Vullings et al., 2007 - Google Patents
Secure federated authentication and authorisation to grid portal applications using saml and xacmlVullings et al., 2007
View PDF- Document ID
- 18258834729041564884
- Author
- Vullings E
- Dalziel J
- Buchhorn M
- Publication year
- Publication venue
- Journal of Research and Practice in Information Technology
External Links
Snippet
Internationally, the need for federated Identity & Access Management continues to grow, as it allows users to get Single Sign-On access to external resources (aka Service Providers) using their home account and some attributes that are being released securely by their …
- 238000005516 engineering process 0 description 16
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0815—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0807—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/104—Grouping of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0823—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Chadwick et al. | Role-based access control with X. 509 attribute certificates | |
| Carretero et al. | Federated identity architecture of the European eID system | |
| US9071594B2 (en) | Application identity design | |
| Basney et al. | CILogon: A federated X. 509 certification authority for cyberinfrastructure logon | |
| Bhatti et al. | An integrated approach to federated identity and privilege management in open systems | |
| US20170026362A1 (en) | Ticket generator for alternate authentication environments | |
| Machulak et al. | User-managed access to web resources | |
| Sinnott et al. | Shibboleth-based access to and usage of grid resources | |
| Mavridis et al. | Access control based on attribute certificates for medical intranet applications | |
| Taylor et al. | Implementing role based access control for federated information systems on the web | |
| Sinnott et al. | Supporting decentralized, security focused dynamic virtual organizations across the grid | |
| Karp et al. | Solving the transitive access problem for the services oriented architecture | |
| Pöhn et al. | Proven and modern approaches to identity management | |
| Marillonnet et al. | An Efficient User‐Centric Consent Management Design for Multiservices Platforms | |
| Vullings et al. | Secure federated authentication and authorisation to grid portal applications using saml and xacml | |
| Sinnott | Grid security | |
| Madsen et al. | Challenges to supporting federated assurance | |
| Beshiri et al. | Authentication and authorisation in service-oriented grid architecture | |
| Vullings et al. | Secure Federated Access to GRID applications using SAML/XACML | |
| Watt et al. | Federated authentication and authorisation for E-science | |
| Ferdous et al. | A hybrid model of attribute aggregation in federated identity management | |
| Rieger et al. | Towards usable and reasonable Identity Management in heterogeneous IT infrastructures | |
| Zhuravel | Enhancing Website Security: A Comparative Study of OAuth, SAML, and their Integration into HelpMe Office Hours System | |
| Jie et al. | Authentication and authorization infrastructure for Grids—issues, technologies, trends and experiences | |
| Jie et al. | A guanxi shibboleth based security infrastructure |