Federated Identity Management offers numerous economic benefits and convenience to Service Providers and users alike. In such federations, the Identity Provider (IdP) is the solitary entity responsible for managing user credentials and generating ...

System wide information management (SWIM) is a platform to share and exchange information on the new air traffic management (ATM) services between different departments and systems in the civil aviation field. Through the connection of SWIM and various ...

The eIDAS Regulation aims to provide an interoperable European framework to enable EU citizens to authenticate and communicate with services of other Member States by using their national electronic identity. While a set of high-level requirements (...

Even though the cloud paradigm and its associated services has been adopted in various enterprise applications, there has been major issues with regard to authenticating users' critical data. Single Sign on (SSO) is a user authentication technique ...

Smart Cities are complex distributed systems which may involve multiple stakeholders, applications, sensors, and IoT devices. In order to be able to link and use such heterogeneous data, spatial data infrastructures for Smart Cities ...

Identity federation technology has been widely used in recent years. But the solution for federate access is totally different between the Web-Based and Non-Web-Based scenarios. Furthermore, it is highly limited for lack of support from Non-Web-...

Cloud computing is a computing paradigm that provides a set of scalable resources on demand. Mobile clients/users and Internet of Things (IoT) are using cloud resources for their applications. However, it also is a target of cyber-attacks and creates ...

Verifying who someone is on the Internet is a prerequisite for online services that process sensitive or valuable information. While this has been solved with national or sectorial electronic identification (eID) schemes, general, cross-border solutions ...

Multi-cloud adaptive application provisioning can solve the vendor lock-in problem and allows optimising user requirements by selecting the best from the multitude of services offered by different cloud providers. To this end, such provisioning type is ...

The main evolution of web services and its exploitation enforce new security challenges, especially in terms of digital identity life cycle management. A set of Identity Management Systems exist to deal with these identities, in order to improve users' ...

Authentication for HPC resources has always been a double edged issue. On one hand, HPC facilities would like users to login as easily as possible, but with the increase and complexity of system exploits, HPC centers would like to protect their systems ...

This document describes the use of the Security Assertion Markup Language (SAML) with RADIUS in the context of the Application Bridging for Federated Access Beyond web (ABFAB) architecture. It defines two RADIUS attributes, a SAML binding, a SAML name ...

Over the last decade, a substantial amount of work has occurred in the space of federated access management. Most of this effort has focused on two use cases: network access and web-based access. However, the solutions to these use cases that have been ...

Ubiquitous devices comprising several resource-constrained sensors and actuators while having the long desired Internet connectivity, are becoming part of many solutions that seek to enhance user’s environment smartness and quality of living. ...

The emerging Cloud computing technology, offering computing resources as a service is gaining increasing attention of both the public and private sector. For the whole hearted adoption of Cloud, the service providers need to ensure that only valid users ...

This specification defines the use of a Security Assertion Markup Language (SAML) 2.0 Bearer Assertion as a means for requesting an OAuth 2.0 access token as well as for client authentication.

This specification provides a framework for the use of assertions with OAuth 2.0 in the form of a new client authentication mechanism and a new authorization grant type. Mechanisms are specified for transporting assertions during interactions with a token ...

Policy-based authorization systems have been largely deployed nowadays to control different privileges over a big amount of resources within a security domain. With policies it is possible to reach a fine-grained level of expressiveness to state proper ...

One of the challenges in a distributed data infrastructure is how users authenticate to the infrastructure, and how their authorisations are tracked. Each user community comes with its own established practices, all different, and users are put off if ...

In this paper we explore two issues: Federated Identity Management and Context-Aware Services. In the last decade or so we have seen these two technologies gaining considerable popularities as they offer a number of benefits to the user and other ...