@article{oai:ipsj.ixsq.nii.ac.jp:00214344,
 author = {Satsuki, Nishioka and Yasuo, Okabe and Satsuki, Nishioka and Yasuo, Okabe},
 issue = {12},
 journal = {情報処理学会論文誌},
 month = {Dec},
 note = {Single Sign-On (SSO) is adopted to use multiple services with a single log-in on the Internet. However, when a user tries to change the identity provider (IdP) which is responsible for authenticating the user, he needs to release the binding between the log-in account on the migration-source IdP and his service account on each service provider (SP) and needs to set a new binding between the account on the migration-destination IdP and the service account on the SP. There is no common migration system to support migration using the SSO function. In this research, we focus especially on Shibboleth's function as an SSO service. We propose a protocol to migrate accounts of a user on multiple SPs at once using an attribute provider (AP) in an SSO environment. We have implemented the mechanism as an open-source software using SimpleSAMLphp.
------------------------------
This is a preprint of an article intended for publication Journal of
Information Processing(JIP). This preprint should not be cited. This
article should be cited as: Journal of Information Processing Vol.29(2021) (online)
DOI　http://dx.doi.org/10.2197/ipsjjip.29.769
------------------------------, Single Sign-On (SSO) is adopted to use multiple services with a single log-in on the Internet. However, when a user tries to change the identity provider (IdP) which is responsible for authenticating the user, he needs to release the binding between the log-in account on the migration-source IdP and his service account on each service provider (SP) and needs to set a new binding between the account on the migration-destination IdP and the service account on the SP. There is no common migration system to support migration using the SSO function. In this research, we focus especially on Shibboleth's function as an SSO service. We propose a protocol to migrate accounts of a user on multiple SPs at once using an attribute provider (AP) in an SSO environment. We have implemented the mechanism as an open-source software using SimpleSAMLphp.
------------------------------
This is a preprint of an article intended for publication Journal of
Information Processing(JIP). This preprint should not be cited. This
article should be cited as: Journal of Information Processing Vol.29(2021) (online)
DOI　http://dx.doi.org/10.2197/ipsjjip.29.769
------------------------------},
 title = {Centralized Control of Account Migration at Single Sign-On in Shibboleth},
 volume = {62},
 year = {2021}
}