Access control in federated systems
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
A Privacy Agreement Negotiation Model in B2C E-Commerce Transactions
International Journal of Information Security and Privacy
Engineering Financial Enterprise Content Management Services: Integration and Control
International Journal of Systems and Service-Oriented Engineering
Hi-index | 0.00 |
We consider the problem of providing secure, private access to applications and data in a world-wide distributed client-server environment such as the Internet of the future. In such a system, the set of potential users of a service may extend far beyond the local community knowable to the application providing the service. Applications will not generally have prior knowledge of the individual making a request upon which an access control decision can be baed and furthermore, knowledge of an individual's identity may not be directly useful. We frame our discussion in the context of supporting credentials which are submitted with a request, and propose a list of desiderata for such credentials. We evaluate several well-known proposals for credentials, focusing on issues related to privacy and scalability, and then point out the research issues that remain before such schemes can be deployed in a world-wide environment with strong privacy guarantees.