Towards Security Analyses of an Identity Federation Protocol for Web Services in Convergent Networks

13 years 6 months ago

Download www.cs.bham.ac.uk

— We describe a formal approach to the analysis of security aspects of an identity federation protocol for web services in convergent networks. This network protocol was proposed by Telecom Italia as a solution to allow end users to access services on the web through different access networks without explicitly providing any credentials, while the service providers can trust the user’s identity information provided by the access networks and access some user data. As a ﬁrst step towards a fullblown formal security analysis of the protocol, we specify three user scenarios in the process algebra Crypto-CCS and verify the vulnerability of one of these speciﬁcations w.r.t. a man-in-themiddle attack with the model checker PaMoChSA.

Maurice H. ter Beek, Corrado Moiso, Marinella Petr

Real-time Traffic

Access Networks | AICT 2007 | Communications | Identity Federation Protocol | User’s Identity Information |

claim paper

Added	18 Oct 2010
Updated	18 Oct 2010
Type	Conference
Year	2007
Where	AICT
Authors	Maurice H. ter Beek, Corrado Moiso, Marinella Petrocchi

Sciweavers

Towards Security Analyses of an Identity Federation Protocol for Web Services in Convergent Networks

Access Networks | AICT 2007 | Communications | Identity Federation Protocol | User’s Identity Information |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers