Applying Directory Services to Enhance Identification, Authentication, and Authorization for B2B Applications
Yuan-Yuan Jiao (Nankai University, China), Jun Du (Tianjin University, China) and Jianxin ("Roger") Jiao (Nanyang Technological University, Singapore)
Copyright: © 2008
System-to-system integration is an essential aspect of Business-to-Business (B2B) organizations. This chapter proposes a common infrastructure model for B2B applications, referred to as the IAAIBB model. It aims to centralize the Identification, Authentication and Authorization (IAA) infrastructures and to provide easy interoperability among business partners. The key technique is to incorporate the directory service into business applications. The directory service acts as the core repository of the IAAIBB model to support all functions associated with identification,authentication and authorization. The chapter illustrates how IAAIBB enables a sound trust relationship for B2B applications, as well as the implementation of the IAAIBB model. Also reported is the evaluation of the IAAIBB model, which reveals a number of advantages. The IAAIBB model leverages on the strength of XML, the directory service, the PKI cryptography and role-based access control.