Skip to main content
SpringerLink
Log in

Finding New Solutions for Services in Federated Open Systems Interconnection

  • Conference paper
Advances in Computing and Communications (ACC 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 193))

Included in the following conference series:

Abstract

Federated environment application running on cost-effective federated identity management system has been more widely adopted, and would potentially attract more organizations to adopt and invest if we enhance with security and trust mechanisms. The traditional certificate based authentication raises various issues such as firstly, the case when public portion of the key pair can be guessed or calculated by the attacker, it can further be used to masquerade against resource access, and secondly, when the storing of private key on user system can be compromised by viruses, Trojan horses etc. Also current computer platforms are lacking in platform trust establishment which makes it hard to trust remote platforms. In this paper, we discuss concerns related to federated services user authentication, authorization, and trust establishment in Federated Open Systems Interconnection and proposed trusted platform module protected storage to protect private keys, and platform attestation mechanisms to establish inter platform (and hence inter system) trust among interacting systems in open environment to overcome these issues. To assess our work we compared trusted platform module with existing authentication types and shows that trusted platform module provides better temper-resistance protection against attacks such as replay, Trojan horse’s, and fake anti viruses’ attacks etc.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Chadwick, D.W.: Federated Identity Management. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2007. LNCS, vol. 5705, pp. 96–120. Springer, Heidelberg (2009)

    Google Scholar 

  2. Pashalidis, A., Mitchell, C.J.: Taxonomy of Single Sign-On Systems. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 249–264. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  3. Lutz, D.: Federation Payments using SAML Tokens with Trusted Platform Modules. In: Proceedings of the IEEE Symposium on Computers and Communications, pp. 363–368 (2007)

    Google Scholar 

  4. Vijayan, J.: Wells fargo discloses another data breach. Computer World (2006), http://www.computerworld.com/s/article/9002944/Wells_Fargodisclo_nother_data_breach

  5. Lemos, R.: Reported data leaks reach high in 2007. Security Focus (2007), http://www.securityfocus.com/brief/652

  6. Trusted Computing, http://www.trustedcomputinggroup.org/

  7. Trusted Computing Platform Alliance (TCPA), http://mako.cc/talks/20030416-politics_and_tech_of_control/trustedcomputing.html

  8. Balacheff, B., Chen, L., Pearson, S., Plaquin, D., Proudler, G.: Trusted Computing Platforms: TCPA Technology in Context. Prentice-Hall, Englewood Cliffs (2003)

    Google Scholar 

  9. Khattak, Z.A., Sulaiman, S., Manan, J.A.: A Study on Threat Model for Federated Identities in Federated Identity Management System. In: Proceeding 4th International Symposium on Information Technology of IEEE Symposium, pp. 618–623 (2010)

    Google Scholar 

  10. Ahn, G.-J., Shin, D., Hong, S.-P.: Information Assurance in Federated Identity Management: Experimentations and Issues. In: Zhou, X., Su, S., Papazoglou, M.P., Orlowska, M.E., Jeffery, K. (eds.) WISE 2004. LNCS, vol. 3306, pp. 78–89. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  11. Stephenson, P.: Ensuring Consistent Security Implementation within a Distributed and Federated Environment, pp. 12–14 (2006)

    Google Scholar 

  12. Hommel, W., Reiser, H.: Federated Identity Management: Shortcomings of Existing Standards. In: Proceedings of 9th IFIP/IEEE International Symposium on Integrated Management (2005)

    Google Scholar 

  13. Smedinghoff, T.J.: Federated Identity Management: Balancing Privacy Rights, Liability Risks, and the Duty to Authenticate (2009)

    Google Scholar 

  14. Jøsang, A., Fabre, J., Hay, B., Dalziel, J., Pope, S.: Trust Requirements in Identity Management. In: Australasian Information Security Workshop (2005)

    Google Scholar 

  15. Maler, E., Reed, D.: The Venn of Identity: Options and Issues in Federated Identity Management. IEEE Security and Privacy 6(2), 16–23 (2008)

    Article  Google Scholar 

  16. Madsen, P., Koga, Y., Takahashi, K.: Federated Identity Management For Protecting Users from ID Theft. In: Proceedings of the 2005 ACM Workshop on Digital Identity Management, pp. 77–83. ACM Press, New York (2005)

    Chapter  Google Scholar 

  17. Mills, E.: Report: ID fraud malware infecting PCs at increasing rates, Security (2009), http://news.cnet.com/8301-1009_3-10193025-83.html?tag=mncol;title

  18. Shin, D., Ahn, G.-J., Shenoy, P.: Ensuring Information Assurance in Federated Identity Management. In: Proceedings of the 23rd IEEE International Performance Computing and Communications Conference, pp. 821–826 (2004)

    Google Scholar 

  19. Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: Proceedings of the 13th USENIX Security Symposium Conference, Berkeley, CA, USA, pp. 223–238 (2004)

    Google Scholar 

  20. Khattak, Z.A., Manan, J.A., Sulaiman, S.: Analysis of Open Environment Sign-in Schemes-Privacy Enhanced & Trustworthy Approach. J. Adv. in Info. Tech. 2(2), 109–121 (2011), doi:10.4304/jait.2.2.109-121

    Google Scholar 

  21. Trusted Computing Group, Trusted Computing Group Specification Architecture Overview v1.2. Technical Report. Portland, Oregon, USA (2003)

    Google Scholar 

  22. Bakhsh, S.: Protecting your data with on-disk encryption, Business Intelligence Solutions, http://www.trustyourtechnologist.com/index.php/2010/07/07/protecting-your-data-with-on-disk-encryption/

  23. O’Gorman, L.: Comparing passwords, tokens, and biometrics for user authentication. Proceedings of the IEEE 91(12), 2021–2040 (2003)

    Article  Google Scholar 

  24. Shibboleth, http://shibboleth.internet2.edu/

  25. Liberty Alliance, http://projectliberty.org/

  26. OpenID, http://openid.net/

Download references

Author information

Authors and Affiliations

  1. Department of Computer and Information Sciences, Universiti Teknologi PETRONAS, Tronoh, 31750, Perak, Malaysia

    Zubair Ahmad Khattak & Suziah Sulaiman

  2. MIMOS Berhad, Advanced Information Security Cluster, Technology Park Malaysia, 57000, Kuala Lumpur, Malaysia

    Zubair Ahmad Khattak & Jamalul-lail Ab Manan

Authors
  1. Zubair Ahmad Khattak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jamalul-lail Ab Manan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Suziah Sulaiman
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Machine Intelligence Research Labs (MIR Labs), Auburn, 98071-2259, Washington, USA

    Ajith Abraham

  2. Departamento de Comunicaciones, Universidad Politcnica de Valencia, 46071, Valencia, Spain

    Jaime Lloret Mauri

  3. Avaya Labs Research, Basking Ridge, NJ, USA

    John F. Buford

  4. University of Massachusetts, 100 Morrissey Blvd., 02125-3393, Boston, MA, USA

    Junichi Suzuki

  5. Rajagiri School of Engineering and Technology, Rajagiri Valley Kakkanad, 682 039, Kochi, India

    Sabu M. Thampi

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Khattak, Z.A., Manan, Jl.A., Sulaiman, S. (2011). Finding New Solutions for Services in Federated Open Systems Interconnection. In: Abraham, A., Mauri, J.L., Buford, J.F., Suzuki, J., Thampi, S.M. (eds) Advances in Computing and Communications. ACC 2011. Communications in Computer and Information Science, vol 193. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22726-4_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22726-4_27

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22725-7

  • Online ISBN: 978-3-642-22726-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation