DOI QR코드

DOI QR Code

An Identity Authentication Sharing Architecture for Global Internet Environment

글로벌 인터넷 환경을 위한 신원 인증 공유 구조

  • 박승철 (한국기술교육대학교 컴퓨터공학부)
  • Received : 2012.10.26
  • Accepted : 2013.03.18
  • Published : 2013.03.31

Abstract

Identity authentication sharing technologies which allow many service providers to share the result of identity authentication of an identity provider receive high attention as alternatives for current problematic identity authentications in the next-generation Internet environment, since they can provide crucial advantages including high usability, cost effectiveness of service providers, and privacy protection. However, in order for the identity authentication sharing technologies to be widely deployed in global Internet scale, the interoperability problem among different identity authentication sharing protocols and the trustworthiness issue among the participating identity providers, service providers, and users should be resolved in advance. This paper firstly analyzes current status of the protocol interoperability issue and existing trust frameworks for identity authentication sharing. And then, based on the result of analysis, this paper proposes a next generation identity authentication sharing architecture for global Internet.

References

  1. FIDIS, "D3.17 : identity Management Systems-recent developments", www.fidis.net, 2009.
  2. Grant, J. A., "The National Strategy for Trusted Identities in Cyberspace", IEEE Internet Computing, 2011.
  3. OpenID Foundation, "OpenID Authentication2.0-Final", http://openid.net/specs/openidauthentication-2_0.html, 2007.
  4. Craig Burton, "The Information Card Ecosystem : The Fundamental Leap from Cookies and Passwords to Cards and Selectors", ICF (http://www.informationcard.net), 2009.
  5. OASIS, "Identity Metasystem Interoperability Version 1.0", http://docs.oasis-open.org/imi/ns/identity/v1.0/identity.html, 2009.
  6. OASIS, "Security Assertion Markup Language(SAML) V2.0 Technical Overview", http://www.oasis-open.org, 2008.
  7. Maler, E. and D. Reed, "The Venn of Identity-Options and Issues in Federated Identity Management", IEEE Security and Privacy, 2008.
  8. Madsen, P. and H. Itoh, "Challenges to Supporting Federated Assurance", IEEE Computer, 2009.
  9. Thibeau, D. and D. Reed, "Open Trust Frameworks for Open Government : Enabling Citizen Involvement through Open Identity Technologies", http://openid.net/, 2009.
  10. Maliki, T. E. and J.-M. Seigneur, "A Survey of User-centric Identity Management Technologies", Proc. of Int'l Conference on Emerging Security Information, Systems and Technologies, (2007), pp.12-17.
  11. Korman, D. P. and A. D. Rubin, "Risks of the Passport Single Signon Protocol", IEEE Computer Networks, 2000.
  12. http://en.wikipedia.org/wiki/Windows_ Live_ID.
  13. Chadwick, D. and S. Shaw, "Review of OpenID", JISC Final Report(http://www.jisc.ac.uk/whatwedo/programmes/einfrastructure/reviewofopenid.aspx), 2008.
  14. OpenID Foundation, "OpenID Authentication 2.0-Final", http://openid.net/specs/openidauthentication-2_0.html, 2007.
  15. OASIS, "Identity Metasystem Interoperability Version 1.0", http://docs.oasis-open. org/imi/ns/identity/v1.0/identity.html, 2009.
  16. http://www.oasis-open.org/committees/security/.
  17. http://www.informationcard.net.
  18. http://www.projectliberty.org/.
  19. OASIS, "Security Assertion Markup Language(SAML) V2.0 Technical Overview", http://www.oasis-open.org, 2008.
  20. Aries Fajar Dwiputera, "Single Sign-On Architectures in Public Networks(Liberty Alliance)", INFOTECH Seminar Communication Services, 2005.
  21. US OMB M-04-04, "The E-Authentication Guidance for Federal Agencies", http://www.whitehouse.gov/omb/memoranda/fy04/m04-04.pdf, 2003.
  22. NIST SP 800-63, "Electronic Authentication Guideline", 2006.
  23. ITU-T X.1254, "Entity Authentication Assurance Framework", 2012.
  24. http://idmanagement.gov/.
  25. http://openidentityexchange.org/.
  26. Thibeau, D. and D. Reed, "Open Trust Frameworks for Open Government : Enabling Citizen Involvement through Open Identity Technologies", http://openid.net/, 2009.
  27. Rundle, M. et al., "The Open Identity Trust Framework(OITF) Model", http://openident ityexchange/, 2010.