| |
Abstract |
Federation has emerged as a key concept for identity management, as it is the basis to reduce complexity in the companies and improve user experience. However, the problem of establishing identity federations in dynamic open environments, where it is desirable to speed up the processes of service provisioning and deprovisioning, has not been fully addressed. This paper reviews the existing frameworks for identity federation, analyzing the underlying trust mechanisms and its suitability to be applied in the mentioned environments. Finally, we propose a generic extension for the Security Assertion Markup Language (SAML) standard in order to facilitate the creation of federation relationships in a secure dynamic way between prior unknown parties. |
|
