Cite this publication
A Flexible and Compatible Model for Supporting Assurance Level through a Central Proxy
Dabbaghi Varnosfaderani, S.; Kasprzak, P.; Pohl, C. & Yahyapour, R. (2019)
2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom) pp. 46-52. IEEE International Conference on Cyber Security and Cloud Computing,, Paris, France.
IEEE. DOI: https://doi.org/10.1109/CSCloud/EdgeCom.2019.00018
Documents & Media
- Dabbaghi Varnosfaderani, Shirin; Kasprzak, Piotr; Pohl, Christof; Yahyapour, Ramin
- Generally, methods of authentication and identification utilized in asserting users' credentials directly affect security of offered services. In a federated environment, service owners must trust external credentials and make access control decisions based on Assurance Information received from remote Identity Providers (IdPs). Communities (e.g. NIST, IETF and etc.) have tried to provide a coherent and justifiable architecture in order to evaluate Assurance Information and define Assurance Levels (AL). Expensive deployment, limited service owners' authority to define their own requirements and lack of compatibility between heterogeneous existing standards can be considered as some of the unsolved concerns that hinder developers to openly accept published works. By assessing the advantages and disadvantages of well-known models, a comprehensive, flexible and compatible solution is proposed to value and deploy assurance levels through a central entity called Proxy.
- Issue Date
- Gesellschaft für wissenschaftliche Datenverarbeitung
- IEEE International Conference on Cyber Security and Cloud Computing,
- Conference Place
- Paris, France
- Event start
- Event end