Authors:
Kari Anne Haaland
and
Chunming Rong
Affiliation:
University of Stavanger, Norway
Keyword(s):
Authentication, Authorization, Identity-based Encryption, open standards, and Web Service Security.
Related
Ontology
Subjects/Areas/Topics:
Enterprise Information Systems
;
Formal Methods
;
Information Systems Analysis and Specification
;
Methodologies and Technologies
;
Operational Research
;
Security
;
Simulation and Modeling
Abstract:
There is obvious need in cooperation between organizations. A recent trend is cooperation online, which result in the need of facilitating and managing cross-domain access to information and applications. It is important to utilize open standards that leverage existing technologies instead of replacing them. WS-Security, emitted by OASIS, defines standards on how to encode security tokens. In this paper we look at the use of Identity-based Encryption to leverage the exchange of security tokens, and how it can be implemented with WS-Security. Identity-based encryption offers, compared to the more conventional PKI, some additional advantages. For instance: databases maintaining public-key certificates are now longer necessary, this simplify key management, saves space, and eliminate the threat of attacks on these databases. It is also more suitable to grant collective access to groups, and is therefore suited for role based access control. We do not suggest Identity-based encryption as
a replacement, but rather a complementary.
(More)