Federated Identity Management Challenges

Federated Identity Management is considered a promising approach to facilitate secure resource sharing between collaborating partners. The adoption rate of identity federation technologies in the industrial domain, however, has not been as expected. A structured survey provides the basis for this paper, which reports on challenges related to Federated Identity Management. This paper presents a narrative of the main challenges that are reported in existing FIdM research, and provide a starting point to those who seek to learn more about these concepts.

[1]  Sebastian Rieger,et al.  User-Centric Identity Management in Heterogeneous Federations , 2009, 2009 Fourth International Conference on Internet and Web Applications and Services.

[2]  Gail-Joon Ahn,et al.  Managing privacy preferences for federated identity management , 2005, DIM '05.

[3]  J. H. Davis,et al.  An Integrative Model Of Organizational Trust , 1995 .

[4]  Uwe Glässer,et al.  Identity management architecture , 2008, 2008 IEEE International Conference on Intelligence and Security Informatics.

[5]  Audun Jøsang,et al.  Personal Federation Control with the Identity Dashboard , 2010, IDMAN.

[6]  Andrés Marín López,et al.  Enabling SAML for Dynamic Identity Federation Management , 2009, WMNC/PWC.

[7]  Elisa Bertino,et al.  Standards for Web Services Security , 2009 .

[8]  Hannes Hartenstein,et al.  Performance Evaluation of Identity and Access Management Systems in Federated Environments , 2009, Infoscale.

[9]  Patrick Patterson,et al.  Federated ID Management - Tackling Risk and Credentialing Users , 2007, ISSE.

[10]  Christoph Meinel,et al.  A message meta model for federated authentication in service-oriented architectures , 2009, 2009 IEEE International Conference on Service-Oriented Computing and Applications (SOCA).

[11]  Marco Casassa Mont,et al.  Assurance for federated identity management , 2010, J. Comput. Secur..

[12]  Andrés Marín López,et al.  Towards dynamic trust establishment for identity federation , 2009, EATIS.

[13]  Hannes Hartenstein,et al.  FedWare: Middleware Services to Cope with Information Consistency in Federated Identity Management , 2010, 2010 International Conference on Availability, Reliability and Security.

[14]  Christoph Meinel,et al.  Trust Requirements in Identity Federation Topologies , 2009, 2009 International Conference on Advanced Information Networking and Applications.

[15]  Barbara Kitchenham,et al.  Procedures for Performing Systematic Reviews , 2004 .

[16]  Feng Zeng,et al.  Towards a Dynamic Federation Framework Based on SAML and Automated Trust Negotiation , 2010, WISM.

[17]  Kenji Takahashi,et al.  Federated identity management for protecting users from ID theft , 2005, DIM '05.

[18]  Layth SLIMAN,et al.  Single Sign-On Integration in a Distributed Enterprise Service Bus , 2009, 2009 International Conference on Network and Service Security.

[19]  Elisa Bertino,et al.  Establishing and protecting digital identity in federation systems , 2005, DIM '05.

[20]  Hannes Hartenstein,et al.  A Consistency Model for Identity Information in Distributed Systems , 2010, 2010 IEEE 34th Annual Computer Software and Applications Conference.

[21]  Eve Maler,et al.  The Venn of Identity: Options and Issues in Federated Identity Management , 2008, IEEE Security & Privacy.

[22]  Seng-Phil Hong,et al.  Information Assurance in Federated Identity Management: Experimentations and Issues , 2004, WISE.

[23]  Don Smith,et al.  Federated ID: The challenge of federated identity management , 2008 .

[24]  Jostein Jensen,et al.  Benefits of Federated Identity Management - A Survey from an Integrated Operations Viewpoint , 2011, ARES.

[25]  Arvind Kumar Sharma,et al.  Survey on Federated Identity Management Systems , 2010 .

[26]  Susan Landau,et al.  Achieving Privacy in a Federated Identity Management System , 2009, Financial Cryptography.

[27]  Matteo Gaeta,et al.  Management of Virtual Organizations , 2010, Service Oriented Infrastructures and Cloud Service Platforms for the Enterprise.

[28]  Yi Mu,et al.  A Generic Construction of Dynamic Single Sign-on with Strong Security , 2010, SecureComm.

[29]  Marco Casassa Mont,et al.  On identity assurance in the presence of federated identity management systems , 2007, DIM '07.

[30]  Angelo Gaeta,et al.  Aspects of General Security & Trust , 2010, Service Oriented Infrastructures and Cloud Service Platforms for the Enterprise.

[31]  Steffen Bayer,et al.  Business dynamics: Systems thinking and modeling for a complex world , 2004 .

[32]  Anna Cinzia Squicciarini,et al.  Privacy policies compliance across digital identity management systems , 2008, SPRINGL '08.

[33]  William R. Claycomb,et al.  Authenticated Dictionary-Based Attribute Sharing in Federated Identity Management , 2009, 2009 Sixth International Conference on Information Technology: New Generations.

[34]  George Beckett,et al.  Service Oriented Infrastructures and Cloud Service Platforms for the Enterprise , 2010 .