2008年
Privacy oriented attribute exchange in shibboleth using magic protocols
Proceedings - 2008 International Symposium on Applications and the Internet, SAINT 2008
- ,
- ,
- ,
- 開始ページ
- 293
- 終了ページ
- 296
- 記述言語
- 英語
- 掲載種別
- DOI
- 10.1109/SAINT.2008.20
We propose an extension of the attribute exchange between an Identity Provider (IdP) and an Service Provider (SP) in Shibboleth. While in the conventional framework of Shibboleth attributes are exchanged in immediate values, in our new extension an SP and an IdP exchange attributes according to so-called "Magic Protocols". This extension enables the SP to know whether user's attributes meet the requirement for authorization, without the SP and the IdP revealing their confidential information. We also show how we can detect cheating in execution of this protocol, e.g. the IdP tells another value instead of the true value to the SP in malice. © 2008 IEEE.
- ID情報
-
- DOI : 10.1109/SAINT.2008.20
- SCOPUS ID : 53849098566