메뉴 건너뛰기




Volumn 18, Issue 4, 2010, Pages 541-572

Assurance for federated identity management

Author keywords

assurance; audit; federation; Identity management

Indexed keywords

FEDERATED IDENTITY; IDENTITY ASSURANCE; IDENTITY MANAGEMENT; IDENTITY MANAGEMENT SYSTEMS; IS ASSURANCE; MITIGATING RISK; MULTIPLE STAKEHOLDERS; SECURITY TECHNOLOGY;

EID: 77954717694     PISSN: 0926227X     EISSN: None     Source Type: Journal    
DOI: 10.3233/JCS-2009-0380     Document Type: Conference Paper
Times cited : (8)

References (34)
  • 1
    • 77954733286 scopus 로고    scopus 로고
    • 107th US Congress, available at:
    • 107th US Congress, Sarbanes Oxley Act, available at: http://frwebgate. access.gpo.gov/cgi-bin/ getdoc.cgi?dbname=107-cong-bills&docid=f:h3763enr. tst.pdf.
    • Sarbanes Oxley Act
  • 2
    • 27644498532 scopus 로고    scopus 로고
    • Enabling shard audit data
    • A. Baldwin and S. Shiu, Enabling shard audit data, Int. J. Inf. Secur. 4(4) (2005), 263-276.
    • (2005) Int. J. Inf. Secur. , vol.4 , Issue.4 , pp. 263-276
    • Baldwin, A.1    Shiu, S.2
  • 3
    • 77954691556 scopus 로고    scopus 로고
    • Using assurance models in IT audit engagements
    • October 2006 (currently internal report but being made external)
    • A. Baldwin, Y. Beres and S. Shiu, Using assurance models in IT audit engagements, HP Labs Technical Report HPL-2006-2148, October 2006 (currently internal report but being made external).
    • HP Labs Technical Report HPL- 2006-2148
    • Baldwin, A.1    Beres, Y.2    Shiu, S.3
  • 4
    • 33947411409 scopus 로고    scopus 로고
    • Using assurance models to aid the risk and governance lifecycle
    • available at:
    • A. Baldwin, Y. Beres and S. Shiu, Using assurance models to aid the risk and governance lifecycle, BT Technol. J. 25(1) (2007), 128-140; available at: http://hpl.hp.co.uk/techreports/2007/HPL-2007- 48.html.
    • (2007) BT Technol. J. , vol.25 , Issue.1 , pp. 128-140
    • Baldwin, A.1    Beres, Y.2    Shiu, S.3
  • 6
    • 77954729641 scopus 로고    scopus 로고
    • BITS Financial Services Roundtable, available at:
    • BITS Financial Services Roundtable, Financial institution shared assessments program, available at: http://www.bitsinfo.org/FISAP/index.php.
    • Financial Institution Shared Assessments Program
  • 9
    • 84942776290 scopus 로고    scopus 로고
    • Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services
    • TrustBus 2003 (DEXA 2003), Prague, 1-5 September 2003
    • M. Casassa Mont, S. Pearson and P. Bramhall, Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services, in: IEEE Workshop on Trust and Privacy in Digital Business 2003, TrustBus 2003 (DEXA 2003), Prague, 1-5 September 2003.
    • (2003) IEEE Workshop on Trust and Privacy in Digital Business
    • Casassa Mont, M.1    Pearson, S.2    Bramhall, P.3
  • 12
    • 77954756089 scopus 로고    scopus 로고
    • Continuous Control Monitoring: Enabling Rapid Response to Control Breakdowns
    • CCM, available at:
    • CCM, Continuous control monitoring: Enabling rapid response to control breakdowns, in research findings of Audit Director Roundtable, 2004, available at: http://www.audit.executiveboard. com/ADR/.
    • Research Findings of Audit Director Roundtable 2004
  • 13
    • 33947368645 scopus 로고    scopus 로고
    • Model-based security analysis in seven steps - A guided tour to the CORAS method
    • F. den Braber, I. Hogganvik, M. Lund, K. Stolen and F. Vraalsen, Model-based security analysis in seven steps - a guided tour to the CORAS method, BT Technol. J. 25(1) (2007), 101-117.
    • (2007) BT Technol. J. , vol.25 , Issue.1 , pp. 101-117
    • Den Braber, F.1    Hogganvik, I.2    Lund, M.3    Stolen, K.4    Vraalsen, F.5
  • 14
    • 35048841167 scopus 로고    scopus 로고
    • Requirements engineering meets trust management: Model, methodology and reasoning
    • Proceedings 2nd International Conference on Trust Management
    • P. Giorgini, F. Masacci, J.Myloupos and N. Zannone, Requirements engineering meets trust management: Model, methodology and reasoning, in: Proceedings 2nd International Conference on Trust Management, LNCS, Vol.2995, 2004.
    • (2004) LNCS , vol.2995
    • Giorgini, P.1    Masacci, F.2    Myloupos, J.3    Zannone, N.4
  • 16
    • 84990029315 scopus 로고    scopus 로고
    • The economics of information security investment
    • L. Gordon and M. Loeb, The economics of information security investment, ACM T. Inform. Sys. Sec. 5(4) (2002), 438-457.
    • (2002) ACM T. Inform. Sys. Sec. , vol.5 , Issue.4 , pp. 438-457
    • Gordon, L.1    Loeb, M.2
  • 17
    • 77954733641 scopus 로고    scopus 로고
    • Higgins Higgins Project, available at:
    • Higgins, Higgins Project, 2007, available at: http://www.eclipse.org/ higgins/.
    • (2007)
  • 19
    • 77954734963 scopus 로고    scopus 로고
    • Information Systems Audit and Control Association (ISACA) available at:
    • Information Systems Audit and Control Association (ISACA), available at: http://www.isaca.org.
  • 22
    • 77954694976 scopus 로고    scopus 로고
    • Liberty Alliance, available at:
    • Liberty Alliance, Liberty Identity Assurance Framework, 2007, available at: http://www. projectliberty.org/liberty/content/download/3736/24651/file/ liberty-identity-assurance-frameworkv1.0. pdf.
    • (2007) Liberty Identity Assurance Framework
  • 23
    • 77954735771 scopus 로고    scopus 로고
    • Liberty Alliance, available at:
    • Liberty Alliance, Identity Assurance Expert Group (IAEG), 2007, available at: http://www. projectliberty.org/liberty/strategic-initiatives/identity- assurance.
    • (2007) Identity Assurance Expert Group (IAEG)
  • 24
    • 77952405045 scopus 로고    scopus 로고
    • Liberty Alliance Project, available at:
    • Liberty Alliance Project, The Liberty Alliance Specs, 2007, available at: http://www. projectliberty.org/.
    • (2007) The Liberty Alliance Specs
  • 25
    • 77952404140 scopus 로고    scopus 로고
    • Planning to implement service management (IT Infrastructure Library)
    • available at
    • V. Lloyd, Planning to implement service management (IT Infrastructure Library), The Stationery Office Books, 2007, available at: http://www.itil.co. uk/publications.htm.
    • (2007) The Stationery Office Books
    • Lloyd, V.1
  • 26
    • 77954756807 scopus 로고    scopus 로고
    • available at:
    • Microsoft, Micorosft CardSpace initiative, 2006, available at: http://msdn2.microsoft.com/enus/ library/aa480189.aspx.
    • (2006) Micorosft CardSpace Initiative
  • 28
    • 77954746479 scopus 로고    scopus 로고
    • available at:
    • OpenId, OpenId Initiative, 2008, available at: http://www.openid.net.
    • (2008) OpenId Initiative
  • 29
    • 84970956571 scopus 로고    scopus 로고
    • A manager's guide to identity management and federated identity
    • L. Pang, A manager's guide to identity management and federated identity, Information Systems Control Journal 4 (2005).
    • (2005) Information Systems Control Journal , vol.4
    • Pang, L.1
  • 30
    • 84879424551 scopus 로고    scopus 로고
    • Payment Card Industry (PCI) available at:
    • Payment Card Industry (PCI), Data security standard, available at: https://www.pcisecuritystandards. org/pdfs/pci-dss-v1-1.pdf.
    • Data Security Standard
  • 34
    • 77954753347 scopus 로고    scopus 로고
    • The American Institute of Certified Public, available at:
    • The American Institute of Certified Public Accountants, Statement on Auditing Standards, No.70 (SAS 70), available at: http://www.aicpa.org/download/ members/div/auditstd/AU-00324.PDF.
    • Accountants, Statement on Auditing Standards, No. 70 (SAS 70)


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.