establishing the dynamic trust federation. The proposed dynamic FIM model allows applications to provide services to end-users coming from various domains while maintaining a trust between clients and service providers. Through our proposed dynamic identity federation model, organizations can save hundreds of hours by achieving dynamic federation in runtime and serving a large number of end-users.

show abstract

Section: Introductionmentioning

confidence: 99%

“…The information between multiple IoT devices should be seamlessly exchanged across all domains to achieve authentication and authorization. For example, in an e-health IoT service, users are able to use their single account for all the e-health provider's services for all the IoT devices via identity federation [4].…”

Section: Introductionmentioning

confidence: 99%

A Dynamic Federated Identity Management Using OpenID Connect

2022

View full text Add to dashboard Cite

show abstract

A Security Analysis of Blockchain-Based Did Services

et al. 2021

Self Cite

View full text Add to dashboard Cite

Decentralized identifiers (DID) has shown great potential for sharing user identities across different domains and services without compromising user privacy. DID is designed to enable the minimum disclosure of the proof from a user's credentials on a need-to-know basis with a contextualized delegation. At first glance, DID appears to be well-suited for this purpose. However, the overall security of DID has not been thoroughly examined. In this paper, we systemically explore key components of DID systems and analyze their possible vulnerabilities when deployed. First, we analyze the data flow between DID system components and analyze possible security threats. Next, we carefully identify potential security threats over seven different DID functional domains, ranging from user wallet to universal resolver. Lastly, we discuss the possible countermeasures against the security threats we identified.

show abstract