Introducing Infocards in NGN to Enable User-Centric Identity Management

With the rapid evolution of networks and the widespread penetration of mobile devices with increasing capabilities, that have already become a commodity, we are getting a step closer to ubiquity. Thus, we are moving a great part of our lives from the physical world to the online world, i.e. social interactions, business transactions, relations with government administrations, etc. However, while identity verification is easy to handle in the real world, there are many unsolved challenges when dealing with digital identity management, especially due to the lack of user awareness when it comes to privacy. Thus, with the aim to enhance the navigation experience and security in multiservice and multiprovider environments the user must be empowered to control how her attributes are shared and disclosed between different domains.With these goals on mind, we leverage the benefits of the Infocard technology and introduce this usercentric paradigm into the emerging NGN architectures. This paper proposes a way to combine the gains of a SAML federation between service and identity providers with the easiness for the final user of the Inforcard System using the well known architectural schema of IP Multimedia Subsystem.

[1]  Ivan Marsá-Maestre,et al.  An Infocard-Based Proposal for Unified Single Sign on , 2009, 2009 Ninth Annual International Symposium on Applications and the Internet.

[2]  Phillip Hallam-Baker,et al.  Web services security: soap message security , 2003 .

[3]  Srecko Brlek,et al.  Some Remarks on the Certificates Registration of the Electronic Commerce Protocol SET , 2006, Advanced Int'l Conference on Telecommunications and Int'l Conference on Internet and Web Applications and Services (AICT-ICIW'06).

[4]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[5]  Andrés Marín López,et al.  A General IMS Registration Protocol for Wireless Networks Interworking , 2009, WMNC/PWC.

[6]  K. Cameron The Laws of Identity , 2005 .

[7]  John Hughes,et al.  Security Assertion Markup Language (SAML) 2.0 Technical Overview , 2004 .

[8]  Zhikui Chen A Privacy Enabled Service Authorization Based on a User-centric Virtual Identity Management System , 2007, 2007 Second International Conference on Communications and Networking in China.