Identity management refers to the process of representing and recognising entities as digital identities in computer networks. Authentication, which is an integral part of identity management, serves to verify claims about holding specific identities. Identity management is therefore fundamental to, and sometimes include, other security constructs such as authorisation and access control. Different identity management models will have different trust requirements. Since there are costs associated with establishing trust, it will be an advantage to have identity management models with simple trust requirements. The purpose of this paper is to describe trust problems in current approaches to identity management, and to propose some solutions. |
Cite as: Josang, A., Fabre, J., Hay, B., Dalziel, J. and Pope, S. (2005). Trust Requirements in Identity Management. In Proc. Third Australasian Information Security Workshop (AISW 2005), Newcastle, Australia. CRPIT, 44. Safavi-Naini, R., Montague, P. and Sheppard, N., Eds. ACS. 99-108. |