A user-centric federated single sign-on system

Authors:
Suriadi Suriadi;Ernest Foo;Audun Jøsang
Affiliations:
Information Security Institute, Queensland University of Technology, GPO Box 2434, Brisbane QLD 4001, Australia;Information Security Institute, Queensland University of Technology, GPO Box 2434, Brisbane QLD 4001, Australia;Information Security Institute, Queensland University of Technology, GPO Box 2434, Brisbane QLD 4001, Australia
Venue:
Journal of Network and Computer Applications
Year:
2009

Citing 10
Cited 6

Coloured Petri nets: basic concepts, analysis methods and practical use, volume 3

Coloured Petri nets: basic concepts, analysis methods and practical use, volume 3
Designing and Verifying a Communications Gateway Using Coloured Petri Nets and Design/CPN

Proceedings of the 17th International Conference on Application and Theory of Petri Nets
Analysis of an Ada System Using Coloured Petri Nets and Occurrence Graphs

Proceedings of the 13th International Conference on Application and Theory of Petri Nets
Simulation and Analysis of a Document Storage System

Proceedings of the 15th International Conference on Application and Theory of Petri Nets
Privacy and identity management for everyone

Proceedings of the 2005 workshop on Digital identity management
User centricity: a taxonomy and open issues

Proceedings of the second ACM workshop on Digital identity management
Usability and privacy in identity management architectures

ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
A signature scheme with efficient protocols

SCN'02 Proceedings of the 3rd international conference on Security in communication networks
A cryptographic framework for the controlled release of certified data

SP'04 Proceedings of the 12th international conference on Security Protocols
A cryptographic framework for the controlled release of certified data (transcript of discussion)

SP'04 Proceedings of the 12th international conference on Security Protocols

Modeling and Verification of Privacy Enhancing Protocols

ICFEM '09 Proceedings of the 11th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
Towards a dynamic federation framework based on SAML and automated trust negotiation

WISM'10 Proceedings of the 2010 international conference on Web information systems and mining
Secure interoperation of identity managements among different circles of trust

Computer Standards & Interfaces
User-centric identity management using trusted modules

EuroPKI'10 Proceedings of the 7th European conference on Public key infrastructures, services and applications
Efficient oblivious transfers with access control

Computers & Mathematics with Applications
Identity management-based social trust model for mediating information sharing and privacy enhancement

Security and Communication Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

Current identity management systems are not concerned with user privacy. Users must assume that identity providers and service providers will ensure their privacy, which is not always the case. This paper proposes an extension of the existing federated single sign-on (FSSO) systems that adopts the beneficial properties of the user-centric identity management (UCIM) model. This new identity management system allows the users to control and enforce their privacy requirements while still retaining the convenience of single sign-on over a federation of service providers. Colored Petri Nets are used to formally model the new identity management system to provide assurance that the privacy goals are achieved. To our knowledge, Colored Petri Nets have not been used to model privacy in identity management systems before.