Research Article
A Federated Identity Management System with Centralized Trust and Unified Single Sign-On
@INPROCEEDINGS{10.1109/ChinaCom.2011.6158260, author={Jian Jiang and Haixin Duan and Tao Lin and Fenglin Qin and Hong Zhang}, title={A Federated Identity Management System with Centralized Trust and Unified Single Sign-On}, proceedings={6th International ICST Conference on Communications and Networking in China}, publisher={IEEE}, proceedings_a={CHINACOM}, year={2012}, month={3}, keywords={federated identity management (fim) single sign-on (sso) indirect authentication exchange}, doi={10.1109/ChinaCom.2011.6158260} }- Jian Jiang
Haixin Duan
Tao Lin
Fenglin Qin
Hong Zhang
Year: 2012
A Federated Identity Management System with Centralized Trust and Unified Single Sign-On
CHINACOM
IEEE
DOI: 10.1109/ChinaCom.2011.6158260
Abstract
Federated identity management (FIM) is an effective technology that allows multiple organizations to share resources with each other. Proposed FIM solutions have faced deployment and maintenance barriers caused by lack of effective trust management mechanism. In this paper, we present a FIM system with a centralized trust management component named TSP. TSP can automatically establish trust relationship between federation parties in runtime with inexpensive overhead. We also propose a new interaction mode, indirect authentication exchange, to unify network access authentication with application level Single Sign-On (SSO) as an integrated one-step authentication. With the features of centralized trust management and indirect authentication exchange, FIM system can be more easily and flexibly deployed and maintained. We have implemented a prototype to demonstrate the feasibility of proposed features.