Role-Based Access Control Models
Computer
Access control in federated systems
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Managing privacy preferences for federated identity management
Proceedings of the 2005 workshop on Digital identity management
Access control management in a distributed environment supporting dynamic collaboration
Proceedings of the 2005 workshop on Digital identity management
Privacy policies compliance across digital identity management systems
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
| Hi-index | 0.00 |
Identity Federation technologies have enabled users to leverage their relationships with an Identity Provider (IdP) into a Service Provider's (SP) domain. They allow user-initiated and IdP-controlled sharing of authentication information, attributes and authorization policies, allowing users to get benefits like Single Sign On (SSO) and attribute linking across the different domains. Federation-based Identity Services have enabled a standardized mechanism of sharing a particular type of user identity information with interested SPs. Yet, with increasing focus on composite as well as personalized user experiences, different types of User Identity Data need to be used together. In this paper, we argue that there is a lack of standardized mechanisms for resolution and ownership, when it comes to data associations across different Identity Providers. Additionally, users have different privacy requirements for these different kinds of interacting identity information and need mechanisms to enforce them. We propose a solution which allows users to define privacy-preserving data dependencies between their different Identity information. Thus, a query for a particular user information, would honor and traverse its associated data dependencies, possibly triggering user-defined policies, to come up with a resultant set of identity information.