Skip to Main Content
We propose a delegation function on Web-based applications federated with a single sign-on system, in which users are authenticated by their electronic certificate, based on SAML protocol. The function enables a delegatee to access Web-based business applications instead of delegator. In order to realize the function, we first design the contents and issuing process of the electronic ''delegation certificate'' using extended certificate authority system, from a view point of easy and secure operation. Next, delegation operation between delegator and delegatee is realized in the extended single sign-on system with identity provider and several service providers by using SAML protocol, without customizing Web-application. Finally we evaluate proposed system through several kinds of operation. The experimental usage by some delegators and delegatees indicates that the delegation function and its system is sufficiently acceptable because of easy operation.
Date of Conference: 20-24 July 2009