Publication | Closed Access
User-controlled Privacy Protection with Attribute-filter Mechanism for a Federated SSO Environment Using Shibboleth
20
Citations
0
References
2010
Year
Unknown Venue
Service ProviderAuthentication AuthorizationPrivacy ProtectionEngineeringInformation SecurityVerificationAttribute-filter MechanismFormal VerificationHardware SecurityPrivacy SystemPrivacy EngineeringPrivacy Enhancing TechnologyJapanese Academic FederationPrivacy ServiceIdentity-based SecurityData PrivacyComputer ScienceData SecurityCryptographyShibboleth-based Sso SystemIdentity FederationUser-controlled Privacy ProtectionAuthentication Access Control
Shibboleth is a well-known software package for web single sign-on (SSO) based on several federated identity standards, including the Organization for the Advancement of Structured Information Standards (OASIS)' security assertion markup language (SAML) version 1.1 and 2.0. This paper describes uApprove.jp, a user consent acquisition system (UCAS) with an attribute-filter mechanism for a Shibboleth-based SSO system. uApprove.jp requests the user's consent for the release of his/her personal information from an identity provider (IdP) to a service provider (SP) and allows him/her to determine which attributes will be sent. uApprove.jp is an extension of approve, a UCAS for Shibboleth. Our development is for universities participating in GakuNin (a Japanese academic federation), but it can be utilized in other Shibboleth-based federations.