Naik, N., Jenkins, P. and Newell, D., 2017. Choice of suitable Identity and Access Management standards for mobile computing and communication. In: ICT 2017. 24th International Conference on Telecommunications "Intelligence in every form", 3-5 May 2017, Limassol, Cyprus.
Full text available as:
|
PDF
PID4738153-CameraReady-ICT-17-MobileCom-IAM-Naik-Jenkins-Newell 2 (2).pdf - Accepted Version Available under License Creative Commons Attribution Non-commercial No Derivatives. 576kB | |
Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk. Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material. |
Official URL: http://ict-2017.org/files/ICT_2017%20Programme_040...
Abstract
© 2017 IEEE. Enterprises have recognised the importance of personal mobile devices for business and official use. Employees and consumers have been freely accessing resources and services from their principal organisation and partners' businesses on their mobile devices, to improve the efficiency and productivity of their businesses. This mobile computing-based business model has one major challenge, that of ascertaining and linking users' identities and access rights across business partners. The parent organisation owns all the confidential information about users but the collaborative organisation has to verify users' identities and access rights to allow access to their services and resources. This challenge involves resolving how to communicate users' identities to collaborative organisations without sending their confidential information. Several generic Identity and Access Management (IAM) standards have been proposed, and three have become established standards: Security Assertion Markup Language (SAML), Open Authentication (OAuth), and OpenID Connect (OIDC). Mobile computing and communication have some specific requirements and limitations; therefore, this paper evaluates these IAM standards to ascertain suitable IAM to protect mobile computing and communication. This evaluation is based on the three types of analyses: Comparative analysis, suitability analysis and security vulnerability analysis of SAML, OAuth and OIDC.
Item Type: | Conference or Workshop Item (Paper) |
---|---|
Group: | Faculty of Science & Technology |
ID Code: | 29736 |
Deposited By: | Symplectic RT2 |
Deposited On: | 20 Sep 2017 14:03 |
Last Modified: | 14 Mar 2022 14:07 |
Downloads
Downloads per month over past year
Repository Staff Only - |