Improvements of Pan-European IDM Architecture to Enable Identity Delegation Based on X.509 Proxy Certificates and SAML

Sánchez García, Sergio and Gómez Oliva, Ana (2010). Improvements of Pan-European IDM Architecture to Enable Identity Delegation Based on X.509 Proxy Certificates and SAML. In: "4th IFIP WG 11.2 International Workshop, WISTP 2010", 12/04/2010 - 14/04/2010, Passau, Alemania. ISBN 978-3-642-12367-2.

Description

Title: Improvements of Pan-European IDM Architecture to Enable Identity Delegation Based on X.509 Proxy Certificates and SAML
Author/s:
  • Sánchez García, Sergio
  • Gómez Oliva, Ana
Item Type: Presentation at Congress or Conference (Article)
Event Title: 4th IFIP WG 11.2 International Workshop, WISTP 2010
Event Dates: 12/04/2010 - 14/04/2010
Event Location: Passau, Alemania
Title of Book: Proceedings of the 4th IFIP WG 11.2 International Workshop, WISTP 2010
Date: 2010
ISBN: 978-3-642-12367-2
Subjects:
Freetext Keywords: Identity delegation - Proxy Certificates - SAML - X.509 - eID - eIDM - electronic identity - electronic identity management systems
Faculty: E.U.I.T. Telecomunicación (UPM)
Department: Ingeniería y Arquitecturas Telemáticas [hasta 2014]
Creative Commons Licenses: Recognition - No derivative works - Non commercial

Full text

[img]
Preview
PDF - Requires a PDF viewer, such as GSview, Xpdf or Adobe Acrobat Reader
Download (346kB) | Preview

Abstract

To foster the secure use of telematic services provided by public institutions, most European countries – and others in the rest of the world – are promoting electronic identification systems among their citizens to enable fully reliable identification. However, in today’s globalized environment, it is becoming more common for citizens and entities of a given country, with their own electronic credentials under the legal framework of their country, to seek access to the public services provided by other countries with different legal frameworks and credentials. At present, a number of projects in the European Union are attempting to solve the problem through the use of pan-European identity management systems that ensure interoperability between the public institutions of different Member States. However, the solutions adopted to date are inadequate, for they do not envision all possible cases of user interaction with institutions. Specifically, they fail to address a very important aspect provided in different national legal systems, namely delegation of identity, by which a citizen can authorize another to act on his or her behalf in accessing certain services provided by public institutions. This paper provides a thorough analysis of problems of delegation and proposes an architecture based on X.509 Proxy Certificates and SAML assertions to enable delegation in provision of services in the complex and heterogeneous environment presented by the public institutions of the European Union as a whole.

More information

Item ID: 6918
DC Identifier: http://oa.upm.es/6918/
OAI Identifier: oai:oa.upm.es:6918
Official URL: http://www.springer.com/
Deposited by: Memoria Investigacion
Deposited on: 11 May 2011 11:31
Last Modified: 20 Apr 2016 16:02
  • Logo InvestigaM (UPM)
  • Logo GEOUP4
  • Logo Open Access
  • Open Access
  • Logo Sherpa/Romeo
    Check whether the anglo-saxon journal in which you have published an article allows you to also publish it under open access.
  • Logo Dulcinea
    Check whether the spanish journal in which you have published an article allows you to also publish it under open access.
  • Logo de Recolecta
  • Logo del Observatorio I+D+i UPM
  • Logo de OpenCourseWare UPM