Risk Management for Dynamic Metadata Exchange via a Trusted Third Party

Daniela Pöhn

doi:10.5220/0005651702270234

Risk Management for Dynamic Metadata Exchange via a Trusted Third Party

Daniela Pöhn

2016

Abstract

Inter-organizational access to IT services based on the predominant standard of Federated Identity Management (FIM), the Security Assertion Markup Language (SAML), suffers from scalability issues related to metadata exchange. In order to overcome these issues, an approach for automated metadata exchange between Identity Provider (IDP) and Service Provider (SP) via a Trusted Third Party (TTP) is presented in this article. Based on the architecture, risk management with threats and counter measures is applied by using a risk management template. Special emphasis is put on the secure design of the automated metadata exchange.

Download

Paper Citation

in Harvard Style

Pöhn D. (2016). Risk Management for Dynamic Metadata Exchange via a Trusted Third Party . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 227-234. DOI: 10.5220/0005651702270234

in Bibtex Style

@conference{icissp16,
author={Daniela Pöhn},
title={Risk Management for Dynamic Metadata Exchange via a Trusted Third Party},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={227-234},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005651702270234},
isbn={978-989-758-167-0},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Risk Management for Dynamic Metadata Exchange via a Trusted Third Party
SN - 978-989-758-167-0
AU - Pöhn D.
PY - 2016
SP - 227
EP - 234
DO - 10.5220/0005651702270234