D-FOAF: Distributed identity management with access rights delegation

Abstract

Todays WWW consists of more than just information. The WWW provides a large number of services, which often require identification of it's users. This has lead to the fact that today users have to maintain a large number of different credentials for different websites - distributed or shared identification system are not widely deployed. Furthermore current authorisation systems requires strict centralisation of the authorisation procedure - users themselves are usually not enabled to authorise their trusted friends to access services, although often this would be beneficial for services and businesses on the Web. In this article we present D-FOAF, a distributed identity management system which deploys social networks. We show how information inherent in social networks can be utilised to provide community driven access rights delegation and we analyse algorithms for managing distributed identity, authorisation and access rights checking. Finally we show how the social networking information can be protected in a distributed environment. © Springer-Verlag Berlin Heidelberg 2006.