China
Africa
Explore chapters and articles related to this topic
Identities
Published in Jianbin Gao, Qi Xia, Kwame Omono Asamoah, Bonsu Adjei-Arthur, Smart Cities, 2023
Jianbin Gao, Qi Xia, Kwame Omono Asamoah, Bonsu Adjei-Arthur
Identity has gone through four stages: centralized, federated, user-centric, and self-sovereign. Central identity: Control by a single expert or hierarchy. For example, while issuing a national ID card, the government oversees and stores all personal data in one central database.Federated identity: It enables sharing of IDs and attributes among organizations in a defined circle of trust, such as citizens using national identity providers.User-centric identity: By decentralizing identity, clients can have greater protection and control over their personal data.Self-sovereign identity: An individual has sole control over their account and personal information. They can be independent of central authorities if they are sovereign.
Reliable Data Transmission Using Biometric Authentication Methodology in IoT
Published in Syed Rameem Zahra, Mohammad Ahsan Chishti, Security and Privacy in the Internet of Things, 2020
An architectural model suggestion aims to secure the system (Barreto, Celesti, Villari, Fazio, & Puliafito, 2015). The work considers two scenarios: accessing the IoT devices directly, and accessing the same through cloud services (Aazam, Khan, Alsaffar, & Huh, 2014). The proposal considers the identity-provider–service-provider model. The system provides a single sign-in option, and using this authentication methodology, the system can gain access to all the service providers that are accessible by the respective identity provider. The work considers two types of models: basic and advanced versions. In the basic version, the cloud behaves as a service provider in the first phase. In the second, it authenticates the IoT device on behalf of the basic user. In the advanced version, the system provides the admin, cloud platform, and the manufacturer to access the IoT device for further maintenance activities.
Security
Published in Haishi Bai, Zen of Cloud, 2019
In a claim-based architecture, the online authority that performs authentication is called an Identity Provider (IdP). The service that delegates authentication to others is called a Relying Party (RP) or a Service Provider (SP). The IdP authenticates a user using one or more methods such as password and certificates, and generates a security token, which contains claims on the user's attributes. Consider the scenario when you check in to a flight: Before you go to the airport, you need to first acquire a security token (your passport), which is issued by an IdP (your country) trusted by the RP (the airline). The airline verifies your token, extracts necessary claims (your name), and assigns a role (first class passenger) to you.
A Blockchain Based Decentralized Identifiers for Entity Authentication in Electronic Health Records
Published in Cogent Engineering, 2022
Manoj T, Krishnamoorthi Makkithaya, Narendra V G
In a civilized world, the identification of an entity (human, organization or a thing) is of paramount importance for performing the transactions or generating data in diversified domains such as finance, governance, healthcare, education, social networking, logistics, etc. With the help of an identifier, a claimant entity is able to prove to the verifying entity about its existence in a specific ecosystem. In the case of a human or organization, an identity provider (IDP) is involved in issuing an identity for availing the benefit of various services. When an entity uses these identifiers while operating with third parties, it may suffer from loss/theft of identity, masquerading/spoofing the identity, loss of privacy, interoperability. Besides this, the centralized management system controls most of these identifiers, which may lead to a single point of failure if it gets compromised.
An evaluation of three designs to engage users when providing their consent on smartphones
Published in Behaviour & Information Technology, 2021
Daniel Lindegren, Farzaneh Karegar, Bridget Kane, John Sören Pettersson
Registration to a service provider can be carried out by directly completing a form, or using an identity provider (IdP) if offered by the service provider. In contrast to the direct registration method for SPs, using an identity provider relieves users of the need to remember many sets of usernames and passwords. On one hand, using an IdP is less time consuming because the personal information is forwarded directly from the IdP to the SP. On the other hand, the identity provider learns to which services, and when, its customers communicate while having access to the plain-text personal data. For example, nowadays we have social networks which also act as IdPs. Such IdPs gradually build detailed user profiles from users' data which is a privacy threat for individuals. To reduce the effects of providing convenience at the expense of privacy in the context of IdPs, some research, such as the CREDENTIAL project (Kostopoulos et al. 2017) on cloud technology for identity access management, has been conducted. That project provided solutions for privacy-preserving identity providers, which do not have access to the data in plain-text. The technology provides its services through a mobile app, the CREDENTIAL Wallet app, which acts as an IdP and a data access manager. Solutions such as the CREDENTIAL project, which benefits from new technologies such as proxy re-encryption (Hörandner et al. 2016), will not be fully effective for individuals in preserving their privacy without considering their understanding and awareness of data flow between service providers and identity providers.
Policy reconciliation for access control in dynamic cross-enterprise collaborations
Published in Enterprise Information Systems, 2018
D. Preuveneers, W. Joosen, E. Ilie-Zudor
Nowadays, state-of-practice identity and access management (IAM) systems already externalize authentication (i.e. ascertaining that somebody really is who he claims to be) and authorization (i.e. security rules that determine who is allowed to do what) from the main application. An IAM system relies on an identity provider (IdP) to describe subjects with different (types of) attributes (e.g. the profile, roles and credentials of a user within the organization). This way, security administrators can eliminate the need to maintain separate user credentials and access control policies for different services, hereby greatly simplifying the identity life cycle management of the users and their permissions within the trust boundaries of the enterprise (Belkadi et al. 2017).