loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Abubakar-Sadiq Shehu 1 ; António Pinto 2 and Manuel E. Correia 3

Affiliations: 1 Department of Information Technology, FCSIT, Bayero University Kano, Kano, Nigeria, Department of Computer Science, Faculty of Science, University of Porto, Porto, Portugal ; 2 CRACS & INESC TEC, Porto, Portugal ; 3 Department of Computer Science, Faculty of Science, University of Porto, Porto, Portugal, CRACS & INESC TEC, Porto, Portugal

Keyword(s): Service Providers, Identity Provider, Authentication, Authorisation, Opend ID Connect, Attribute based Access Control, Public Key Cryptography.

Abstract: The evolutionary growth of information technology has enabled us with platforms that eases access to a wide range of electronic services. Typically, access to these services requires users to authenticate their identity, which involves the release, dissemination and processing of personal data by third parties such as service and identity providers. The involvement of these and other entities in managing and processing personal identifiable data has continued to raise concerns on privacy of personal information. Identity management systems (IdMs) emerged as a promising solution to address major access control and privacy issues, however most research works are focused on securing service providers (SPs) and the services provided, with little emphases on users privacy. In order to optimise users privacy and ensure that personal information are used only for intended purposes, there is need for authorisation systems that controls who may access what and under what conditions. However, for adoption data owners perspective must not be neglected. To address these issues, this paper introduces the concept of IdM and access control framework which operates with RESTful based services. The proposal provides a new level of abstraction and logic in access management, while giving data owner a decisive control over access to personal data using smartphone. The framework utilises Attribute based access control (ABAC) method to authenticate and authorise users, Open ID Connect (OIDC) protocol for data owner authorisation and Public-key cryptography to achieve perfect forward secrecy communication. The solution enables data owner to attain the responsibility of granting or denying access to their data, from a secured communication with an identity provider using a digitally signed token. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.239.3.196

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Shehu, A.; Pinto, A. and Correia, M. (2020). Providing Secured Access Delegation in Identity Management Systems. In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT; ISBN 978-989-758-446-6; ISSN 2184-7711, SciTePress, pages 638-644. DOI: 10.5220/0009892206380644

@conference{secrypt20,
author={Abubakar{-}Sadiq Shehu. and António Pinto. and Manuel E. Correia.},
title={Providing Secured Access Delegation in Identity Management Systems},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT},
year={2020},
pages={638-644},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009892206380644},
isbn={978-989-758-446-6},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT
TI - Providing Secured Access Delegation in Identity Management Systems
SN - 978-989-758-446-6
IS - 2184-7711
AU - Shehu, A.
AU - Pinto, A.
AU - Correia, M.
PY - 2020
SP - 638
EP - 644
DO - 10.5220/0009892206380644
PB - SciTePress