Consistency of user attribute in federated systems
Pham, Quan, McCullagh, Adrian J., & Dawson, Edward P. (2007) Consistency of user attribute in federated systems. In Lambrinoudakis, Costas, Pernul, Gunther, & Min Tjoa, A. (Eds.) Lecture Notes in Computer Science, Springer, Regensburg, Germany, pp. 165-177.
In a federated system, it is not uncommon for a user profile registered to a particular system to contain enough attributes to request services from that system. Other attributes may be missing from that profile when services are requested from another system. The problem is that currently, when a change in user attributes happens, it is very difficult for the federation to incorporate the changes in order to resolve the conflict of attributes and maintain the consistency of attributes of users between different systems. Currently ready-for-deploy systems such as Liberty Alliance, Microsoft Windows CardSpace (formerly InfoCard) and Shibboleth do not address this issue efficiently. In general, consistency issues of user attributes in federated system via a 2-dimentional view: consistency between member systems (horizontal consistency) and consistency between federation and local system (vertical consistency). In this paper, we discuss the issue of horizontal consistency to achieve better interoperability and fine-granularity for access control decisions in a federated system by analysing the two approaches to achieve the consistency of user attributes: attribute synchronisation and delegation.
Impact and interest:
Citation counts are sourced monthly from and citation databases.
These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.
Citations counts from theindexing service can be viewed at the linked Google Scholar™ search.
Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.
|Item Type:||Conference Paper|
|Keywords:||Access Control, Role Based Access Control, Identity Management, Federation, Federated System, Attribute Synchronisation, Delegation|
|Subjects:||Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > DATA FORMAT (080400) > Data Format not elsewhere classified (080499)|
|Divisions:||Past > Schools > Computer Science
Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Institutes > Information Security Institute
|Copyright Owner:||Copyright 2007 Springer|
|Copyright Statement:||This is the author-version of the work. Conference proceedings published, by Springer Verlag, will be available via SpringerLink. http://www.springer.de/comp/lncs/ Lecture Notes in Computer Science|
|Deposited On:||20 Oct 2008 00:00|
|Last Modified:||29 Feb 2012 13:31|
Repository Staff Only: item control page