Dynamically selecting an identity provider for a single sign-on request
作者: William J. O'Donnell , William D. Dodd , Chunlong Liang , Eduardo N. Spring
DOI:
关键词:
摘要: An identity provider (IdP) discovery service operative at a (SP) is described. In operation, and as valid requests are received by the SP via normal IdP-initiated flows, builds-up knowledge about relationship between IdP (that redirected request) initiator of request. The instance typically inferred from an HTTP referrer field, information may be ascertained client-specific information, such client system IP address, DNS domain, domain user e-mail target URL for incoming request, or value associated with particular header field. This maintained in one more mapping table(s) that associate request attributes-to-IdP data. mappings then used to facilitate new has been determined originate other than IdP.
lens.org 参考文章(12)
John Harold Woelfel, Terrence Peter Woloszyn, System and method of federated authentication with reverse proxy ,(2012)
Dolapo Falola, Heather Hinton, Anthony Moran, Method and system for establishing federation relationships through imported configuration files ,(2004)
Michael J. Kerrigan, Robert John Paganetti, Jane B. Marcus, Patrick Charles Mancuso, David Scott Kern, Alan D. Eldridge, Secure configuration catalog of trusted identity providers ,(2012)
Avishay Sharaga, Achim Luft, Multi-hop single sign-on (SSO) for identity provider (IdP) roaming/proxy ,(2011)
Heather M. Hinton, Peter Rodriguez, Jeb Linton, Steven A. Bade, Cross-protocol federated single sign-on (F-SSO) for cloud enablement ,(2010)
Frederique Biennier, Youakim Badr, Zensho Nakao, Layth Sliman, Nicolas Salatge, Single Sign-On Integration in a Distributed Enterprise Service Bus 2009 International Conference on Network and Service Security. pp. 1- 5 ,(2009)
Dolapo Martin Falola, Heather Maria Hinton, Ivan Matthew Milman, Patrick Ryan Wardrop, Anthony Scott Moran, Specializing Support For A Federation Relationship ,(2009)
Il Kon Kim, Zeeshan Pervez, Asad Masood Khattak, Sungyoung Lee, None, Chord Based Identity Management for e-Healthcare Cloud Applications 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet. pp. 391- 394 ,(2010) , 10.1109/SAINT.2010.68
Axel Busboom, Service provider anonymization in a single sign-on system ,(2003)