WEKO3
アイテム
Linking Contexts from Distinct Data Sources in Zero Trust Federation
https://ipsj.ixsq.nii.ac.jp/records/233358
https://ipsj.ixsq.nii.ac.jp/records/233358b8d811d3-b033-4d4f-b3a9-89611edb5f56
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL6503005.pdf (521.5 kB)
2026年3月15日からダウンロード可能です。
|
Copyright (c) 2024 by the Information Processing Society of Japan
|
|
| 非会員:¥0, IPSJ:学会員:¥0, 論文誌:会員:¥0, DLIB:会員:¥0 | ||
| Item type | Journal(1) | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2024-03-15 | |||||||||||
| タイトル | ||||||||||||
| タイトル | Linking Contexts from Distinct Data Sources in Zero Trust Federation | |||||||||||
| タイトル | ||||||||||||
| 言語 | en | |||||||||||
| タイトル | Linking Contexts from Distinct Data Sources in Zero Trust Federation | |||||||||||
| 言語 | ||||||||||||
| 言語 | eng | |||||||||||
| キーワード | ||||||||||||
| 主題Scheme | Other | |||||||||||
| 主題 | [特集:well-beingなネットワーク環境構築のためのインターネットと運用技術(推薦論文)] access control, context and zero trust | |||||||||||
| 資源タイプ | ||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||
| 資源タイプ | journal article | |||||||||||
| 著者所属 | ||||||||||||
| Kyoto University | ||||||||||||
| 著者所属 | ||||||||||||
| Kyoto University | ||||||||||||
| 著者所属 | ||||||||||||
| Kyoto University | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Kyoto University | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Kyoto University | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Kyoto University | ||||||||||||
| 著者名 |
Masato, Hirai
× Masato, Hirai
× Daisuke, Kotani
× Yasuo, Okabe
|
|||||||||||
| 著者名(英) |
Masato, Hirai
× Masato, Hirai
× Daisuke, Kotani
× Yasuo, Okabe
|
|||||||||||
| 論文抄録 | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | An access control model called Zero Trust Architecture (ZTA) has attracted attention. ZTA uses the information of users and devices, called context, to verify access requests. Zero Trust Federation (ZTF) has been proposed as a framework for extending an idea of identity federation to support ZTA by sharing contexts among participants in the federation. ZTF defines Context Attribute Provider (CAP) as the entity that collects context and provides it to each organization (Relying Party; RP) that needs context for verification based on ZTA. For precise verification, CAPs need to collect context from various data sources. However, ZTF did not provide a method for collecting context from data sources other than RP although collecting contexts is essential to realize ZTF. In this research, as a general method for collecting context in ZTF, we propose a method of linking identifiers between the data source and CAP. Then, we implemented our method using RADIUS and MDM as data sources and confirmed that their contexts could be collected and used. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.32(2024) (online) DOI http://dx.doi.org/10.2197/ipsjjip.32.288 ------------------------------ |
|||||||||||
| 論文抄録(英) | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | An access control model called Zero Trust Architecture (ZTA) has attracted attention. ZTA uses the information of users and devices, called context, to verify access requests. Zero Trust Federation (ZTF) has been proposed as a framework for extending an idea of identity federation to support ZTA by sharing contexts among participants in the federation. ZTF defines Context Attribute Provider (CAP) as the entity that collects context and provides it to each organization (Relying Party; RP) that needs context for verification based on ZTA. For precise verification, CAPs need to collect context from various data sources. However, ZTF did not provide a method for collecting context from data sources other than RP although collecting contexts is essential to realize ZTF. In this research, as a general method for collecting context in ZTF, we propose a method of linking identifiers between the data source and CAP. Then, we implemented our method using RADIUS and MDM as data sources and confirmed that their contexts could be collected and used. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.32(2024) (online) DOI http://dx.doi.org/10.2197/ipsjjip.32.288 ------------------------------ |
|||||||||||
| 書誌レコードID | ||||||||||||
| 収録物識別子タイプ | NCID | |||||||||||
| 収録物識別子 | AN00116647 | |||||||||||
| 書誌情報 |
情報処理学会論文誌 巻 65, 号 3, 発行日 2024-03-15 |
|||||||||||
| ISSN | ||||||||||||
| 収録物識別子タイプ | ISSN | |||||||||||
| 収録物識別子 | 1882-7764 | |||||||||||
| 公開者 | ||||||||||||
| 言語 | ja | |||||||||||
| 出版者 | 情報処理学会 | |||||||||||
