A Flexible and Compatible Model for Supporting Assurance Level through a Central Proxy
| Title | A Flexible and Compatible Model for Supporting Assurance Level through a Central Proxy |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Dabbaghi Varnosfaderani, Shirin, Kasprzak, Piotr, Pohl, Christof, Yahyapour, Ramin |
| Conference Name | 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom) |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-1661-7 |
| Keywords | access control decisions, assurance information, assurance level, authentication, authentication and authorization infrastructure, authorisation, Authorization, central proxy, Collaboration, composability, federated identity management, FIM, Human Behavior, information assurance, Level of Assurance, LoA, message authentication, Metrics, NIST, policy-based governance, pubcrawl, remote identity providers, resilience, Resiliency, Scalability, service security, Trusted Computing, user credentials |
| Abstract | Generally, methods of authentication and identification utilized in asserting users' credentials directly affect security of offered services. In a federated environment, service owners must trust external credentials and make access control decisions based on Assurance Information received from remote Identity Providers (IdPs). Communities (e.g. NIST, IETF and etc.) have tried to provide a coherent and justifiable architecture in order to evaluate Assurance Information and define Assurance Levels (AL). Expensive deployment, limited service owners' authority to define their own requirements and lack of compatibility between heterogeneous existing standards can be considered as some of the unsolved concerns that hinder developers to openly accept published works. By assessing the advantages and disadvantages of well-known models, a comprehensive, flexible and compatible solution is proposed to value and deploy assurance levels through a central entity called Proxy. |
| URL | https://ieeexplore.ieee.org/document/8854044 |
| DOI | 10.1109/CSCloud/EdgeCom.2019.00018 |
| Citation Key | dabbaghi_varnosfaderani_flexible_2019 |
- Level of Assurance
- user credentials
- Trusted Computing
- service security
- Scalability
- Resiliency
- resilience
- remote identity providers
- pubcrawl
- policy-based governance
- NIST
- Metrics
- message authentication
- LoA
- access control decisions
- Information Assurance
- Human behavior
- FIM
- federated identity management
- composability
- collaboration
- central proxy
- authorization
- authorisation
- authentication and authorization infrastructure
- authentication
- assurance level
- assurance information