Fine-Grained Recommendation Systems for Service Attribute Exchange
ICSOC-ServiceWave '09 Proceedings of the 7th International Joint Conference on Service-Oriented Computing
Hi-index | 0.00 |
We propose an extension of the attribute exchange between an Identity Provider (IdP) and an Service Provider (SP) in Shibboleth. While in the conventional framework of Shibboleth attributes are exchanged in immediate values, in our new extension an SP and an IdP exchange attributes according to so-called "Magic Protocols''. This extension enables the SP to know whether user's attributes meet the requirement for authorization, without the SP and the IdP revealing their confidential information. We also show how we can detectch eating in execution of this protocol, e.g.\ the IdP tells another value instead of the true value to the SP in malice.