Skip to main content

Authorisation using Attributes from Multiple Authorities

Chadwick, David W. (2006) Authorisation using Attributes from Multiple Authorities. In: Reddy, Sumitra Mitra, ed. 15th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE'06). International Workshops on Enabling Technologies . IEEE, pp. 326-331. ISBN 0-7695-2623-3. (doi:10.1109/WETICE.2006.22)

Abstract

As attribute based authorisation infrastructures such as XACML gain in popularity, linking together user attributes from multiple attribute authorities (AAs) is becoming a pressing problem. Current models and mechanisms do not support this linking, primarily because the user is known by different names in the different AAs. Furthermore, linking the attributes together poses a potential risk to the users privacy. This paper provides a model and protocol elements for linking AAs, service providers and user attributes together, under the sole control of the user, thereby maintaining the users privacy. The paper also shows how the model and protocol elements can be implemented using existing technologies, namely relational databases or LDAP directories, and the SAML protocol.

Item Type: Book section
DOI/Identification number: 10.1109/WETICE.2006.22
Additional information: Winner of Best Paper Award
Uncontrolled keywords: authorization; joining processes; protocols; privacy; relational databases; paper technology; councils; access control
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Sciences > School of Computing > Security Group
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 18:04 UTC
Last Modified: 23 Jan 2020 04:02 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/14469 (The current URI for this page, for reference purposes)
Chadwick, David W.: https://orcid.org/0000-0003-3145-055X
  • Depositors only (login required):

Downloads

Downloads per month over past year