Enabling Federated Identity for E-Government

2011 ◽  
pp. 691-696
Author(s):  
T. Candia ◽  
P. Madsen
Keyword(s):  
Information Sharing ◽  
Identity Management ◽  
Cost Savings ◽  
Business Environment ◽  
The Core ◽  
The World ◽  
Overall Performance ◽  
Federated Identity Management ◽  
Secure Interoperability ◽  
Federated Identity

Today’s administrative and business environment calls for information sharing on an unprecedented scale, from government to business to citizen. Sharing and interoperating among agencies, businesses, and governments around the world create opportunities to simplify processes and unify work, as well as improve the overall performance of government. Secure interoperability, based on identity management solutions, enables substantial cost savings, streamlined processes and faster communication of vital information to the benefit of governments and citizens of all nations. At the core of this revolution is the concept of federated identity management and the need for standards that are open, interoperable and decentralized. In addition, such standards must allow for privacy safeguard across all sectors. The Liberty Alliance Project (Liberty Alliance, n.d.) was established to address this need and tackle the twin issues of standards and trust.

Enabling Federated Identity for E-Government

2011 ◽  
pp. 2761-2768
Author(s):  
Tanya Candia ◽  
Paul Madsen
Keyword(s):  
Information Sharing ◽  
Identity Management ◽  
Cost Savings ◽  
Business Environment ◽  
The Core ◽  
The World ◽  
Overall Performance ◽  
Federated Identity Management ◽  
Secure Interoperability ◽  
Federated Identity

Today’s administrative and business environment calls for information sharing on an unprecedented scale, from government to business to citizen. Sharing and interoperating among agencies, businesses, and governments around the world create opportunities to simplify processes and unify work, as well as improve the overall performance of government. Secure interoperability, based on identity management solutions, enables substantial cost savings, streamlined processes and faster communication of vital information to the benefit of governments and citizens of all nations. At the core of this revolution is the concept of federated identity management and the need for standards that are open, interoperable and decentralized. In addition, such standards must allow for privacy safeguard across all sectors. The Liberty Alliance Project (Liberty Alliance, n.d.) was established to address this need and tackle the twin issues of standards and trust.

FedCohesion: Federated Identity Management in the Marche Region

2012 ◽  
pp. 112-124 ◽  
Author(s):  
Serenella Carota ◽  
Flavio Corradini ◽  
Damiano Falcioni ◽  
Maria Laura Maggiulli ◽  
Fausto Marcantoni ◽  
...  
Keyword(s):  
Identity Management ◽  
Marche Region ◽  
Federated Identity Management ◽  
Federated Identity

On Cryptographically Strong Bindings of SAML Assertions to Transport Layer Security

2011 ◽  
Vol 3 (4) ◽  
pp. 20-35
Author(s):  
Florian Kohlar ◽  
Jörg Schwenk ◽  
Meiko Jensen ◽  
Sebastian Gajek
Keyword(s):  
Identity Management ◽  
Transport Layer ◽  
The Public ◽  
Web Technologies ◽  
Transport Layer Security ◽  
Man In The Middle ◽  
Federated Identity Management ◽  
Same Origin Policy ◽  
Security Guarantees ◽  
Federated Identity

In recent research, two approaches to protect SAML based Federated Identity Management (FIM) against man-in-the-middle attacks have been proposed. One approach is to bind the SAML assertion and the SAML artifact to the public key contained in a TLS client certificate. Another approach is to strengthen the Same Origin Policy of the browser by taking into account the security guarantees TLS gives. This work presents a third approach which is of further interest beyond IDM protocols, especially for mobile devices relying heavily on the security offered by web technologies. By binding the SAML assertion to cryptographically derived values of the TLS session that has been agreed upon between client and the service provider, this approach provides anonymity of the (mobile) browser while allowing Relying Party and Identity Provider to detect the presence of a man-in-the-middle attack.

2-clickAuth

2011 ◽  
Vol 3 (2) ◽  
pp. 1-18
Author(s):  
Anna Vapen ◽  
Nahid Shahmehri
Keyword(s):  
Web Sites ◽  
Identity Management ◽  
Ease Of Use ◽  
Internet Users ◽  
Short Period ◽  
Web Camera ◽  
Single Identity ◽  
Federated Identity Management ◽  
Federated Identity ◽  
Identity Provider

Internet users often have usernames and passwords at multiple web sites. To simplify things, many sites support federated identity management, which enables users to have a single account allowing them to log on to different sites by authenticating to a single identity provider. Most identity providers perform authentication using a username and password. Should these credentials be compromised, all of the user’s accounts become compromised. Therefore a more secure authentication method is desirable. This paper implements 2-clickAuth, a multimedia-based challenge-response solution which uses a web camera and a camera phone for authentication. Two-dimensional barcodes are used for the communication between phone and computer, which allows 2-clickAuth to transfer relatively large amounts of data in a short period of time. 2-clickAuth is more secure than passwords while easy to use and distribute. 2-clickAuth is a viable alternative to passwords in systems where enhanced security is desired, but availability, ease-of-use, and cost cannot be compromised. This paper implements an identity provider in the OpenID federated identity management system that uses 2-clickAuth for authentication, making 2-clickAuth available to all users of sites that support OpenID, including Facebook, Sourceforge, and MySpace.

Sign in / Sign up

Export Citation Format

Share Document