What is included with this book?
Introduction | p. 11 |
Stakeholders and Business Opportunities | p. 12 |
Identity Ecosystem and Key Trends | p. 14 |
Challenges in Identity Management | p. 18 |
Overview of This Book | p. 18 |
References | p. 19 |
What Is Identity Management? | p. 21 |
Stakeholders and Their Requirements | p. 25 |
Subjects | p. 25 |
Identity Providers | p. 27 |
Relying Parties | p. 27 |
Control Parties | p. 28 |
Relationships Between Stakeholders | p. 28 |
Identity Life Cycle | p. 29 |
Creation | p. 30 |
Usage | p. 32 |
Update | p. 34 |
Revocation | p. 35 |
Governance | p. 36 |
Identity Assurance | p. 37 |
References | p. 41 |
Fundamental Technologies and Processes | p. 45 |
Credentials | p. 46 |
Basic Concepts | p. 46 |
Public-Key Certificates and Public-Key Infrastructures | p. 48 |
Attribute and Authorization Certificates | p. 51 |
Credential Delegation | p. 52 |
Proxy Certificates | p. 54 |
Single Sign-On | p. 55 |
Kerberos Protocols | p. 57 |
Reverse Proxy-Based SSO | p. 60 |
Attribute Federation | p. 61 |
Distributed Mediation | p. 63 |
Single Party-Based Mediation | p. 63 |
Privacy | p. 65 |
Pseudonym Systems | p. 66 |
Anonymous Credentials | p. 68 |
Assurance and Compliance | p. 70 |
References | p. 71 |
Standards and Systems | p. 75 |
Overview | p. 76 |
OASIS Security Assertion Markup Language (SAML) | p. 77 |
Overview | p. 77 |
Specification Structure | p. 79 |
Web SSO | p. 86 |
Use Cases | p. 92 |
Liberty Identity Web Services Framework | p. 93 |
Opt-In Discovery Registration | p. 96 |
Dynamic Acquisition of Consent from Subjects | p. 96 |
Federated Identity-Based Access Control | p. 97 |
Pseudonym Mapping | p. 97 |
Use Cases | p. 97 |
OpenID | p. 98 |
Overview | p. 98 |
Authentication | p. 98 |
Attribute Exchange (AX) | p. 101 |
Provider Authentication Policy Extension (PAPE) | p. 101 |
Simple Registration (SREG) | p. 102 |
Use Cases | p. 102 |
Information Card-Based Identity Management (IC-IDM) | p. 104 |
Overview | p. 104 |
WS-MetadataExchange | p. 108 |
WS-Trust | p. 108 |
Use Cases | p. 108 |
Towards Interoperability | p. 110 |
Use Cases | p. 111 |
Comparative Analysis of SAML, OpenID, and Information Cards | p. 119 |
Security Analysis | p. 121 |
Confidentiality | p. 122 |
Integrity | p. 126 |
Availability | p. 127 |
Repudiation | p. 128 |
Authentication | p. 129 |
Authorization | p. 129 |
Privacy Analysis | p. 130 |
Research Prototypes | p. 131 |
SASSO | p. 132 |
VeryIDX | p. 133 |
SWIFT | p. 134 |
Emerging Areas: Social Networks, Mobile, and Cloud Computing | p. 134 |
References | p. 139 |
Challenges | p. 147 |
Usability | p. 148 |
Usability Principles and Requirements | p. 148 |
Evaluating the Usability of Identity Management Solutions | p. 151 |
Antiphishing Measures | p. 152 |
Access Control | p. 153 |
Privacy Protection | p. 155 |
Privacy Policies | p. 156 |
Anonymization of Personally Identifiable Information and Privacy-Preserving Data Mining | p. 162 |
Privacy Protection in Emerging Services | p. 166 |
Trust Management | p. 167 |
Reputation of the Party | p. 167 |
Objective Verification of Certain Party Characteristics | p. 168 |
Possession of Credentials Attesting Certain Party Identity Information | p. 168 |
Trust in the Context of Identity Management | p. 169 |
Interoperability Challenge | p. 169 |
Universal User Experiences | p. 170 |
Naming Heterogeneity Management | p. 170 |
Biometrics | p. 171 |
References | p. 175 |
Conclusions | p. 181 |
References | p. 185 |
About the Authors | p. 187 |
Index | p. 189 |
Table of Contents provided by Ingram. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.