Leveraging social networks to gain access to organisational resources

Chadwick, David W. and Inman, George and Siu, Kristy W.S. and Ferdous, Mohammad Sadek (2011) Leveraging social networks to gain access to organisational resources. In: Proceedings of the 7th ACM workshop on Digital identity management, 21st October 2011, Chicago, Illinois. (Full text available)

PDF
Download (165kB) Preview
[img]
Preview
Official URL
http://dx.doi.org/10.1145/2046642.2046653

Abstract

We describe a federated identity management service that allows users to access organisational resources using their existing login accounts at social networking and other sites, without compromising the security of the organisation’s resources. We utilise and extend the Level of Assurance (LoA) concept to ensure the organisation’s site remains secure. Users are empowered to link together their various accounts, including their organizational one with an external one, so that the strongest registration procedure of one linked account can be leveraged by the other sites’ login processes that have less stringent registration procedures. Coupled with attribute release from their organizational account, this allows users to escalate their privileges due to either an increased LoA, or additional attributes, or both. The conceptual and architectural designs are described, followed by the implementation details, the user trials we carried out, and a discussion of the current limitations of the system.

Item Type: Conference or workshop item (Paper)
Uncontrolled keywords: Authentication; Authorisation; Federated identity management; Level of assurance; Social networks
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Science Technology and Medical Studies > School of Computing > Security Group
Depositing User: David Chadwick
Date Deposited: 25 Oct 2012 17:00
Last Modified: 14 May 2014 10:48
Resource URI: http://kar.kent.ac.uk/id/eprint/31977 (The current URI for this page, for reference purposes)
ORCiD (Chadwick, David W.):
ORCiD (Inman, George):
ORCiD (Siu, Kristy W.S.):
ORCiD (Ferdous, Mohammad Sadek):
  • Depositors only (login required):

Downloads

Downloads per month over past year