Géant-TrustBroker: Dynamic, Scalable Management of SAML-Based Inter-federation Authentication and Authorization Infrastructures - ICT Systems Security and Privacy Protection (SEC 2014)
Conference Papers Year : 2014

Géant-TrustBroker: Dynamic, Scalable Management of SAML-Based Inter-federation Authentication and Authorization Infrastructures

Daniela Pöhn
  • Function : Author
  • PersonId : 989401
Stefan Metzger
  • Function : Author
  • PersonId : 989402
Wolfgang Hommel
  • Function : Author
  • PersonId : 989403

Abstract

We present the concept and design of Géant-TrustBroker, a new service to facilitate multi-tenant ICT service user authentication and authorization (AuthNZ) management in large-scale eScience infrastructures that is researched and implemented by the pan-European research and education network, Géant. Géant-TrustBroker complements eduGAIN, a successful umbrella inter-federation created on top of national higher education federations in more than 20 countries world-wide. Motivated by experiences with real-world limits of eduGAIN, Géant-TrustBroker’s primary goal is to enable a dynamic and highly scalable management of identity federations and inter-federations. Instead of eduGAIN’s federation-of-federations approach, Géant-TrustBroker enables the on-demand establishment and life-cycle management of dynamic virtual federations and achieves a high level of automation to reduce the manual workload for the participating organizations, which so far is one of the most significant obstacles for the adoption of Federated Identity Management, e.g., based on the SAML standard. We contrast Géant-TrustBroker with other state-of-the-art approaches, present its workflows and internal mode of operations and give an outlook to how eduGAIN can be used in combination with Géant-TrustBroker to solve current AuthNZ problems in international research projects and communities.
Fichier principal
Vignette du fichier
978-3-642-55415-5_25_Chapter.pdf (4 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01370377 , version 1 (22-09-2016)

Licence

Identifiers

Cite

Daniela Pöhn, Stefan Metzger, Wolfgang Hommel. Géant-TrustBroker: Dynamic, Scalable Management of SAML-Based Inter-federation Authentication and Authorization Infrastructures. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. pp.307-320, ⟨10.1007/978-3-642-55415-5_25⟩. ⟨hal-01370377⟩
127 View
159 Download

Altmetric

Share

More