Change search
ReferencesLink to record
Permanent link

Direct link
Use of DANE to Improve the Security for Identity Federations
2012 (English)Independent thesis Basic level (professional degree), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

The identity of individuals need to be confirmed for various reasons, both in reality and on the Internet. Identity federations is a way to build a standard for online services similar to the one in real life with identification cards and signatures. However, there are more security aspects to take in to account online. This report analyse the security mechanism used to achieve data integrity in an identity federation and specifically the use of X.509 certificates. Also, an evaluation of the possibility to use DNS-Based Authentication of Named Entities (DANE) to improve the security for an identity federation. The report is a result of literature studies, practical work on setting up a test environment and discussions with experts. We conclude in the report that improvements can be made on how identity federations handle their own metadata and trust other entities metadata. DANE is today only a draft, but when DANE with TLS/TLSA becomes a RFC standard or when a standard for how DANE handles SAML certificates, it can be used to improve the initial trust bonding.

Place, publisher, year, edition, pages
2012. , 40 p.
Keyword [en]
Keyword [sv]
Teknik, Computer Security, DANE, DNSSEC, Identity Federations, SAML, Shibboleth
URN: urn:nbn:se:ltu:diva-55815Local ID: ca26a720-4c97-4fc6-bc14-d0dce08afe10OAI: diva2:1029199
Subject / course
Student thesis, at least 15 credits
Educational program
Computer Engineering, bachelor's level
Validerat; 20120620 (anonymous)Available from: 2016-10-04 Created: 2016-10-04Bibliographically approved

Open Access in DiVA

fulltext(998 kB)0 downloads
File information
File name FULLTEXT02.pdfFile size 998 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Bergendahl, SophiaHolmstedt, Christoffer

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

ReferencesLink to record
Permanent link

Direct link