By Topic

Policy languages for digital identity management in federation systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
E. Bertino ; CERIAS, Purdue Univ., West Lafayette, IN, USA ; A. Bhargav-Spantzel ; A. C. Squicciarini

The goal of service provider federations is to support a controlled method by which distributed organizations can provide services to qualified individuals and manage their identity attributes at an inter-organizational level. In order to make access control decisions the history of activities should be accounted for, therefore it is necessary to record information on interactions among the federation entities. To achieve these goals we propose a comprehensive assertion language able to support description of static and dynamic properties of the federation system. The assertions are a powerful means to describe the behavior of the entities interacting in the federation, and to define policies controlling access to services and privacy policies. We also propose a log-based approach for capturing the history of activities within the federation implemented as a set of tables stored at databases at the various organizations in the federation. We illustrate how, by using different types of queries on such tables, security properties of the federation can be verified

Published in:

Seventh IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'06)

Date of Conference:

5-7 June 2006