Privacy Preserving Attribute Aggregation Method without Shared Identifier Binding (Preprint)
スポンサーリンク
概要
- 論文の詳細を見る
Identity federation is rapidly spreading, especially in the academic world. In identity federation users' credentials are stored only at their own organization, while the identity system provides authentication results and attributes to various online services, including cloud services that are hosted outside the user's organization. Attribute aggregation is a generalization of basic identity federation that allows a user to collect attributes from multiple authoritative sources. Group membership information is one of use cases, which is necessary to collaborate e.g., in an inter-organizational group. Despite the importance of privacy in identity federation, conventional methods of attribute aggregation require some identifier for a user to be shared among unrelated services, which makes correlation of user activity possible across the services. This privacy issue makes large-scale deployment of collaboration environments built on identity federation difficult. This paper proposes a new attribute aggregation method which does not require any shared identifier for services. The method has been implemented and validated as an extension of an open source federated identity software, Shibboleth. We also provide consideration about practical use of this new attribute aggregation method and comparison with existing technologies.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.22(2014) No.3 (online)------------------------------
- 2014-06-15
著者
-
Hiroyuki Sato
The University of Tokyo
-
Motonori Nakamura
National Institute Of Informatics
-
Yasuo Okabe
Kyoto University
-
Takeshi Nishimura
National Institute of Informatics (NII)
-
Kazutsuna Yamaji
National Institute of Informatics (NII)
-
Kazutsuna Yamaji
National Insititute of Informatics
-
Motonori Nakamura
National Institute of Informatics (NII)
-
Motonori Nakamura
National Insititute of Informatics
関連論文
- Graded Trust of Certificates and Its Management with Extended Path Validation
- An Adaptive Route Selection Mechanism Per Connection Based on Multipath DNS Round Trip Time on Multihomed Networks
- Quantifying Cost Structure of Campus PKI Based on Estimation and Actual Measurement
- A Site-Exit Router Selection Method Using Routing Header in IPv6 Site Multihoming (Preprint)
- Improving Automatic Centralization by Version Separation
- Privacy Enhancing Proxies in a Federation: Agent Approach and Cascade Approach (Preprint)
- Domain Registration Date Retrieval System for Improving Spam Mail Discrimination (Preprint)
- Privacy Preserving Attribute Aggregation Method without Shared Identifier Binding (Preprint)
- Editor's Message to Special Issue of Applications and the Internet in Conjunction with Main Topics of COMPSAC 2013 (Preprint)