论文信息 - Architecture Patterns for a Ubiquitous Identity Management System

Architecture Patterns for a Ubiquitous Identity Management System

The design of an Identity Management System (IdM) must strike a balance between protocol overhead, software footprint and security level in order to operate successfully under the resource constraints found in mobile and wireless systems. But, what is good for a constrained system is also good for everyone else, in the sense that reduced overhead benefits all business application processing. This paper contributes to the discussion of IdM construction by suggesting patterns that preserves existing investments, maintains adaptability, scalability and modularity of the IdM. It also provides a discussion where security level is balanced with other non-functional requirements, which is seen less often in security research. A prototypical IdM systems built upon the proposed principles is also presented to some detail.

Anders Fongen | A. Fongen

[1] E.B. Fernandez,et al. A Pattern Language for Identity Management , 2007, 2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07).

[2] Ravi S. Sandhu,et al. The NIST model for role-based access control: towards a unified standard , 2000, RBAC '00.

[3] Anders Fongen. Scalability analysis of selected certificate validation scenarios , 2010, 2010 - MILCOM 2010 MILITARY COMMUNICATIONS CONFERENCE.

[4] Carl Wallace,et al. Practical and secure trust anchor management and usage , 2010, IDTRUST '10.

[5] Elisa Bertino,et al. Establishing and protecting digital identity in federation systems , 2005, DIM '05.

[6] Phillip Hallam-Baker,et al. Web services security: soap message security , 2003 .

[7] Jeff Hodges,et al. Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2. 0 , 2001 .