Claim-Based Versus Network-Based Identity Management: A Hybrid Approach

Provided by: Katholieke Universiteit Leuven
Topic: Security
Format: PDF
In this paper, the authors propose a hybrid approach that combines claim-based and network-based identity management. Partly by virtue of the principle of separation of concerns, better security and privacy properties are attained. Overall trust is diminished, while simultaneously reducing multiple actors' exposure and value as a target of attack. The proposed architecture also facilitates interoperability and pluralism of credential technologies, authentication protocols and operators. In addition, the user has more control over their personal data than with current network-based identity management systems.

Find By Topic