Policy languages for digital identity management in federation systems

Elisa Bertino, Abhilasha Bhargav-Spantzel, Anna Cinzia Squicciarini

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

The goal of service provider federations is to support a controlled method by which distributed organizations can provide services to qualified individuals and manage their identity attributes at an inter-organizational level. In order to make access control decisions the history of activities should be accounted for, therefore it is necessary to record information on interactions among the federation entities. To achieve these goals we propose a comprehensive assertion language able to support description of static and dynamic properties of the federation system. The assertions are a powerful means to describe the behavior of the entities interacting in the federation, and to define policies controlling access to services and privacy policies. We also propose a log-based approach for capturing the history of activities within the federationimplemented as a set of tables stored at databases at the various organizations in the federation. We illustrate how, by using different types of queries on such tables, security properties of the federation can be verified.

Original languageEnglish (US)
Title of host publicationProceedings - Thirteenth International Symposium on Temporal Representation and Reasoning, TIME 2006
PublisherIEEE Computer Society
Pages11-21
Number of pages11
ISBN (Print)0769525989, 9780769525983
DOIs
StatePublished - 2006
Event7th IEEE International Workshop on Policies for Distributed Systems and Networks, Policy 2006 - London, ON, Canada
Duration: Jun 5 2006Jun 7 2006

Publication series

NameProceedings - Seventh IEEE International Workshop on Policies for Distributed Systems and Networks, Policy 2006
Volume2006

Other

Other7th IEEE International Workshop on Policies for Distributed Systems and Networks, Policy 2006
CountryCanada
CityLondon, ON
Period6/5/066/7/06

All Science Journal Classification (ASJC) codes

  • Engineering(all)

Fingerprint Dive into the research topics of 'Policy languages for digital identity management in federation systems'. Together they form a unique fingerprint.

  • Cite this

    Bertino, E., Bhargav-Spantzel, A., & Squicciarini, A. C. (2006). Policy languages for digital identity management in federation systems. In Proceedings - Thirteenth International Symposium on Temporal Representation and Reasoning, TIME 2006 (pp. 11-21). [1631155] (Proceedings - Seventh IEEE International Workshop on Policies for Distributed Systems and Networks, Policy 2006; Vol. 2006). IEEE Computer Society. https://doi.org/10.1109/POLICY.2006.22