Realizing a secure federation of multi-institutional service systems

Abstract

Today, many organizations and individuals are creating a large variety of services. However, even if these services are connected through a network, there are very few examples where such services operate in an interconnected way. One reason for this is the lack of systems that are able to coordinate multiple systems, with different schemes for user management, in a safe way with adequate authorization. Furthermore, the same problem arises when users carrying mobile terminals wishes to connect to and use services at location that they are visiting. In this paper, we are proposing an extended framework for service provision based on Kerberos, allowing groups of services and information about ordinary users that are managed on an organizational or personal level to be combined, handling service systems with different management bases as units of gSpaceh, while defining the security relations between different spaces. © Springer-Verlag Berlin Heidelberg 2005.