| Download ( PDF | 916kB) |
A Reference Model for Authentication and Authorisation Infrastructures Respecting Privacy and Flexibility in b2c eCommerce
Schläger, Christian, Nowey, Thomas und Montenegro, Jose A. (2006) A Reference Model for Authentication and Authorisation Infrastructures Respecting Privacy and Flexibility in b2c eCommerce. In: Proc. First International Conference on Availability, Reliability and Security (ARES 2006). IEEE Computer Society Conference Publishing Services, Los Alamitos, S. 709-716.Veröffentlichungsdatum dieses Volltextes: 05 Aug 2009 13:22
Buchkapitel
DOI zum Zitieren dieses Dokuments: 10.5283/epub.239
Zusammenfassung
Authentication and Authorisation Infrastructures (AAIs) are gaining momentum throughout the Internet. Solutions have been proposed for various scenarios among them academia, GRID computing, company networks, and above all eCommerce applications. Products and concepts vary in architecture, security features, target group, and usability containing different strengths and weaknesses. In addition ...
Authentication and Authorisation Infrastructures (AAIs) are gaining momentum throughout the Internet. Solutions have been proposed for various scenarios among them academia, GRID computing, company networks, and above all eCommerce applications. Products and concepts vary in architecture, security features, target group, and usability containing different strengths and weaknesses. In addition security needs have changed in communication and business processes. Security on the internet is no longer defined as only security measures for an eCommerce provider against an untrustworthy customer but also vice versa. Consequently, privacy, data canniness, and security are demands in this area.
The authors define criteria for an eCommerce provider federation using an AAI with a maximum of privacy and flexibility. The criteria is derived concentrating on b2c eCommerce applications fulfilling the demands. In addition to best practices found, XACML policies and an attribute infrastructure are deployed. Among the evaluated AAIs are Shibboleth, Microsoft Passport, the Liberty Alliance Framework, and PERMIS.
Alternative Links zum Volltext
Beteiligte Einrichtungen
Details
| Dokumentenart | Buchkapitel |
| Titel eines Journals oder einer Zeitschrift | Proceedings of The First International Conference on Availability, Reliability and Security (ARES'06) |
| Buchtitel: | Proc. First International Conference on Availability, Reliability and Security (ARES 2006) |
|---|---|
| Verlag: | IEEE Computer Society Conference Publishing Services |
| Ort der Veröffentlichung: | Los Alamitos |
| Seitenbereich: | S. 709-716 |
| Datum | 2006 |
| Institutionen | Wirtschaftswissenschaften > Institut für Wirtschaftsinformatik > Entpflichtete oder im Ruhestand befindliche Professoren > Lehrstuhl für Wirtschaftsinformatik IV - Management der Informationssicherheit (Prof. Dr.-Ing. Hannes Federrath) |
| Stichwörter / Keywords | Security in general (overviews/surveys) |
| Dewey-Dezimal-Klassifikation | 300 Sozialwissenschaften > 330 Wirtschaft |
| Status | Veröffentlicht |
| Begutachtet | Ja, diese Version wurde begutachtet |
| An der Universität Regensburg entstanden | Ja |
| URN der UB Regensburg | urn:nbn:de:bvb:355-epub-2392 |
| Dokumenten-ID | 239 |
Bibliographische Daten exportieren
Nur für Besitzer und Autoren: Kontrollseite des Eintrags
Downloadstatistik
Downloadstatistik