Banner
       



Publication Details PU-18 - `Secure AAA by means of Identity Tokens in Next Generation Mobile Environments´


4-9 March 2007; David J. Lutz

Abstract:
In this paper, the concept of Identity Tokens is described and how this approach can help to build up a stable, reliable and secure AAA1 infrastructure without loosing sight of privacy. This approach can be used in (mobile) environments to guarantee that a user is not pushed to submit private information that, within his view, is in an untrusted domain, but that he can still be authenticated, authorized and billed.

References:
[1] The Globus Toolkit Website – http://www.globus.org/toolkit/
[2] Community Authorization Service (CAS) Documentation. http://www.globus.org/toolkit/docs/3.2/cas/
[3] Akenti – Distributed Access Control. http://dsd.lbl.gov/Akenti/
[4] PrivilEge and Role Management Infrastructure Standards Validation. http://www.permis.org/index.html
[5] D. Chadwick. An X.509 Role-based Privilege Management Infrastructure. In Future Generation Computer Systems, pages 277 - 289, 2003.
[6] R. Alfieri et al. VOMS, an Authorization System for Virtual Organizations. In Proc. of the 1st European Across Grids Conference, Santiago de Compostela, 2003.
[7] R. Alfieri et al. From gridmap-file to VOMS: managing Authorization in a Grid environment. In Future Generation Computer Systems, Volume 21, Issue 4, 2005.
[8] R. del Campo. Federated Identity Management. Diploma thesis, University of Stuttgart, 2005
[9] Shibboleth Website – http://shibboleth.internet2.edu/
[10] Liberty Alliance Project. Liberty Alliance Project Whitepaper: Personal Identity. 2006
[11] Liberty Alliance Project. Liberty ID-WSF a Web Services Framework. 2004
[12] Liberty Alliance Project. Liberty ID-FF Architecture Overview. 2005 http://www.sun.com/products-n-solutions/edu/newsletter/educonnection/jun04/insidetech01.html
[13] Gross, T. Security Analysis of the SAML Single Sign-on Browser/Artifact Profile. In Proc of the Annual Computer Security Application Conference, 2003.
[14] ”Access to knowledge through the Grid in a Mobile World” (AKOGRIMO) funded by the EC under the FP6-IST programme. http://www.mobilegrids.org/
[15] Security Assertion Markup Language (SAML) - OASIS Standards http://www.oasis-open.org/specs/index.php
[16] Simple Object Access Protocol (SOAP): – http://www.w3.org/TR/soap/
[17] Diameter-Website – http://www.diameter.org/
[18] IBM: Introduction to Diameter http://www-128.ibm.com/developerworks/library/wi-diameter/index.html
[19] The GEANT2 Website – http://www.geant2.net/
[20] Lopez, D. Federation Interoparability Made Possible By Design. TNC, 2006.
[21] ”Designing Advanced network Interfaces for the Delivery and Administration of Location independent, Optimised personal Services” (DAIDALOS) – http://www.ist-daidalos.org/


Source:
Proceedings of International Conference on Wireless and Mobile Communications (ICWMC); ISBN 0-7695-2796-5; copyright IEEE

URL:
full text (foreign link)

Syndicate our news.