Using XACML for Privacy Control in SAML-Based Identity Federations

  • Wolfgang Hommel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3677)


With Federated Identity Management (FIM) protocols, service providers can request user attributes, such as the billing address, from the user’s identity provider. Access to this information is managed using so-called Attribute Release Policies (ARPs). In this paper, we first analyze various shortcomings of existing ARP implementations; then, we demonstrate that the eXtensible Access Control Markup Language (XACML) is very suitable for the task. We present an architecture for the integration of XACML ARPs into SAML-based identity providers and specify the policy evaluation workflows. We also introduce our implementation and its integration into the Shibboleth architecture.


Policy Decision Point Privacy Control Policy Enforcement Point Identity Provider Credit Card Number 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Cantor, S., Kemp, J., Philpott, R., Maler, E.: Security Assertion Markup Language v2.0. OASIS Security Services Technical Committee Standard (2005)Google Scholar
  2. 2.
    Varney, C.: Liberty Alliance — Privacy and Security Best Practices 2.0 (2003),
  3. 3.
    Kaler, C., Nadalin, A.: Web Services Federation Language, WS-Federation (2003),
  4. 4.
    Erdos, M., Cantor, S.: Shibboleth architecture (v05) (2002),
  5. 5.
    Moses, T.: OASIS eXtensible Access Control Markup Language 2.0, core specification. OASIS XACML Technical Committee Standard (2005)Google Scholar
  6. 6.
    Reagle, J., Cranor, L.F.: The Platform for Privacy Preferences. Communications of the ACM 42, 48–55 (1999)CrossRefGoogle Scholar
  7. 7.
    Langheinrich, M.: A P3P Preference Exchange Language — APPEL 1.0 (2002),
  8. 8.
    Nazareth, S., Smith, S.: Using SPKI/SDSI for Distributed Maintenance of Attribute Release Policies in Shibboleth. Technical Report TR2004-485, Department of Computer Science, Dartmouth College, Hanover, HN 03744 USA (2004)Google Scholar
  9. 9.
    Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylnen, T.: SPKI Certificate Theory. IETF Proposed Standard, RFC 2693 (1999)Google Scholar
  10. 10.
    Rivest, R., Lampson, B.: SDSI — A Simple Distributed Security Infrastructure. In: Presented at CRYPTO 1996 Rumpsession (1996)Google Scholar
  11. 11.
    Lepro, R.: Cardea: Dynamic Access Control in Distributed Systems. Technical Report TR NAS–03–020, NASA Advanced Supercomputing Division, Ames (2003)Google Scholar
  12. 12.
    Mazzuca, P.: Access Control in a Distributed Decentralized Network: An XML Approach to Network Security. Honors Thesis, Dartmouth College (2004)Google Scholar
  13. 13.
    Chadwick, D., Otenko, A.: The PERMIS X.509 Role Based Privilege Management Infrastructure. In: Proceedings of the 7th ACM Symposium on Access Control Models and Technologies. SACMAT, pp. 135–140. ACM Press, New York (2002)Google Scholar
  14. 14.
    Anderson, A.H.: The Relationship Between XACML and P3P Privacy Policies (2004),
  15. 15.
    Proctor, S.: Sun’s XACML implementation (2004),
  16. 16.
    Anderson, A.: XML Digital Signature profile of XACML 2.0. OASIS TC Committee draft (September 16, 2004)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2005

Authors and Affiliations

  • Wolfgang Hommel
    • 1
  1. 1.Munich Network Management TeamLeibniz Computing CenterMunichGermany

Personalised recommendations