Ferraiolo, H.
(2012),
A Credential Reliability and Revocation Model for Federated Identities, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.7817
(Accessed April 20, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
A Credential Reliability and Revocation Model for Federated Identities
Published
Author(s)
Abstract
A large number of Identity Management Systems (IDMSs) are being deployed worldwide that use different technologies for the population of their users. With the diverse set of technologies, and the unique business requirements for organizations to federate, there is no uniform approach to the federation process. Similarly, there is no uniform method to revoke credentials or their associated attribute(s) in a federated community. In the absence of a uniform revocation method, this document seeks to investigate credential and attribute revocation with a particular focus on identifying missing requirements. This document first introduces and analyzes the different types of digital credentials and recommends missing revocation-related requirements for each model in a federated environment. As a second goal, and as a by-product of the analysis and recommendations, this paper suggests a credential reliability and revocation service that serves to eliminate the missing requirements.Citation
NIST Interagency/Internal Report (NISTIR) - 7817
Report Number
7817
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
authentication, , assertion, identity management, identity management system (IDMS), information, security, credential, identity attributes
Citation
Created November 29, 2012, Updated November 10, 2018