WEKO3
アイテム
Centralized Control of Account Migration at Single Sign-On in Shibboleth
https://ipsj.ixsq.nii.ac.jp/records/214344
https://ipsj.ixsq.nii.ac.jp/records/214344743668a5-0087-4284-a191-f399a657f6c9
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL6212011.pdf (1.4 MB)
|
Copyright (c) 2021 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Journal(1) | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2021-12-15 | |||||||||
| タイトル | ||||||||||
| タイトル | Centralized Control of Account Migration at Single Sign-On in Shibboleth | |||||||||
| タイトル | ||||||||||
| 言語 | en | |||||||||
| タイトル | Centralized Control of Account Migration at Single Sign-On in Shibboleth | |||||||||
| 言語 | ||||||||||
| 言語 | eng | |||||||||
| キーワード | ||||||||||
| 主題Scheme | Other | |||||||||
| 主題 | [特集:デジタル社会の情報セキュリティとトラスト] authentication, identity management, Single Sign-On, Shibboleth, SimpleSAMLphp | |||||||||
| 資源タイプ | ||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||
| 資源タイプ | journal article | |||||||||
| 著者所属 | ||||||||||
| Graduate School of Informatics, Kyoto University/Presently with KDDI Corporation | ||||||||||
| 著者所属 | ||||||||||
| Academic Center for Computing and Media Studies, Kyoto University | ||||||||||
| 著者所属(英) | ||||||||||
| en | ||||||||||
| Graduate School of Informatics, Kyoto University / Presently with KDDI Corporation | ||||||||||
| 著者所属(英) | ||||||||||
| en | ||||||||||
| Academic Center for Computing and Media Studies, Kyoto University | ||||||||||
| 著者名 |
Satsuki, Nishioka
× Satsuki, Nishioka
× Yasuo, Okabe
|
|||||||||
| 著者名(英) |
Satsuki, Nishioka
× Satsuki, Nishioka
× Yasuo, Okabe
|
|||||||||
| 論文抄録 | ||||||||||
| 内容記述タイプ | Other | |||||||||
| 内容記述 | Single Sign-On (SSO) is adopted to use multiple services with a single log-in on the Internet. However, when a user tries to change the identity provider (IdP) which is responsible for authenticating the user, he needs to release the binding between the log-in account on the migration-source IdP and his service account on each service provider (SP) and needs to set a new binding between the account on the migration-destination IdP and the service account on the SP. There is no common migration system to support migration using the SSO function. In this research, we focus especially on Shibboleth's function as an SSO service. We propose a protocol to migrate accounts of a user on multiple SPs at once using an attribute provider (AP) in an SSO environment. We have implemented the mechanism as an open-source software using SimpleSAMLphp. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.29(2021) (online) DOI http://dx.doi.org/10.2197/ipsjjip.29.769 ------------------------------ |
|||||||||
| 論文抄録(英) | ||||||||||
| 内容記述タイプ | Other | |||||||||
| 内容記述 | Single Sign-On (SSO) is adopted to use multiple services with a single log-in on the Internet. However, when a user tries to change the identity provider (IdP) which is responsible for authenticating the user, he needs to release the binding between the log-in account on the migration-source IdP and his service account on each service provider (SP) and needs to set a new binding between the account on the migration-destination IdP and the service account on the SP. There is no common migration system to support migration using the SSO function. In this research, we focus especially on Shibboleth's function as an SSO service. We propose a protocol to migrate accounts of a user on multiple SPs at once using an attribute provider (AP) in an SSO environment. We have implemented the mechanism as an open-source software using SimpleSAMLphp. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.29(2021) (online) DOI http://dx.doi.org/10.2197/ipsjjip.29.769 ------------------------------ |
|||||||||
| 書誌レコードID | ||||||||||
| 収録物識別子タイプ | NCID | |||||||||
| 収録物識別子 | AN00116647 | |||||||||
| 書誌情報 |
情報処理学会論文誌 巻 62, 号 12, 発行日 2021-12-15 |
|||||||||
| ISSN | ||||||||||
| 収録物識別子タイプ | ISSN | |||||||||
| 収録物識別子 | 1882-7764 | |||||||||
