Trust negotiation in identity management

Abhilasha Bhargav-Spantzel, Anna Squicciarini, Elisa Bertino

Research output: Contribution to journalReview article

51 Citations (Scopus)

Abstract

The significance of federated identity management system (IdM) for protection of user information, is discussed. Federated identity management system provides a group or organizations, mechanisms for managing and gaining access to user identity information. IdM systems involve two types of entities: identity providers and service providers. An IdP manages user authentication and user-identity-relevant information while service provider (SP) of system specifies and enforces the access-control policies for protection of user information resources. The IdM system provide the user information needed to satisfy the requesting SP's access-control policies using differentiated privacy preferences of user to protect user information. IdM technology and automated trust-negotiation (ATN) techniques establish trust between negotiating parties online through bilateral credential disclosure for protection of user information.

Original languageEnglish (US)
Pages (from-to)55-63
Number of pages9
JournalIEEE Security and Privacy
Volume5
Issue number2
DOIs
StatePublished - Mar 1 2007

Fingerprint

management
Access control
Information services
service provider
Authentication
information service
privacy
resources
Group

All Science Journal Classification (ASJC) codes

  • Engineering(all)
  • Computer Networks and Communications

Cite this

Bhargav-Spantzel, Abhilasha ; Squicciarini, Anna ; Bertino, Elisa. / Trust negotiation in identity management. In: IEEE Security and Privacy. 2007 ; Vol. 5, No. 2. pp. 55-63.
@article{789b61e19d1b48a09d14940569ed4e18,
title = "Trust negotiation in identity management",
abstract = "The significance of federated identity management system (IdM) for protection of user information, is discussed. Federated identity management system provides a group or organizations, mechanisms for managing and gaining access to user identity information. IdM systems involve two types of entities: identity providers and service providers. An IdP manages user authentication and user-identity-relevant information while service provider (SP) of system specifies and enforces the access-control policies for protection of user information resources. The IdM system provide the user information needed to satisfy the requesting SP's access-control policies using differentiated privacy preferences of user to protect user information. IdM technology and automated trust-negotiation (ATN) techniques establish trust between negotiating parties online through bilateral credential disclosure for protection of user information.",
author = "Abhilasha Bhargav-Spantzel and Anna Squicciarini and Elisa Bertino",
year = "2007",
month = "3",
day = "1",
doi = "10.1109/MSP.2007.46",
language = "English (US)",
volume = "5",
pages = "55--63",
journal = "IEEE Security and Privacy",
issn = "1540-7993",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "2",

}

Trust negotiation in identity management. / Bhargav-Spantzel, Abhilasha; Squicciarini, Anna; Bertino, Elisa.

In: IEEE Security and Privacy, Vol. 5, No. 2, 01.03.2007, p. 55-63.

Research output: Contribution to journalReview article

TY - JOUR

T1 - Trust negotiation in identity management

AU - Bhargav-Spantzel, Abhilasha

AU - Squicciarini, Anna

AU - Bertino, Elisa

PY - 2007/3/1

Y1 - 2007/3/1

N2 - The significance of federated identity management system (IdM) for protection of user information, is discussed. Federated identity management system provides a group or organizations, mechanisms for managing and gaining access to user identity information. IdM systems involve two types of entities: identity providers and service providers. An IdP manages user authentication and user-identity-relevant information while service provider (SP) of system specifies and enforces the access-control policies for protection of user information resources. The IdM system provide the user information needed to satisfy the requesting SP's access-control policies using differentiated privacy preferences of user to protect user information. IdM technology and automated trust-negotiation (ATN) techniques establish trust between negotiating parties online through bilateral credential disclosure for protection of user information.

AB - The significance of federated identity management system (IdM) for protection of user information, is discussed. Federated identity management system provides a group or organizations, mechanisms for managing and gaining access to user identity information. IdM systems involve two types of entities: identity providers and service providers. An IdP manages user authentication and user-identity-relevant information while service provider (SP) of system specifies and enforces the access-control policies for protection of user information resources. The IdM system provide the user information needed to satisfy the requesting SP's access-control policies using differentiated privacy preferences of user to protect user information. IdM technology and automated trust-negotiation (ATN) techniques establish trust between negotiating parties online through bilateral credential disclosure for protection of user information.

UR - http://www.scopus.com/inward/record.url?scp=34047093851&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34047093851&partnerID=8YFLogxK

U2 - 10.1109/MSP.2007.46

DO - 10.1109/MSP.2007.46

M3 - Review article

AN - SCOPUS:34047093851

VL - 5

SP - 55

EP - 63

JO - IEEE Security and Privacy

JF - IEEE Security and Privacy

SN - 1540-7993

IS - 2

ER -