Quantified Trust Levels for Authentication

Service-oriented Architectures (SOAs) facilitate applications to integrate seamlessly services from collaborating business partners regardless of organizational borders. In order to secure access to these services, mechanisms for authentication and authorisation must be deployed that control the access based on identity-related information. To enable a business partners’ users to access the provided services, an identity federation is often established that enables the brokering of identity information across organisational borders. The establishment of such a federation requires complex agreements and contracts that define common policies, obligations and procedures. Generally, this includes obligations on the authentication process as well.

[1]  Moshe Zviran,et al.  Password Security: An Empirical Study , 1999, J. Manag. Inf. Syst..

[2]  Jin-Young Choi,et al.  Security Analysis of RFID Authentication for Pervasive Systems using Model Checking , 2006, 30th Annual International Computer Software and Applications Conference (COMPSAC'06).

[3]  Edward F. Gehringer Choosing passwords: security and human factors , 2002, IEEE 2002 International Symposium on Technology and Society (ISTAS'02). Social Implications of Information and Communication Technology. Proceedings (Cat. No.02CH37293).

[4]  J. Fierrez-Aguilar,et al.  On the Vulnerability of Fingerprint Verification Systems to Fake Fingerprints Attacks , 2006, Proceedings 40th Annual 2006 International Carnahan Conference on Security Technology.

[5]  A.W.K. Kong,et al.  Analysis of Brute-Force Break-Ins of a Palmprint Authentication System , 2006, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[6]  James M. Tien,et al.  An intrinsic assessment and comparison of biometric systems through wavelet analysis , 2003, SMC'03 Conference Proceedings. 2003 IEEE International Conference on Systems, Man and Cybernetics. Conference Theme - System Security and Assurance (Cat. No.03CH37483).

[7]  David Zhang,et al.  Three measures for secure palmprint identification , 2008, Pattern Recognit..

[8]  Julie Thorpe,et al.  Analyzing User Choice in Graphical Passwords , 2004 .

[9]  Brendan Boyle,et al.  E-Government in New Zealand , 2003 .

[10]  Zhengping Wu,et al.  Requirements of federated trust management for service-oriented architectures , 2006, International Journal of Information Security.

[11]  Alan F. Blackwell,et al.  The memorability and security of passwords – some empirical results , 2000 .

[12]  Sharath Pankanti,et al.  Biometric Recognition: Security and Privacy Concerns , 2003, IEEE Secur. Priv..

[13]  조영섭,et al.  OASIS SAML(Security Assertion Markup Language) v2.0 고찰 및 활용 , 2006 .

[14]  Deepak Goel,et al.  RATING: rigorous assessment of trust in identity management , 2006, First International Conference on Availability, Reliability and Security (ARES'06).