An Identity-matching Process to Strengthen Trust in Federated-identity Architectures

Paul Marillonnet, Mikaël Ates, Maryline Laurent, Nesrine Kaaniche

2020

Abstract

To smoothly counteract privilege escalation in federated-identity architectures, the cross-checking of asserted Personally Identifiable Information (PII) among different sources is highly recommended and advisable. Identity matching is thus a key component for supporting the automated PII cross-checking process. This paper proposes an efficient identity-matching solution, adapted to a chosen User-Relationship Management (URM) platform, relying on a French Territorial Collectivities and Public Administrations (TCPA) use case. The originality of the paper is threefold. (1) It presents an original solution to identity-matching issues raised by a concrete use case from the Territorial Collectivities and the Public Administration (TCPA), formalizing concepts such as information completeness, PII normalization and Levenshtein-distance matrix generation. (2) Implementation guidelines are given to deploy the solution on an operational Publik platform. (3) A precise security analysis is provided, relying on an original attacker model.

Download


Paper Citation


in Harvard Style

Marillonnet P., Ates M., Laurent M. and Kaaniche N. (2020). An Identity-matching Process to Strengthen Trust in Federated-identity Architectures.In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT, ISBN 978-989-758-446-6, pages 142-154. DOI: 10.5220/0009828401420154


in Bibtex Style

@conference{secrypt20,
author={Paul Marillonnet and Mikaël Ates and Maryline Laurent and Nesrine Kaaniche},
title={An Identity-matching Process to Strengthen Trust in Federated-identity Architectures},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,},
year={2020},
pages={142-154},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009828401420154},
isbn={978-989-758-446-6},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,
TI - An Identity-matching Process to Strengthen Trust in Federated-identity Architectures
SN - 978-989-758-446-6
AU - Marillonnet P.
AU - Ates M.
AU - Laurent M.
AU - Kaaniche N.
PY - 2020
SP - 142
EP - 154
DO - 10.5220/0009828401420154