product iamge

Identity Management: Concepts, Technologies, and Systems

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Download
Search on Amazon

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

Digital identity can be defined as the digital representation of the information known about a specific individual or organization. Digital identity management technology is an essential function in customizing and enhancing the network user experience, protecting privacy, underpinning accountability in transactions and interactions, and complying with regulatory controls. This practical resource offers an in-depth understanding of how to design, deploy and assess identity management solutions. It provides a comprehensive overview of current trends and future directions in identity management, including best practices, the standardization landscape, and the latest research finding.

Author(s): Elisa Bertino, Kenji Takahashi
Series: Artech House Information Security and Privacy
Publisher: Artech House Publishers
Year: 2011

Language: English
Pages: 198

Identity Management: Concepts, Technologies, and Systems......Page 1
Contents......Page 5
1 Introduction......Page 11
1.1 Stakeholders and Business Opportunities......Page 12
1.2 Identity Ecosystem and Key Trends......Page 14
1.4 Overview of This Book......Page 18
References......Page 19
2 What Is Identity Management?......Page 21
2.1 Stakeholders and Their Requirements......Page 25
2.1.3 Relying Parties......Page 27
2.2 Identity Life Cycle......Page 29
2.2.1 Creation......Page 30
2.2.2 Usage......Page 32
2.2.3 Update......Page 34
2.2.4 Revocation......Page 35
2.2.5 Governance......Page 36
2.3 Identity Assurance......Page 37
References......Page 41
3 Fundamental Technologies andProcesses......Page 45
3.1 Credentials......Page 46
3.1.2 Public-Key Certificates and Public-Key Infrastructures......Page 48
3.1.3 Attribute and Authorization Certificates......Page 51
3.1.4 Credential Delegation......Page 52
3.1.5 Proxy Certificates......Page 54
3.2 Single Sign-On......Page 55
3.2.1 Kerberos Protocols......Page 57
3.2.2 Reverse Proxy-Based SSO......Page 60
3.3 Attribute Federation......Page 61
3.3.2 Single Party–Based Mediation......Page 63
3.4 Privacy......Page 65
3.4.1 Pseudonym Systems......Page 66
3.4.2 Anonymous Credentials......Page 68
3.5 Assurance and Compliance......Page 70
References......Page 71
4 Standards and Systems......Page 75
4.1 Overview......Page 76
4.2.1 Overview......Page 77
4.2.2 Specification Structure......Page 79
4.2.3 Web SSO......Page 86
4.2.4 Use Cases......Page 92
4.3 Liberty Identity Web Services Framework......Page 93
4.3.1 Opt-In Discovery Registration......Page 96
4.3.5 Use Cases......Page 97
4.4.2 Authentication......Page 98
4.4.4 Provider Authentication Policy Extension (PAPE)......Page 101
4.4.6 Use Cases......Page 102
4.5.1 Overview......Page 104
4.5.4 Use Cases......Page 108
4.6 Towards Interoperability......Page 110
4.6.1 Use Cases......Page 111
4.6.2 Comparative Analysis of SAML, OpenID, and Information Cards......Page 119
4.7 Security Analysis......Page 121
4.7.1 Confidentiality......Page 122
4.7.2 Integrity......Page 126
4.7.3 Availability......Page 127
4.7.4 Repudiation......Page 128
4.7.6 Authorization......Page 129
4.8 Privacy Analysis......Page 130
4.9 Research Prototypes......Page 131
4.9.1 SASSO......Page 132
4.9.2 VeryIDX......Page 133
4.9.4 Emerging Areas: Social Networks, Mobile, and Cloud Computing......Page 134
References......Page 139
5 Challenges......Page 147
5.1.1 Usability Principles and Requirements......Page 148
5.1.2 Evaluating the Usability of Identity Management Solutions......Page 151
5.1.3 Antiphishing Measures......Page 152
5.2 Access Control......Page 153
5.3 Privacy Protection......Page 155
5.3.1 Privacy Policies......Page 156
5.3.2 Anonymization of Personally Identifiable Information and Privacy-Preserving Data Mining......Page 162
5.3.3 Privacy Protection in Emerging Services......Page 166
5.4.1 Reputation of the Party......Page 167
5.4.3 Possession of Credentials Attesting Certain Party Identity Information......Page 168
5.5 Interoperability Challenge......Page 169
5.5.2 Naming Heterogeneity Management......Page 170
5.6 Biometrics......Page 171
References......Page 175
6 Conclusions......Page 181
References......Page 185
About the Authors......Page 187
Index......Page 189