Authorize-then-Authenticate: Supporting Authorization Decisions Prior to Authentication in an Electronic Identity Infrastructure
Studies in Computational Intelligence, ISSN: 1860-9503, Vol: 868, Page: 313-322
2020
- 4Citations
- 5Captures
Metric Options: CountsSelecting the 1-year or 3-year option will change the metrics count to percentiles, illustrating how an article or review compares to other articles or reviews within the selected time period in the same journal. Selecting the 1-year option compares the metrics against other articles/reviews that were also published in the same calendar year. Selecting the 3-year option compares the metrics against other articles/reviews that were also published in the same calendar year plus the two years prior.
Example: if you select the 1-year option for an article published in 2019 and a metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019. If you select the 3-year option for the same article published in 2019 and the metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019, 2018 and 2017.
Citation Benchmarking is provided by Scopus and SciVal and is different from the metrics context provided by PlumX Metrics.
Example: if you select the 1-year option for an article published in 2019 and a metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019. If you select the 3-year option for the same article published in 2019 and the metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019, 2018 and 2017.
Citation Benchmarking is provided by Scopus and SciVal and is different from the metrics context provided by PlumX Metrics.
Conference Paper Description
Federated electronic identity systems are increasingly used in commercial and public services to let users share their identity across providers. We discuss authorization (prior to authentication) issues in the eIDAS federated European electronic identity infrastructure. In this scenario, each European country runs a national eIDAS node, which transfers personal attributes upon successful authentication of a person in his home country. Service Providers in foreign countries use these attributes to take (local) authorization decisions for the requested service. Our work addresses those scenarios where authorization is required prior to authentication (authorise-then-authenticate), that is when a service provider has to implement access control decisions before the person has been authenticated. This scenario applies for example in an user-centric network access service. We propose two models to perform authorise-then-authenticate in eIDAS, one working at application level and one at transport level, and we sketch a possible implementation scenario.
Bibliographic Details
http://www.scopus.com/inward/record.url?partnerID=HzOxMe3b&scp=85075548768&origin=inward; http://dx.doi.org/10.1007/978-3-030-32258-8_37; http://link.springer.com/10.1007/978-3-030-32258-8_37; http://link.springer.com/content/pdf/10.1007/978-3-030-32258-8_37; https://dx.doi.org/10.1007/978-3-030-32258-8_37; https://link.springer.com/chapter/10.1007/978-3-030-32258-8_37
Springer Science and Business Media LLC
Provide Feedback
Have ideas for a new metric? Would you like to see something else here?Let us know