Advanced Policies Management for the Support of the Administrative Delegation in Federated Systems

Gil Pérez, Manuel; López, Gabriel; Gómez Skarmeta, Antonio F.; Pasic, Aljosa

Home // International Journal On Advances in Security, volume 4, numbers 1 and 2, 2011 // View article

Advanced Policies Management for the Support of the Administrative Delegation in Federated Systems

Authors:
Manuel Gil Pérez
Gabriel López
Antonio F. Gómez Skarmeta
Aljosa Pasic

Keywords: administrative delegation, authorization policies, identity federation, access control

Abstract:
Current identity management systems are experiencing an increasing workload of their administrators in the management of the system policies, mainly derived from the sheer amount of policies they have to create and maintain. This problem is even more relevant in federated environments, where roaming users force them to authenticate and authorize people coming from other institutions. In this context, it is increasingly necessary to adopt new advanced policies for the administrative delegation, which allow balancing this workload among several delegates who will in turn have a much wider knowledge in the application area where these policies will be applied. In this paper, we present an infrastructure that manages the entire life cycle of the administrative delegation policies in federated environments, as well as a way for reducing the complexity in their management for some scenarios, especially on those where the delegates do not have to be experts in the subject area. These delegates will only have to fill in a simple template, which is automatically generated by our infrastructure. Finally, the applicability of the proposed infrastructure is measured with some performance results.

Pages: 67 to 79

Publication date: September 15, 2011

Published in: journal

ISSN: 1942-2636