论文信息 - An Authentication Trust Metric for Federated Identity Management Systems

An Authentication Trust Metric for Federated Identity Management Systems

A formalisation of authentication trust is proposed for federated identity management systems. Identity federation facilitates user interaction with Web services that control access, but it is more difficult for a service provider to evaluate the assurance of a user's identity if the creation and propagation of user authentication assertions involve different authentication authorities and mediators. On the basis of this formal representation, an aggregated trust value is calculated for evaluating the trustworthiness of a user's identity from the user's authentication assertions propagated through multiple entities.

Hidehito Gomi

[1] Abhilasha Bhargav-Spantzel,et al. User centricity: a taxonomy and open issues , 2006, DIM '06.

[2] Martín Abadi,et al. A calculus for access control in distributed systems , 1991, TOPL.

[3] Thomas Beth,et al. Valuation of Trust in Open Networks , 1994, ESORICS.

[4] David M. Nicol,et al. A calculus of trust and its application to PKI and identity management , 2009, IDtrust '09.

[5] Yong Chen,et al. End-to-End Trust Starts with Recognition , 2003, SPC.

[6] Javier López,et al. A Model for Trust Metrics Analysis , 2008, TrustBus.

[7] Christoph Meinel,et al. Using quantified trust levels to describe authentication requirements in federated identity management , 2008, SWS '08.

[8] Michael K. Reiter,et al. Authentication metric analysis and design , 1999, TSEC.

[9] Audun Jøsang,et al. A survey of trust and reputation systems for online service provision , 2007, Decis. Support Syst..

[10] Dieter Gollmann,et al. Computer Security — ESORICS 94 , 1994, Lecture Notes in Computer Science.

[11] Stephen Farrell,et al. End-to-end trust in pervasive computing starts with recognition , 2003 .

[12] Andrés Marín López,et al. Towards dynamic trust establishment for identity federation , 2009, EATIS.