User consent acquisition system for Japanese Shibboleth-based academic federation (GakuNin) Online publication date: Sat, 28-Mar-2015
by Tananun Orawiwattanakul, Kazutsuna Yamaji, Motonori Nakamura, Toshiyuki Kataoka, Noboru Sonehara
International Journal of Grid and Utility Computing (IJGUC), Vol. 2, No. 4, 2011
Abstract: Shibboleth provides a federated single sign-on and an attribute exchange framework through its use of the security assertion markup language (SAML). One of major challenges for Shibboleth is the release of the user's information from an identity provider (IdP) to the service provider (SP) without prior consent of the user, and this may not comply with the privacy laws in some countries. This paper presents the requirements of a user consent acquisition system (UCAS) and a discussion on the existing UCASs for utilising GakuNin (Japanese academic federation) and the UCAS that we developed and call uApprove.jp. uApprove.jp is an extension of uApprove to enable users to control the release of optional attributes (user-attribute-filter) and to re-request the user consent if his/her information has changed (attribute-value check).
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Grid and Utility Computing (IJGUC):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com