Trust Negotiation in Identity Management


Most organizations require the verification of personal information before providing services, and the privacy of such information is of growing concern. The authors show how federated identity management systems can better protect users' information when integrated with trust negotiation. In today's increasingly competitive business environment, more and more leading organizations are building Web-based infrastructures to gain the strategic advantages of collaborative networking. However, to facilitate collaboration and fully exploit such infrastructures, organizations must identify each user in the collaborative network as well as the resources each user is authorized to access. User identification and access control must be carried out so as to maximize user convenience and privacy without increasing organizations1 operational costs. A federation can serve as the basic context for determining suitable solutions to this issue. A federation is a set of organizations that establish trust relationships with respect to the identity information-the federated identity information-that is considered valid. A federated identity management system (idM) provides a group of organizations that collaborate with mechanisms for managing and gaining access to user identity information and other resources across organizational boundaries


access protocols, authentication, security, identity management systems, information security, markup languages, navigation, open systems, privacy, protection

Date of this Version



IEEE Security & Privacy, March-April 2007, Volume: 5 Issue:2
page(s): 55 - 63