| Presentation | 2011-11-28 Toward Robust Pseudonymity in SAML/Shibboleth Federation against Backflow of Personal Information Wataru OOGAMI, Takaaki KOMURA, Yasuo OKABE, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | In conventional frameworks for Shibboleth, the SP has to log the usage history of users by an exchanged ID (including attributes), thus only the IdP can analyze SP's usage logs. If the IdP can look usage logs, it can touch user's privacy information. We define such flow of information as "backflow". We propose a countermeasure protocol against the backflow between the IdP and the SP by using a new ID, named hashedID. In our new approach, the IdP cannot analyze the usage logs because Attribute Provider (AP) transforms an ID the IdP known to unknown one, as hashedID. This approach enables the use of more secure SAML/Shibboleth without sharing personal information by the IdP. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | SAML/Shibboleth / Pseudonymity / SSO / Backflow of privacy information |
| Paper # | IA2011-35 |
| Date of Issue |
| Conference Information | |
| Committee | IA |
|---|---|
| Conference Date | 2011/11/21(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Internet Architecture(IA) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Toward Robust Pseudonymity in SAML/Shibboleth Federation against Backflow of Personal Information |
| Sub Title (in English) | |
| Keyword(1) | SAML/Shibboleth |
| Keyword(2) | Pseudonymity |
| Keyword(3) | SSO |
| Keyword(4) | Backflow of privacy information |
| 1st Author's Name | Wataru OOGAMI |
| 1st Author's Affiliation | Graduate School of Informatics, Kyoto University() |
| 2nd Author's Name | Takaaki KOMURA |
| 2nd Author's Affiliation | Institute for Information Management and Communication, Kyoto University |
| 3rd Author's Name | Yasuo OKABE |
| 3rd Author's Affiliation | Academic Center for Computing and Media Studies of Kyoto University |
| Date | 2011-11-28 |
| Paper # | IA2011-35 |
| Volume (vol) | vol.111 |
| Number (no) | 321 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |