FAME: Adding Multi-Level Authentication to Shibboleth

The paper describes the design of FAME (Flexible Access Middleware Extension) architecture aimed at providing multi-level user authentication service for Shibboleth, which is endorsed by the Joint Information Systems Committee (JISC) as the next generation authentication and authorisation infrastruc...

Full description

Saved in:
Bibliographic Details
Published in2006 Second IEEE International Conference on e-Science and Grid Computing (e-Science'06) p. 157
Main Authors Nenadic, Aleksandra, Zhang, Ning, Chin, Jay, Goble, Carole
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.12.2006
Subjects
Access control
Authentication
Authorization
Computer architecture
Computer science
Cryptography
Engines
Feeds
Middleware
NIST
Online AccessGet full text

Cover

More Information
Summary:The paper describes the design of FAME (Flexible Access Middleware Extension) architecture aimed at providing multi-level user authentication service for Shibboleth, which is endorsed by the Joint Information Systems Committee (JISC) as the next generation authentication and authorisation infrastructure for the UK Higher Education community. FAME derives authentication assurance level based upon the strength of the authentication token and protocol used by the user when authenticating and feeds it to the PERMIS authorisation decision engine via Shibboleth to enable more fine-grained access control. In this way, access to resources is controlled according to the strength of the authentication method so that more sensitive resources may require users to identify themselves using a higher level of authentication.
ISBN:0769527345
9780769527345
DOI:10.1109/E-SCIENCE.2006.261044