Skip to main content
Conference ProceedingsOPEN ACCESS

Using XACML for privacy control in SAML-based identity federations

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2005) 3677 LNCS 160-169
DOI: 10.1007/11552055_16
12Citations
Citations of this article
19Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

With Federated Identity Management (FIM) protocols, service providers can request user attributes, such as the billing address, from the user's identity provider. Access to this information is managed using so-called Attribute Release Policies (ARPs). In this paper, we first analyze various shortcomings of existing ARP implementations; then, we demonstrate that the eXtensible Access Control Markup Language (XACML) is very suitable for the task. We present an architecture for the integration of XACML ARPs into SAML-based identity providers and specify the policy evaluation workflows. We also introduce our implementation and its integration into the Shibboleth architecture. © IFIP International Federation for Information Processing 2005.

Cite

CITATION STYLE

APA

Hommel, W. (2005). Using XACML for privacy control in SAML-based identity federations. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3677 LNCS, pp. 160–169). https://doi.org/10.1007/11552055_16

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free