2 research outputs found
CAFS: A Framework for Context-Aware Federated Services
In this paper we explore two issues: Federated Identity Management and Context-Aware Services. In the last decade or so we have seen these two technologies gaining considerable popularities as they offer a number of benefits to the user and other stakeholders. However, there are a few outstanding security and privacy issues that need to be resolved to harness the full potential of such services. We believe that these problems can be reduced significantly by integrating the federated identity architecture into the context-aware services. With this aim, we have developed a framework for Context-Aware Federated Services based on the Security Assertion Markup Language (SAML) and extensible Access Control Markup Language (XACML) standards. We have illustrated the applicability of our approach by showcasing some use-cases, analysed the security, privacy and trust issues involved in the framework and the advantages it offers
Portable personal identity provider in mobile phones
This paper analyses the prospect of having a
Portable Personal Identity Provider (PPIdP, in short) in the
mobile phone. The ubiquitous presence of powerful mobile
phones equipped with high speed networks can be utilised to
make the mobile phone act as a portable and personal Identity
Provider (IdP, in short) on behalf of their users. Such an IdP
would be helpful for the user in the sense that it will provide
a central location to manage different user attributes which
are generally scattered among different service providers in
the traditional setting of online services. In addition, the user
needs to trust the provider to store those attributes securely
which may not be always honoured and crucial user attributes
may be abused. Creating a Personal Identity Federation using
a personal IdP can tackle many of these stated problems.
Moreover, such an IdP may provide additional advantages. We
have developed such a Mobile IdP for the Android platform
based on the Security Assertion Markup Language (SAML)
and OpenID as a proof of concept using the Jetty Web Server.
In this paper, we discuss the functionalities of our developed
IdP and the technical challenges we have faced. Moreover, we
analyse the security, privacy and trust issues involved in having
such an IdP and the advantages it offers