Authorisation using Attributes from Multiple Authorities

Chadwick, David W. (2006) Authorisation using Attributes from Multiple Authorities. In: 15th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE 2006), 26-28 June 2006, Manchester, United Kingdom. (Full text available)

PDF
Download (135kB)
[img]
Preview
Official URL
http://dx.doi.org/10.1109/WETICE.2006.22

Abstract

As attribute based authorisation infrastructures such as XACML gain in popularity, linking together user attributes from multiple attribute authorities (AAs) is becoming a pressing problem. Current models and mechanisms do not support this linking, primarily because the user is known by different names in the different AAs. Furthermore, linking the attributes together poses a potential risk to the users privacy. This paper provides a model and protocol elements for linking AAs, service providers and user attributes together, under the sole control of the user, thereby maintaining the users privacy. The paper also shows how the model and protocol elements can be implemented using existing technologies, namely relational databases or LDAP directories, and the SAML protocol.

Item Type: Conference or workshop item (Paper)
Additional information: Winner of Best Paper Award
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Science Technology and Medical Studies > School of Computing > Security Group
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 18:04
Last Modified: 06 Sep 2011 01:34
Resource URI: http://kar.kent.ac.uk/id/eprint/14469 (The current URI for this page, for reference purposes)
  • Depositors only (login required):

Downloads

Downloads per month over past year