論文誌 (国際) Authentication Trust Metric and Assessment for Federated Identity Management Systems
IEICE Transactions on Information and Systems
A formalization of authentication trust is proposed for federated identity management systems. Identity federation facilitates user interaction with Web services that control access, but it is more difficult for a service provider to evaluate the assurance of a user's identity if the creation and propagation of user authentication assertions involve different authentication authorities and mediators. On the basis of this formal representation, an aggregated trust value is calculated for evaluating the trustworthiness of a user's identity from the user's authentication assertions propagated through multiple entities while preventing misbehavior or threats to manipulate the trust value.