NDLI: Title: deploying authorization mechanisms for federated services in eduroam (dame).

Please wait, while we are loading the content...

Title: deploying authorization mechanisms for federated services in eduroam (dame).

Content Provider	CiteSeerX
Author	Cánovas, Óscar Gómez-Skarmeta, Antonio F. López, Gabriel Sánchez, Manuel
Abstract	Identity federations are emerging in the last years in order to make easier the deployment of resource sharing environments among organizations. One common feature of those environments is the use of access control mechanisms based on the user identity. However, most of those federations have realized that user identity is not enough to offer a more grained access control and value added services. Therefore, additional information, such as user attributes, need to be taken into account. This paper presents the overview and some preliminary results of the DAMe project. We will show how one of those real and widely spread identity federations, eduroam, has been extended in order to make use of the user attributes defined in his home domain, to adopt authorization decisions during the access control process. This authorization framework has been integrated by means of the NAS-SAML infrastructure, which defines a network access control service based on SAML and the AAA architecture. Additionally, we present the details of a Single Sign On proposal which takes advantage of the previously deployed authentication and authorization mechanisms. In this way we will be able to establish a link between authentication and authorization methods at different levels in order to provide a seamless global SSO.
File Format	PDF
Access Restriction	Open
Subject Keyword	Federated Service Deploying Authorization Mechanism User Identity Authorization Decision User Attribute Home Domain Access Control Process Preliminary Result Aaa Architecture Grained Access Control Spread Identity Federation Nas-saml Infrastructure Single Sign Additional Information Authorization Mechanism Access Control Mechanism Authorization Method Last Year Common Feature Seamless Global Sso Different Level Authorization Framework Network Access Control Service Identity Federation Dame Project
Content Type	Text
Resource Type	Article

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in