SUNFISH ID1v2 – Identity Management and Access Control at Work

SUNFISH WG

Research output: Other contributionResearch

Abstract

ID1v2 is the last deliverable related to the identity management and access control. In previous deliverables, we have defined the overall architecture, process flows and provided the implementa-tion details on relevant aspects of data security (DS) and identity management (IDM) components [1, 2, 3]. ID3v1 established the integrated and extended view of these contributions [4].
This integration deliverable deals with the implementation phase of both components, providing a view on their deployment and configuration aspects. In this document, we provide guidelines on deployment of DS components at infrastructure and service tenants using two deployment ap-proaches. We also provide an overview of the performance characteristics of such systems consid-ering several representative configurations. In addition, we describe the application of DS and IDM, including their connected application, using respective demonstrators that rely on data masking and anonymization components for imposing dynamic resource transformations over cross-domain ser-vice-based interactions. Our second demonstrator integrates Austrian eID to showcase the integra-tion of typical multifactor, standards-based identity management infrastructure for the authentica-tion of users and system administrators.
Additionally, we reported latest research outcomes that, based on the Service Ledger infrastructure, aim at proposing the design of new blockchain-based solutions for access control and identity man-agement within a Cloud federation.
Original languageEnglish
TypeDeliverable for H2020 SUNFISH Project
Publication statusPublished - Nov 2017

Fingerprint

Access control
Security of data

Cite this

SUNFISH ID1v2 – Identity Management and Access Control at Work. / SUNFISH WG.

2017, Deliverable for H2020 SUNFISH Project.

Research output: Other contributionResearch

@misc{c99324e2c1e146bc8a5d5e2994a19577,
title = "SUNFISH ID1v2 – Identity Management and Access Control at Work",
abstract = "ID1v2 is the last deliverable related to the identity management and access control. In previous deliverables, we have defined the overall architecture, process flows and provided the implementa-tion details on relevant aspects of data security (DS) and identity management (IDM) components [1, 2, 3]. ID3v1 established the integrated and extended view of these contributions [4].This integration deliverable deals with the implementation phase of both components, providing a view on their deployment and configuration aspects. In this document, we provide guidelines on deployment of DS components at infrastructure and service tenants using two deployment ap-proaches. We also provide an overview of the performance characteristics of such systems consid-ering several representative configurations. In addition, we describe the application of DS and IDM, including their connected application, using respective demonstrators that rely on data masking and anonymization components for imposing dynamic resource transformations over cross-domain ser-vice-based interactions. Our second demonstrator integrates Austrian eID to showcase the integra-tion of typical multifactor, standards-based identity management infrastructure for the authentica-tion of users and system administrators.Additionally, we reported latest research outcomes that, based on the Service Ledger infrastructure, aim at proposing the design of new blockchain-based solutions for access control and identity man-agement within a Cloud federation.",
author = "{SUNFISH WG} and Andreas Reiter and Bojan Suzic and Herbert Leitold and Alexander Marsalek and Bernd Pr{\"u}nster and Dominik Ziegler",
year = "2017",
month = "11",
language = "English",
type = "Other",

}

TY - GEN

T1 - SUNFISH ID1v2 – Identity Management and Access Control at Work

AU - SUNFISH WG

AU - Reiter, Andreas

AU - Suzic, Bojan

AU - Leitold, Herbert

AU - Marsalek, Alexander

AU - Prünster, Bernd

AU - Ziegler, Dominik

PY - 2017/11

Y1 - 2017/11

N2 - ID1v2 is the last deliverable related to the identity management and access control. In previous deliverables, we have defined the overall architecture, process flows and provided the implementa-tion details on relevant aspects of data security (DS) and identity management (IDM) components [1, 2, 3]. ID3v1 established the integrated and extended view of these contributions [4].This integration deliverable deals with the implementation phase of both components, providing a view on their deployment and configuration aspects. In this document, we provide guidelines on deployment of DS components at infrastructure and service tenants using two deployment ap-proaches. We also provide an overview of the performance characteristics of such systems consid-ering several representative configurations. In addition, we describe the application of DS and IDM, including their connected application, using respective demonstrators that rely on data masking and anonymization components for imposing dynamic resource transformations over cross-domain ser-vice-based interactions. Our second demonstrator integrates Austrian eID to showcase the integra-tion of typical multifactor, standards-based identity management infrastructure for the authentica-tion of users and system administrators.Additionally, we reported latest research outcomes that, based on the Service Ledger infrastructure, aim at proposing the design of new blockchain-based solutions for access control and identity man-agement within a Cloud federation.

AB - ID1v2 is the last deliverable related to the identity management and access control. In previous deliverables, we have defined the overall architecture, process flows and provided the implementa-tion details on relevant aspects of data security (DS) and identity management (IDM) components [1, 2, 3]. ID3v1 established the integrated and extended view of these contributions [4].This integration deliverable deals with the implementation phase of both components, providing a view on their deployment and configuration aspects. In this document, we provide guidelines on deployment of DS components at infrastructure and service tenants using two deployment ap-proaches. We also provide an overview of the performance characteristics of such systems consid-ering several representative configurations. In addition, we describe the application of DS and IDM, including their connected application, using respective demonstrators that rely on data masking and anonymization components for imposing dynamic resource transformations over cross-domain ser-vice-based interactions. Our second demonstrator integrates Austrian eID to showcase the integra-tion of typical multifactor, standards-based identity management infrastructure for the authentica-tion of users and system administrators.Additionally, we reported latest research outcomes that, based on the Service Ledger infrastructure, aim at proposing the design of new blockchain-based solutions for access control and identity man-agement within a Cloud federation.

UR - http://www.sunfishproject.eu

M3 - Other contribution

ER -