SAML Pri­va­cy-En­han­cing Pro­fi­le

Mo­ritz Horsch, Max Tu­en­ger­thal, To­bi­as Wich

Open Iden­ti­ty Sum­mit 2014

Ab­stract

We pre­sent the SAML Pri­va­cy-En­han­cing (PE) pro­fi­le which em­powers users to take con­trol of the au­then­ti­ca­ti­on pro­cess and their per­so­nal data. Users have the full con­trol of the ap­p­li­ca­ti­on flow and get de­tai­led in­for­ma­ti­on about the in­vol­ved par­ti­ci­pants and the re­vea­led at­tri­bu­tes. This enables users to give in­for­med con­sent for the au­then­ti­ca­ti­on. The new pro­fi­le builds on well-es­ta­blis­hed stan­dards and tech­no­lo­gies. We use the com­mon SAML Au­then­ti­ca­ti­on Re­quest and pro­vi­de the ad­di­tio­nal in­for­ma­ti­on as ex­ten­si­ons based on SAML Met­a­da­ta.

Tags: