Interoperable Identity Management systems are prerequisite for novel user-centric services, which strongly rely on user identity attributes and security services. Future Identity Management systems have to include a discovery framework which will enable dynamic and automatic exchange of user identity attributes between services from different key-business areas, e.g. Internet, healthcare, e-government, e-banking, entertainment, etc. The framework should allow federating different user identities so that any of them would be sufficient to bootstrap trust relation between the user and any service. The first and fundamental step to achieve the two goals is the discovery of multiple user identities, usually unrelated to each other and hosted by a distributed environment of independent identifier domains. Current discovery mechanisms are intra-identifier domain oriented, i.e. they focus on discovering identity- and identity-based services for a given identity described by known identifier valid inside certain identifier domain. This paper proposes a discovery mechanism which overcomes this constraint and allows for inter-identifier domain (inter-federation) discovery of user identities. To the best of our knowledge, it is the first proposition that crosses the border of an identifier domain (and federation) and allows for discovery of completely unrelated identities of the user.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.