Consistency of user attribute in federated systems

Pham, Quan, McCullagh, Adrian J., & Dawson, Edward P. (2007) Consistency of user attribute in federated systems. In Lambrinoudakis, Costas, Pernul, Gunther, & Min Tjoa, A. (Eds.) Lecture Notes in Computer Science, Springer, Regensburg, Germany, pp. 165-177.

View at publisher


In a federated system, it is not uncommon for a user profile registered to a particular system to contain enough attributes to request services from that system. Other attributes may be missing from that profile when services are requested from another system. The problem is that currently, when a change in user attributes happens, it is very difficult for the federation to incorporate the changes in order to resolve the conflict of attributes and maintain the consistency of attributes of users between different systems. Currently ready-for-deploy systems such as Liberty Alliance, Microsoft Windows CardSpace (formerly InfoCard) and Shibboleth do not address this issue efficiently. In general, consistency issues of user attributes in federated system via a 2-dimentional view: consistency between member systems (horizontal consistency) and consistency between federation and local system (vertical consistency). In this paper, we discuss the issue of horizontal consistency to achieve better interoperability and fine-granularity for access control decisions in a federated system by analysing the two approaches to achieve the consistency of user attributes: attribute synchronisation and delegation.

Impact and interest:

2 citations in Scopus
Search Google Scholar™
1 citations in Web of Science®

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

126 since deposited on 20 Oct 2008
4 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 15265
Item Type: Conference Paper
Refereed: Yes
Keywords: Access Control, Role Based Access Control, Identity Management, Federation, Federated System, Attribute Synchronisation, Delegation
DOI: 10.1007/978-3-540-74409-2_19
ISBN: 9783540744085
ISSN: 1611-3349
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > DATA FORMAT (080400) > Data Format not elsewhere classified (080499)
Divisions: Past > Schools > Computer Science
Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Institutes > Information Security Institute
Copyright Owner: Copyright 2007 Springer
Copyright Statement: This is the author-version of the work. Conference proceedings published, by Springer Verlag, will be available via SpringerLink. Lecture Notes in Computer Science
Deposited On: 20 Oct 2008 00:00
Last Modified: 29 Feb 2012 13:31

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page