Modelling Architectures of Federated Identity Management Systems

Today’s dynamic and scalable collaborative systems demand not only to deal with functional but also some non-functional (e.g., security) requirements. For a secure inter-organisational collaboration scenario, Federated Identity Management systems (FIMs) provide a suitable mechanism to deal with access control. FIMs enable users of an organisation to access resources (or services) of the other trusted organisations in a secure and seamless way. More precisely, FIMs allow cross-domain user authentication to enable access control across organisations under the concept known as Circle of Trust (CoT). Patterns of FIMs emerged as recurring CoT scenarios due to the fact that each of these patterns has different security requirements. More importantly, organisations may join up or leave the CoT during the development life-cycle. Such a change in a FIM system may have an impact on its security requirements. Therefore, it is important to formally describe architectural and reconfiguration aspects of FIMs by considering their patterns. To this purpose, we propose • two UML models for FIMs where one model uses the standard UML notations to describe architectural aspects of FIMs while the other uses the UML profile in [33] to describe those aspects of FIMs together with their reconfigurations • a formal model for FIMs in ADR (Architectural Design Rewriting) to characterise their patterns by describing an architectural style together with style-preserving reconfigurations. We also study the adequacy of UML to describe architectural aspects of systems and compare it with ADR. Our comparison develops through the modelling of architectural and reconfiguration aspects of FIMs. In ADR, these aspects of FIMs are suitably represented through style-consistent (graphical) designs in terms of ADR productions. On the other hand, UML has limitations in expressing constraints over complex associations; also, UML seems to provide unsatisfactory support for presenting architectural styles in a general way. Overall, our investigation shows that UML has some drawbacks due to the complexity of diagrams, their proliferation, and the lack of a precise semantics that consistently relates them. ADR gives precise and simpler specifications for architectural design.