Identity Management Solutions Research Articles

An identity management protocol for Internet applications over 3G mobile networks

This paper, proposes a protocol (IDM3G) for implementing identity management for Internet applications over 3G mobile networks. IDM3G combines the identity management principles of the Liberty Alliance specifications, elements of the OASIS's SAML and the 3GPP UMTS security specifications, targeting to a more effective and lightweight identity management solution than the existing ones. IDM3G instead of establishing new authentication and authorization mechanisms, utilizes the latest security features of 3G mobile networks in order to implement trust relationships, focusing on mutual authentication and authorization, avoiding at the same time the submission of the user identity itself.

A note on the anatomy of federation

Federation can be perceived as a security foundation accommodating federated identity management solutions. In this paper we analyse the structure and function of federations with the aim of revealing the essential elements and architecture principles of federation models. Firstly, we identify some fundamental concepts that underpin the structure and operation of a trust realm. Then we analyse how these aggregate to provide for identity management and trust brokerage in a federation. We then explain various federation models in terms of these concepts. Finally, we examine the current state of Web-based federation standards and products, indicate specific research challenges for the next generation of federation-enabling technology. The paper targets an audience of research professionals and practitioners with some security and software engineering background who wish to find out more about federation models, and it can also be useful to (security) architects and consultants who are considering different federation architecture options for their projects.

Profiling — Technology

Network identity is defined by the set of characteristics about a person held on a computer network, and hence identity management on the Internet is key to ensuring maximum competitive and marketing advantage for service providers while protecting end-user privacy. In the last few years, there have been major attempts in the IT world at providing parts of the identity management solution, from which we can learn important lessons. BTexact has also developed a profile hosting server to investigate the technological issues and propose a solution in this significant, evolving area.