This chapter introduces the trust virtual organization as a means of facilitating authentication and authorization for sharing distributed and protected contents and services. It indicates that sharing institutional protected services and deliverables has proven a hurdle since user accounts are created in many sites. It provides an approach to solving this problem using virtual organizations with cross-institutional Single Sign On, with which users use their existing institutional accounts to login. This chapter also presents the challenges of building trust virtual organizations: managing users from distributed identity providers; managing services from distributed service providers; managing trust relationships between users and services, and authorizing the access privileges to users based on the trust relationships. It argues that the trust virtual organization increase the effectiveness of e-learning, e-research and e-business significantly. Furthermore, the authors hope that the trust virtual organization facilitates not only Webbased authentication and authorization, but also grid-based authentication and authorization.
Key Terms in this Chapter
User & Group Manager: A component maintains and provides the detail information of users who are authenticated by the trusted IdPs and groups organized for specific purposes.
Resource & Service: A resource or service provides the detail information of resources and services that are protected by the trusted SPs.
Identity Provider Manager: A component maintains and provides the detail information of multiple identity providers.
Goal-Oriented Workspace: A virtual place for distributed users to work together for a specific goal via sharing R&Ss, calendars, and workflows.
Trust Relationship Manager: A component maintains and provides the trust relationships between IdPs and SPs, and U&Gs, and R&Ss.
Service Provider: A service provides and protects resources and services. Those resources and services can only be accessed by the users who are authenticated by trusted identity providers.
Trust-Based Access Control: A function maps the trust relationships between U&Gs and R&Ss to the access behaviours.
Identity Provider: A service asserts the identities of users who are local to an institution running the provider. An identity provider can release the identities to some targets based on attribute release policies.
Service Provider Manager: A component maintains and provides the detail information of multiple service providers.
Complete Chapter List
Kathleen Blake Yancey
Pamela Estes Brewer
Christie L. McDaniel
Marie C. Paretti, Lisa D. McNair
Jamie S. Switzer
S. J. Overbeek, P. van Bommel, H. A. Proper, D. B.B. Rijsenbrij
Jamie S. Switzer
Bolanle A. Olaniran, David A. Edgell
Yulin Fang, Dev K. Dutta
Frankie S. Jones
J. Ramsay, M. Hair, K. V. Renaud
Belinda Davis Lazarus
William F. Ritke-Jones
Julia D. Sweeny
Parissa Haghirian, Bernd Simon
Christa Ehmann Powers, Beth L. Hewett
Terrie Lynn Thompson
Mona Florea, Lillian Rafeldt, Susan Youngblood
Alan McCord, Morell D. Boone
Kristie Edwards, Simeon Yates, Anne-Florence Dujardin, Geff Green
Clint Bowers, Peter A. Smith, Jan Cannon-Bowers, Denise Nicholson
Goran Vlasic, Jurica Pavicic, Zoran Krupka
Beth L. Hewett, Russell J. Hewett
Aizhong Lin, Erik Vullings, James Dalziel
James K. Ford, Tobias Höllerer
James R. Zimmerman
José A. Rodrigues Nt, Jano Moreira de Souza, Geraldo Zimbrão, Geraldo Xexéo, Mutaleci Miranda
Norman E. Youngblood, Joel West
David A. Edgell
Lei Lei Meng, Robert Schafer
Heinz D. Knoell
R. Todd Stephens
Wendy Warren Austin
Dana Lynn Driscoll, H. Allen Brizee, Michael Salvo, Morgan Sousa
Olena Igorivna Goroshko
María José Crisóstomo-Acevedo, José Aurelio Medina-Garrido
Michael J. Klein
Jayantha P. Liyanage