Title: User consent acquisition system for Japanese Shibboleth-based academic federation (GakuNin)

Authors: Tananun Orawiwattanakul, Kazutsuna Yamaji, Motonori Nakamura, Toshiyuki Kataoka, Noboru Sonehara

Addresses: National Institute of Informatics, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo 101-8430, Japan. ' National Institute of Informatics, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo 101-8430, Japan. ' National Institute of Informatics, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo 101-8430, Japan. ' National Institute of Informatics, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo 101-8430, Japan. ' National Institute of Informatics, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo 101-8430, Japan

Abstract: Shibboleth provides a federated single sign-on and an attribute exchange framework through its use of the security assertion markup language (SAML). One of major challenges for Shibboleth is the release of the user|s information from an identity provider (IdP) to the service provider (SP) without prior consent of the user, and this may not comply with the privacy laws in some countries. This paper presents the requirements of a user consent acquisition system (UCAS) and a discussion on the existing UCASs for utilising GakuNin (Japanese academic federation) and the UCAS that we developed and call uApprove.jp. uApprove.jp is an extension of uApprove to enable users to control the release of optional attributes (user-attribute-filter) and to re-request the user consent if his/her information has changed (attribute-value check).

Keywords: GakuNin; Japanese Academic Federation; user consent; Shibboleth; uApprove; SAML; security assertion markup language; privacy laws.

DOI: 10.1504/IJGUC.2011.042944

International Journal of Grid and Utility Computing, 2011 Vol.2 No.4, pp.284 - 294

Received: 05 Jan 2011
Accepted: 05 Apr 2011

Published online: 08 Oct 2011 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article