Title: Unified identity authentication scheme of system wide information management based on SAML-PKI-LDAP

Authors: Lizhe Zhang; Zhuoning Bai; Zhijun Wu; Kenian Wang

Addresses: School of Safety Science and Engineering, Civil Aviation University of China, Tianjin 300300, China ' School of Safety Science and Engineering, Civil Aviation University of China, Tianjin 300300, China ' School of Safety Science and Engineering, Civil Aviation University of China, Tianjin 300300, China ' School of Safety Science and Engineering, Civil Aviation University of China, Tianjin 300300, China

Abstract: System wide information management (SWIM) is a platform to share and exchange information on the new air traffic management (ATM) services between different departments and systems in the civil aviation field. Through the connection of SWIM and various application services, a virtual information pool is formed to solve the interconnection issues of different systems. To ensure data security in the system and quick authentication of legitimate users, we propose a unified identity authentication scheme for SWIM. This scheme improves the security assertion markup language (SAML) cross-domain authentication model and integrates it with the public key infrastructure (PKI) authentication system and lightweight directory access protocol (LDAP). Experimental results show that this scheme realises the functions of user management, identity authentication, and cross-domain access, which can meet requirements of the SWIM gateway.

Keywords: system wide information management; SWIM; security assertion markup language; SAML; identity authentication; digital certificate; directory access protocol.

DOI: 10.1504/IJICS.2023.134959

International Journal of Information and Computer Security, 2023 Vol.22 No.2, pp.186 - 209

Received: 12 Nov 2021
Accepted: 14 Feb 2022
Published online: 22 Nov 2023 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article