Federated Identity Management technologies are exploited for user authentication in a number of network services but their usage may conflict with security restrictions imposed in a specific domain. We considered a specific case (roaming wireless access for guests) and extended the Stork SAML-based identity federation to cope with this problem by adding dynamic data, called meta-attributes, to be used for authorization even before the user authentication is completed. This concept may be easily extended to other data needed for trust verification and complex authorization decisions in a federated environment.
Exploiting proxy-based federated identity management in wireless roaming access / Berbecaru, DIANA GRATIELA; Lioy, Antonio; Aime, MARCO DOMENICO. - STAMPA. - 6863:(2011), pp. 13-23. ((Intervento presentato al convegno 8th International Conference, TrustBus 2011 tenutosi a Toulouse (FR) nel August 29 - September 2, 2011 [10.1007/978-3-642-22890-2_2].
Exploiting proxy-based federated identity management in wireless roaming access
BERBECARU, DIANA GRATIELA;LIOY, ANTONIO;AIME, MARCO DOMENICO
2011
Abstract
Federated Identity Management technologies are exploited for user authentication in a number of network services but their usage may conflict with security restrictions imposed in a specific domain. We considered a specific case (roaming wireless access for guests) and extended the Stork SAML-based identity federation to cope with this problem by adding dynamic data, called meta-attributes, to be used for authorization even before the user authentication is completed. This concept may be easily extended to other data needed for trust verification and complex authorization decisions in a federated environment.File | Dimensione | Formato | |
---|---|---|---|
2439064.pdf
non disponibili
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
371.5 kB
Formato
Adobe PDF
|
371.5 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2439064
Attenzione
Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo