Identity Management : concepts, technologies, and systems /
Saved in:
| Author / Creator: | Bertino, Elisa. |
|---|---|
| Imprint: | Boston, MA ; London : Artech House, 2010. |
| Description: | 1 online resource (196 pages) : illustrations. |
| Language: | English |
| Series: | Information security and privacy series Artech House information security and privacy series. |
| Subject: | |
| Format: | E-Resource Book |
| URL for this record: | http://pi.lib.uchicago.edu/1001/cat/bib/11244947 |
Table of Contents:
- 1. Introduction
- 1.1. Stakeholders and Business Opportunities
- 1.2. Identity Ecosystem and Key Trends
- 1.3. Challenges in Identity Management
- 1.4. Overview of This Book
- References
- 2. What Is Identity Management?
- 2.1. Stakeholders and Their Requirements
- 2.1.1. Subjects
- 2.1.2. Identity Providers
- 2.1.3. Relying Parties
- 2.1.4. Control Parties
- 2.1.5. Relationships Between Stakeholders
- 2.2. Identity Life Cycle
- 2.2.1. Creation
- 2.2.2. Usage
- 2.2.3. Update
- 2.2.4. Revocation
- 2.2.5. Governance
- 2.3. Identity Assurance
- References
- 3. Fundamental Technologies and Processes
- 3.1. Credentials
- 3.1.1. Basic Concepts
- 3.1.2. Public-Key Certificates and Public-Key Infrastructures
- 3.1.3. Attribute and Authorization Certificates
- 3.1.4. Credential Delegation
- 3.1.5. Proxy Certificates
- 3.2. Single Sign-On
- 3.2.1. Kerberos Protocols
- 3.2.2. Reverse Proxy-Based SSO
- 3.3. Attribute Federation
- 3.3.1. Distributed Mediation
- 3.3.2. Single Party-Based Mediation
- 3.4. Privacy
- 3.4.1. Pseudonym Systems
- 3.4.2. Anonymous Credentials
- 3.5. Assurance and Compliance
- References
- 4. Standards and Systems
- 4.1. Overview
- 4.2. OASIS Security Assertion Markup Language (SAML)
- 4.2.1. Overview
- 4.2.2. Specification Structure
- 4.2.3. Web SSO
- 4.2.4. Use Cases
- 4.3. Liberty Identity Web Services Framework
- 4.3.1. Opt-In Discovery Registration
- 4.3.2. Dynamic Acquisition of Consent from Subjects
- 4.3.3. Federated Identity-Based Access Control
- 4.3.4. Pseudonym Mapping
- 4.3.5. Use Cases
- 4.4. OpenID
- 4.4.1. Overview
- 4.4.2. Authentication
- 4.4.3. Attribute Exchange (AX)
- 4.4.4. Provider Authentication Policy Extension (PAPE)
- 4.4.5. Simple Registration (SREG)
- 4.4.6. Use Cases
- 4.5. Information Card-Based Identity Management (IC-IDM)
- 4.5.1. Overview
- 4.5.2. WS-MetadataExchange
- 4.5.3. WS-Trust
- 4.5.4. Use Cases
- 4.6. Towards Interoperability
- 4.6.1. Use Cases
- 4.6.2. Comparative Analysis of SAML, OpenID, and Information Cards
- 4.7. Security Analysis
- 4.7.1. Confidentiality
- 4.7.2. Integrity
- 4.7.3. Availability
- 4.7.4. Repudiation
- 4.7.5. Authentication
- 4.7.6. Authorization
- 4.8. Privacy Analysis
- 4.9. Research Prototypes
- 4.9.1. SASSO
- 4.9.2. VeryIDX
- 4.9.3. SWIFT
- 4.9.4. Emerging Areas: Social Networks, Mobile, and Cloud Computing
- References
- 5. Challenges
- 5.1. Usability
- 5.1.1. Usability Principles and Requirements
- 5.1.2. Evaluating the Usability of Identity Management Solutions
- 5.1.3. Antiphishing Measures
- 5.2. Access Control
- 5.3. Privacy Protection
- 5.3.1. Privacy Policies
- 5.3.2. Anonymization of Personally Identifiable Information and Privacy-Preserving Data Mining
- 5.3.3. Privacy Protection in Emerging Services
- 5.4. Trust Management
- 5.4.1. Reputation of the Party
- 5.4.2. Objective Verification of Certain Party Characteristics
- 5.4.3. Possession of Credentials Attesting Certain Party Identity Information
- 5.4.4. Trust in the Context of Identity Management
- 5.5. Interoperability Challenge
- 5.5.1. Universal User Experiences
- 5.5.2. Naming Heterogeneity Management
- 5.6. Biometrics
- References
- 6. Conclusions
- References
- About the Authors
- Index