By Topic

Towards Security Analyses of an Identity Federation Protocol for Web Services in Convergent Networks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)

We describe a formal approach to the analysis of security aspects of an identity federation protocol for Web services in convergent networks. This network protocol was proposed by Telecom Italia as a solution to allow end users to access services on the Web through different access networks without explicitly providing any credentials, while the service providers can trust the user's identity information provided by the access networks and access some user data. As a first step towards a fullblown formal security analysis of the protocol, we specify three user scenarios in the process algebra Crypto-CCS and verify the vulnerability of one of these specifications w.r.t. a man-in-the-middle attack with the model checker PaMoChSA.

Published in:

Telecommunications, 2007. AICT 2007. The Third Advanced International Conference on

Date of Conference:

13-19 May 2007