Attribute-Based Authentication and Authorisation Infrastructures for E-Commerce Providers

机译：电子商务提供商的基于属性的身份验证和授权基础结构

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Authentication and authorisation has been a basic and necessary service for internet transactions. With the evolution of e-commerce, traditional mechanisms for data security and access control are becoming outdated. Several new standards have emerged which allow dynamic access control based on exchanging user attributes. Unfortunately, while providing highly secure and flexible access mechanisms is a very demanding task, it cannot be considered a core competency for most e-commerce corporations. Therefore, a need to outsource or at least share such services with other entities arises. Authentication and Authorisation Infrastructures (AAIs) can provide such integrated federations of security services. They could, in particular, provide attribute-based access control (ABAC) mechanisms and mediate customers' demand for privacy and vendors' needs for information. We propose an AAI reference model that includes ABAC functionality based on the XACML standard and lessons learned from various existing AAIs. AAIs analysed are AKENTI, CARDEA, CAS, GridShib, Liberty ID-FF, Microsoft .NET Passport, PAPI, PERMIS, Shibboleth and VOMS.

机译：身份验证和授权已成为Internet交易的基本和必要服务。随着电子商务的发展，用于数据安全和访问控制的传统机制已经过时。已经出现了几种新标准，它们允许基于交换用户属性的动态访问控制。不幸的是，尽管提供高度安全和灵活的访问机制是一项非常艰巨的任务，但对于大多数电子商务公司而言，它不能被视为一项核心能力。因此，出现了将这些服务外包或至少与其他实体共享的需求。身份验证和授权基础结构（AAI）可以提供这种集成的安全服务联合。他们尤其可以提供基于属性的访问控制（ABAC）机制，并调解客户对隐私的需求和供应商对信息的需求。我们提出了一个AAI参考模型，其中包括基于XACML标准的ABAC功能以及从各种现有AAI中汲取的经验教训。分析的AAI是AKENTI，CARDEA，CAS，GridShib，Liberty ID-FF，Microsoft .NET Passport，PAPI，PERMIS，Shibboleth和VOMS。

著录项

来源
《E-Commerce and Web Technologies; Lecture Notes in Computer Science; 4082》|2006年|P.132-141|共10页
会议地点 Krakow(PL)
作者
Christian Schlaeger; Manuel Sojer; Bjoern Muschall; Guenther Pernul;
展开▼
作者单位

University of Regensburg, Universitaetsstrasse 31, D-93053 Regensburg, Germany;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类计算机网络;商业企业组织与管理;
关键词

相似文献

外文文献
中文文献
专利

1. On the effects of authentication and authorisation infrastructures on e-commerce environments [J] . Christian Schlaeger, Thomas Nowey International Journal of Computer Systems Science & Engineering . 2007,第5期

机译：关于身份验证和授权基础结构对电子商务环境的影响
2. Authentication and authorisation infrastructure for the mobility of users of academic libraries - An overview of developments [J] . Hudomalj E, Jauk A Program: Automated Library and Information Systems . 2006,第1期

机译：用于大学图书馆用户移动性的身份验证和授权基础结构-发展概况
3. A framework towards enhancing trust and authorisation for e-commerce service [J] . George S. Oreku, Jianzhong Li, Fredrick J. Mtenzi International Journal of Internet Technology and Secured Transactions . 2009,第3a4期

机译：增强对电子商务服务的信任和授权的框架
4. Attribute-Based Authentication and Authorisation Infrastructures for E-Commerce Providers [C] . Christian Schlaeger, Manuel Sojer, Bjoern Muschall, E-Commerce and Web Technologies; Lecture Notes in Computer Science; 4082 . 2006

机译：电子商务提供商的基于属性的身份验证和授权基础结构
5. Attribute-based access control models and implementation in cloud infrastructure as a service. [D] . Jin, Xin. 2014

机译：云基础架构即服务中基于属性的访问控制模型和实现。
6. Common ELIXIR Service for Researcher Authentication and Authorisation [O] . Mikael Linden, Michal Prochazka, Ilkka Lappalainen, -1

机译：用于研究人员身份验证和授权的通用ELIXIR服务
7. Enabling Attribute-based Access Control in Authentication and Authorisation Infrastructures [O] . Schläger Christian, Priebe Torsten, Liewald Manuel, 2007

机译：在身份验证和授权基础结构中启用基于属性的访问控制

Attribute-Based Authentication and Authorisation Infrastructures for E-Commerce Providers

摘要

著录项

相似文献

相关主题

期刊订阅