{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00214344","sets":["581:10433:10445"]},"path":["10445"],"owner":"44499","recid":"214344","title":["Centralized Control of Account Migration at Single Sign-On in Shibboleth "],"pubdate":{"attribute_name":"公開日","attribute_value":"2021-12-15"},"_buckets":{"deposit":"c7df59e1-44ac-4cf4-89c9-3a5c0bf625f6"},"_deposit":{"id":"214344","pid":{"type":"depid","value":"214344","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"Centralized Control of Account Migration at Single Sign-On in Shibboleth ","author_link":["550053","550054","550052","550051"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Centralized Control of Account Migration at Single Sign-On in Shibboleth "},{"subitem_title":"Centralized Control of Account Migration at Single Sign-On in Shibboleth ","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"[特集:デジタル社会の情報セキュリティとトラスト] authentication, identity management, Single Sign-On, Shibboleth, SimpleSAMLphp","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2021-12-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Informatics, Kyoto University／Presently with KDDI Corporation"},{"subitem_text_value":"Academic Center for Computing and Media Studies, Kyoto University"}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Informatics, Kyoto University / Presently with KDDI Corporation","subitem_text_language":"en"},{"subitem_text_value":"Academic Center for Computing and Media Studies, Kyoto University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"eng"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/214344/files/IPSJ-JNL6212011.pdf","label":"IPSJ-JNL6212011.pdf"},"date":[{"dateType":"Available","dateValue":"2023-12-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL6212011.pdf","filesize":[{"value":"1.4 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"5"},{"tax":["include_tax"],"price":"0","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"e6c43900-7d8b-44ea-940c-b3630e03ea2c","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2021 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Satsuki, Nishioka"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yasuo, Okabe"}],"nameIdentifiers":[{}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Satsuki, Nishioka","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yasuo, Okabe","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"Single Sign-On (SSO) is adopted to use multiple services with a single log-in on the Internet. However, when a user tries to change the identity provider (IdP) which is responsible for authenticating the user, he needs to release the binding between the log-in account on the migration-source IdP and his service account on each service provider (SP) and needs to set a new binding between the account on the migration-destination IdP and the service account on the SP. There is no common migration system to support migration using the SSO function. In this research, we focus especially on Shibboleth's function as an SSO service. We propose a protocol to migrate accounts of a user on multiple SPs at once using an attribute provider (AP) in an SSO environment. We have implemented the mechanism as an open-source software using SimpleSAMLphp.\n------------------------------\nThis is a preprint of an article intended for publication Journal of\nInformation Processing(JIP). This preprint should not be cited. This\narticle should be cited as: Journal of Information Processing Vol.29(2021) (online)\nDOI　http://dx.doi.org/10.2197/ipsjjip.29.769\n------------------------------","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Single Sign-On (SSO) is adopted to use multiple services with a single log-in on the Internet. However, when a user tries to change the identity provider (IdP) which is responsible for authenticating the user, he needs to release the binding between the log-in account on the migration-source IdP and his service account on each service provider (SP) and needs to set a new binding between the account on the migration-destination IdP and the service account on the SP. There is no common migration system to support migration using the SSO function. In this research, we focus especially on Shibboleth's function as an SSO service. We propose a protocol to migrate accounts of a user on multiple SPs at once using an attribute provider (AP) in an SSO environment. We have implemented the mechanism as an open-source software using SimpleSAMLphp.\n------------------------------\nThis is a preprint of an article intended for publication Journal of\nInformation Processing(JIP). This preprint should not be cited. This\narticle should be cited as: Journal of Information Processing Vol.29(2021) (online)\nDOI　http://dx.doi.org/10.2197/ipsjjip.29.769\n------------------------------","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicIssueDates":{"bibliographicIssueDate":"2021-12-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"12","bibliographicVolumeNumber":"62"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":214344,"updated":"2025-01-19T16:39:38.060648+00:00","links":{},"created":"2025-01-19T01:15:09.919596+00:00"}