Providing Secured Access Delegation in Identity Management Systems
Abubakar-Sadiq Shehu, António Pinto, Manuel Correia
2020
Abstract
The evolutionary growth of information technology has enabled us with platforms that eases access to a wide range of electronic services. Typically, access to these services requires users to authenticate their identity, which involves the release, dissemination and processing of personal data by third parties such as service and identity providers. The involvement of these and other entities in managing and processing personal identifiable data has continued to raise concerns on privacy of personal information. Identity management systems (IdMs) emerged as a promising solution to address major access control and privacy issues, however most research works are focused on securing service providers (SPs) and the services provided, with little emphases on users privacy. In order to optimise users privacy and ensure that personal information are used only for intended purposes, there is need for authorisation systems that controls who may access what and under what conditions. However, for adoption data owners perspective must not be neglected. To address these issues, this paper introduces the concept of IdM and access control framework which operates with RESTful based services. The proposal provides a new level of abstraction and logic in access management, while giving data owner a decisive control over access to personal data using smartphone. The framework utilises Attribute based access control (ABAC) method to authenticate and authorise users, Open ID Connect (OIDC) protocol for data owner authorisation and Public-key cryptography to achieve perfect forward secrecy communication. The solution enables data owner to attain the responsibility of granting or denying access to their data, from a secured communication with an identity provider using a digitally signed token.
DownloadPaper Citation
in Harvard Style
Shehu A., Pinto A. and Correia M. (2020). Providing Secured Access Delegation in Identity Management Systems.In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT, ISBN 978-989-758-446-6, pages 638-644. DOI: 10.5220/0009892206380644
in Bibtex Style
@conference{secrypt20,
author={Abubakar-Sadiq Shehu and António Pinto and Manuel Correia},
title={Providing Secured Access Delegation in Identity Management Systems},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,},
year={2020},
pages={638-644},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009892206380644},
isbn={978-989-758-446-6},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,
TI - Providing Secured Access Delegation in Identity Management Systems
SN - 978-989-758-446-6
AU - Shehu A.
AU - Pinto A.
AU - Correia M.
PY - 2020
SP - 638
EP - 644
DO - 10.5220/0009892206380644