Pöhn and Hommel, 2016
Management Architecture for Dynamic Federated Identity Management
Abstract
We present the concept and design of Dynamic Automated Metadata Exchange (DAME) in
Security Assertion Markup Language (SAML) based user authentication and authorization
infrastructures. This approach solves the real-world limitations in scalability of pre-exchanged
metadata in SAML-based federations and inter-federations. The user initiates the metadata
exchange on demand, therefore reducing the size of the exchanged metadata compared to
traditional metadata aggregation. In order to specify and discuss the necessary changes to
identity federation architectures, we apply the Munich Network Management (MNM) service
model to Federated Identity Management via a trusted third party (TTP); an overview of all
components and interactions is created. Based on this model, the management architecture of
the TTP with its basic management functionalities is designed. This management architecture
includes further functionality for automated management of entities and dynamic federations.
Links
Citation
Pöhn, D., Hommel, W., 2016. Management Architecture for Dynamic Federated Identity Management, Computer Science & Information Technology. https://doi.org/10.5121/csit.2016.60617
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.