The Experts below are selected from a list of 5964 Experts worldwide ranked by ideXlab platform
Subir Saha - One of the best experts on this subject based on the ideXlab platform.
-
Identity Federation for VoIP systems
Journal of Computer Security, 2010Co-Authors: Samir Dilipkumar Saklikar, Subir SahaAbstract:Identity Federation enables Users to effectively manage their multiple Identities spread across different administrative domains. It leverages trust between the Identity Providers to allow Users to federate and share their Identity information to receive cross-domain Identity benefits. In this paper, we argue that with increasing number of VoIP providers as well as the ability for Users to host and self-manage their own VoIP Identities, an Identity Federation-based solution is required for VoIP as well. The paper analyzes differences for Identity Federation within VoIP scenarios, as compared to existing Web-based scenarios. We propose the VoIP Identity Federation Framework, enabling a User to establish Identity Federation as well as the assertion of any relevant Identity information from one VoIP context to another. The framework is designed using simple application-usage agnostic primitives viz. federate-out and federate-in, which can be applied within any VoIP Protocol scenario. One of the primary design goals has been to model these enablers as an independent protocol, so that they can be piggybacked on any of the existing VoIP protocol scenarios. As a result, Identity Federation benefits can be easily applied to any existing or future VoIP-based application usages. Another important aspect is to enable sufficient User control within the Identity Federation framework. We also present a set of exemplary yet novel use-cases enabled by the proposed framework.
-
Identity Federation based mobile messaging
Consumer Communications and Networking Conference, 2008Co-Authors: Samir Saklikar, Subir SahaAbstract:This paper proposes an Identity Federation-based Mobile Messaging Framework. It leverages the existing Identity Federation concepts, with enhancements for adapting them to a Mobile Messaging scenario. We further present how the framework, can enable User Control and Privacy, with regards to their Mobile Messaging-based service invocations. Application providers can be issued dynamic transaction-based transient authorizations, which can be delegated to further Application providers for service composition-based use-cases. At the same time, the Mobile Service Provider, by virtue of having an authentication and billing-based relationship with the User, is guaranteed a place in the MM-based services value chain. We also present a set of exemplary, yet novel use-cases, enabled by the framework.
-
Identity Federation for voip based services
Digital Identity Management, 2007Co-Authors: Samir Dilipkumar Saklikar, Subir SahaAbstract:Identity Federation enables managing a single User's multiple Identities across administrative domains. Instead of forcing a single Identity for the User, it leverages trust between Service Providers to share User Identity information viz. Authentication, Authorization and Attributedetails. Users can federate their multiple Identities at different domains, for combined cross-domain benefits such as Single Sign On(SSO) on the Internet. In this paper, we analyze and present how the power of Identity Federation can be used within VoIP, to offer a more flexible and capable service environment to the User. Also, Identity Federationcan save VoIP, from any impending challenges of "Identity multiplicity" arising from the presence of numerous Service Providers. We select the Session Initiation Protocol (SIP) and argue that in order to achieve its true potential of a pervasive VoIP platform, SIP needs a way for supporting "mobility across multiple User Identities". The paperanalyzes differences in introducing Identity Federation for VoIP, as compared to HTTP-based services and identifies additional benefits that are possible for VoIP entities. An important aspect is that of user control over Identity Federation enablement and usage, keeping in line with the SIP design philosophy. We propose a user-controlled Identity Federation sub-layer within SIP, so that Federation benefitscan be leveraged to all kinds of multimedia applications. We also present a set of exemplary yet novel use-cases enabled by the framework.
-
Digital Identity Management - Identity Federation for voip-based services
Proceedings of the 2007 ACM workshop on Digital identity management - DIM '07, 2007Co-Authors: Samir Dilipkumar Saklikar, Subir SahaAbstract:Identity Federation enables managing a single User's multiple Identities across administrative domains. Instead of forcing a single Identity for the User, it leverages trust between Service Providers to share User Identity information viz. Authentication, Authorization and Attributedetails. Users can federate their multiple Identities at different domains, for combined cross-domain benefits such as Single Sign On(SSO) on the Internet. In this paper, we analyze and present how the power of Identity Federation can be used within VoIP, to offer a more flexible and capable service environment to the User. Also, Identity Federationcan save VoIP, from any impending challenges of "Identity multiplicity" arising from the presence of numerous Service Providers. We select the Session Initiation Protocol (SIP) and argue that in order to achieve its true potential of a pervasive VoIP platform, SIP needs a way for supporting "mobility across multiple User Identities". The paperanalyzes differences in introducing Identity Federation for VoIP, as compared to HTTP-based services and identifies additional benefits that are possible for VoIP entities. An important aspect is that of user control over Identity Federation enablement and usage, keeping in line with the SIP design philosophy. We propose a user-controlled Identity Federation sub-layer within SIP, so that Federation benefitscan be leveraged to all kinds of multimedia applications. We also present a set of exemplary yet novel use-cases enabled by the framework.
Wei Peng - One of the best experts on this subject based on the ideXlab platform.
-
NPC - LDAPRoam: A Generic Solution for Both Web-Based and Non-Web-Based Federate Access
Lecture Notes in Computer Science, 2019Co-Authors: Qi Feng, Wei PengAbstract:Identity Federation technology has been widely used in recent years. But the solution for federate access is totally different between the Web-Based and Non-Web-Based scenarios. Furthermore, it is highly limited for lack of support from Non-Web-Based scenarios now. This paper proposes a generic federate access solution based on LDAP roaming, which can provide reliable Identity roaming in any internet service. To service providers, our solution is transparent and looks like a LDAP. The paper first presents the difficulties in realizing LDAP roaming and discusses offers solutions to the implementation of LDAP roaming. Then it evaluates the easy integration and usability of LDAP roaming. Finally it compares the Generic Solution with the existing federal access solution.
Qi Feng - One of the best experts on this subject based on the ideXlab platform.
-
NPC - LDAPRoam: A Generic Solution for Both Web-Based and Non-Web-Based Federate Access
Lecture Notes in Computer Science, 2019Co-Authors: Qi Feng, Wei PengAbstract:Identity Federation technology has been widely used in recent years. But the solution for federate access is totally different between the Web-Based and Non-Web-Based scenarios. Furthermore, it is highly limited for lack of support from Non-Web-Based scenarios now. This paper proposes a generic federate access solution based on LDAP roaming, which can provide reliable Identity roaming in any internet service. To service providers, our solution is transparent and looks like a LDAP. The paper first presents the difficulties in realizing LDAP roaming and discusses offers solutions to the implementation of LDAP roaming. Then it evaluates the easy integration and usability of LDAP roaming. Finally it compares the Generic Solution with the existing federal access solution.
-
LDAPRoam: A Generic Solution for Both Web-Based and Non-Web-Based Federate Access
Network and Parallel Computing, 2019Co-Authors: Qi FengAbstract:Identity Federation technology has been widely used in recent years. But the solution for federate access is totally different between the Web-Based and Non-Web-Based scenarios. Furthermore, it is highly limited for lack of support from Non-Web-Based scenarios now. This paper proposes a generic federate access solution based on LDAP roaming, which can provide reliable Identity roaming in any internet service. To service providers, our solution is transparent and looks like a LDAP. The paper first presents the difficulties in realizing LDAP roaming and discusses offers solutions to the implementation of LDAP roaming. Then it evaluates the easy integration and usability of LDAP roaming. Finally it compares the Generic Solution with the existing federal access solution.
Josh Howlett - One of the best experts on this subject based on the ideXlab platform.
-
Identity Federations Beyond the Web: A Survey
IEEE Communications Surveys & Tutorials, 2014Co-Authors: Alejandro Pérez-méndez, Fernando Pereniguez-garcia, Rafael Marin-lopez, Gabriel Lopez-millan, Josh HowlettAbstract:Internet service providers have, in recent years, adopted Identity Federation technologies with a high degree of success. A typical Internet user will regularly use these in her daily use of the Internet, even if she does not notice it. For example, she will use these technologies when publishing a picture in Flickr, when sharing it with her friends in her Facebook wall, when she performs a roaming telephone call over the 3G network, or when she obtains access to the eduroam network at her university. Until recently, Identity Federation technologies were mainly applicable to web and network access services. However, the proliferation of new emerging infrastructures, such as the cloud and grids, is motivating service providers to consider new solutions capable of satisfying Identity Federation for any almost kind of Internet service (SSH, NFS, SMTP, Cloud, Grid, etc.). This has been called Identity Federation beyond the Web. International projects and standardization bodies have also been considering ways to satisfy this urgent need. This paper describes the unmet requirement for federating any other kind of (non-Web-based) Internet service. In particular, it provides a detailed survey of the two main proposals, i.e., Application Bridging for Federated Access Beyond Web (ABFAB) and Federated Kerberos (FedKERB), which are currently discussed to provide a solution for this new type of Federation, known as Identity Federations beyond the Web. Finally, this paper shows a fair comparison between both alternatives.
Jeremy Lardon - One of the best experts on this subject based on the ideXlab platform.
-
The User-Centric Vision Matches Credentials Exchanges
2009 International Conference on Availability Reliability and Security, 2009Co-Authors: Mikaël Ates, Jacques Fayolle, Christophe Gravier, Jeremy LardonAbstract:The users must face two main concerns in their digital lives, interactions and privacy, especially in Identity Federation architectures. Their environment and requestor client largely influence these concerns. A rich user environment issued from a user-centric vision on Identity management architectures may be helpful for usability and privacy. In this paper we expose facts about the Identity Federation and the user digital life concepts. We then shape a user environment dedicated to Identity management, and we establish some assumptions about future user environments and Identity credentials implementations.
-
ARES - The User-Centric Vision Matches Credentials Exchanges
2009 International Conference on Availability Reliability and Security, 2009Co-Authors: Mikaël Ates, Jacques Fayolle, Christophe Gravier, Jeremy LardonAbstract:The users must face two main concerns in their digital lives, interactions and privacy, especially in Identity Federation architectures. Their environment and requestor client largely influence these concerns. A rich user environment issued from a user-centric vision on Identity management architectures may be helpful for usability and privacy. In this paper we expose facts about the Identity Federation and the user digital life concepts. We then shape a user environment dedicated to Identity management, and we establish some assumptions about future user environments and Identity credentials implementations.
-
Complex Federation Architectures: Stakes, Tricks and Issues
2008Co-Authors: Mikaël Ates, Jacques Fayolle, Christophe Gravier, Jeremy LardonAbstract:In this article, we expose the basics of distributed Identity management systems and characterize what makes an Identity Federation architecture a singular one. We depict the evolutions and current trends of the interconnection of information systems by exposing what could be a global Identity management system issued from the convergence of multiple Identity Federations. Thereby, we expose the expected functionalities of such an architecture and we also describe the basic distributed Identity management mechanisms necessary for their deployment. Then, we discuss about privacy concerns and why some of these functionalities should be implemented carefully.
-
CSTST - Complex Federation architectures: stakes, tricks & issues
Proceedings of the 5th international conference on Soft computing as transdisciplinary science and technology - CSTST '08, 2008Co-Authors: Mikaël Ates, Jacques Fayolle, Christophe Gravier, Jeremy LardonAbstract:International audienceIn this article, we expose the basics of distributed Identity management systems and characterize what makes an Identity Federation architecture a singular one. We depict the evolutions and current trends of the interconnection of information systems by exposing what could be a global Identity management system issued from the convergence of multiple Identity Federations. Thereby, we expose the expected functionalities of such an architecture and we also describe the basic distributed Identity management mechanisms necessary for their deployment. Then, we discuss about privacy concerns and why some of these functionalities should be implemented carefully
-
Interoperability between Heterogeneous Federation Architectures: Illustration with SAML and WS-Federation
2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System, 2007Co-Authors: Mikaël Ates, Jacques Fayolle, Christophe Gravier, Jeremy Lardon, B. SauviacAbstract:Digital Identity management intra and inter information systems, and, service oriented architectures, are the roots of Identity Federation. This kind of security architectures aims at enabling information system interoperability. Existing architectures, however, do not consider interoperability of heterogeneous Federation architectures, which rely on different Federation protocols.In this paper, we try to initiate an in-depth reflection on this issue, through the comparison of two main Federation architecture specifications: SAML and WS-Federation. We firstly propose an overall outline of Identity Federation. We furthermore address the issue of interoperability for Federation architectures using a different Federation protocol. Afterwards, we compare SAML and WS-Federation. Eventually, we define the ways of convergence, and therefore, of interoperability.
