Identity: Setting the Larger Context, Achieving the Right Outcomes Copyright © 2006, 9112-1772 Quebec Inc. 7th Annual Privacy and Security Workshop & 15th.

Slides:

Advertisements

Similar presentations

Lousy Introduction into SWITCHaai

Advertisements

Identity Network Ideals – Heterogeneity & Co-existence

NZ igovt/RealMe proposed consent service: overview Kantara eGov Working Group April 8 th 2013 CROWN COPYRIGHT © This work is licensed under the Creative.

Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.

Identity Management In A Federated Environment Identity Protection and Management Conference Presented by Samuel P. Jenkins, Director Defense Privacy and.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Lecture 23 Internet Authentication Applications

Windows CardSpace and the Identity Metasystem Glen Gordon Developer Evangelist, Microsoft

Infocard and Eduroam Enrique de la Hoz, Diego R. L ó pez, Antonio Garc í a, Samuel Mu ñ oz.

The ICAR Federated Identity Model Massimiliano Pianciamore, CEFRIEL Francesco Meschia, CSI-Piemonte

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Digital Identity within E-Business and E-Government: Where are we now and Where do we go from here William Barnhill Booz Allen Hamilton.

1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.

Government Online – White Paper Companion – Copyright © 2007 Credentica Inc. All Rights Reserved. This presentation is animated. Press the “space bar”

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (

December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

© 2009 The MITRE Corporation. All rights Reserved. April 28, 2009 MITRE Public Release Statement Case Number Norman F. Brickman, Roger.

Using Digital Credentials On The World-Wide Web M. Winslett.

P3P: Platform for Privacy Preferences Charlin Lu Sensitive Information in a Wired World November 11, 2003.

© 2010, University of KentPrimeLife Vienna, 10 Sept CardSpace in the Cloud David Chadwick, George Inman University of Kent.

OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Christian Paquin May 1 st, 2007 Identity Management Techniques – CFP 2007 Tutorial – Copyright © 2007 Credentica Inc. All Rights Reserved.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Single-Sign On and Federated Identity.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

July 25, 2005 PEP Workshop, UM A Single Sign-On Identity Management System Without a Trusted Third Party Brian Richardson and Jim Greer ARIES Lab.

Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.

A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Who are you? From Directories and Identity Silos to Ubiquitous User-Centric Identity Mike Jones, Microsoft and Dale Olds, Novell.

A Claims Based Identity System Steve Plank Identity Architect Microsoft UK.

Identity Management Report By Jean Carreon and Marlon Gonzales.

Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.

Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Chad La Joie Shibboleth’s Future.

Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.

2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.

Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.

Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.

Serving society Stimulating innovation Supporting legislation Danny Vandenbroucke & Ann Crabbé KU Leuven (SADL) AAA-architecture for.

A Flexible Access Control Model for Web Services Elisa Bertino CERIAS and CS Department, Purdue University Joint work with Anna C. Squicciarini – University.

Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

© 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Security & Identity : From present to future Matt Flaherty, IBM Mary Ruddy, Meristic.

Windows CardSpace Martin Parry Developer Evangelist Microsoft

Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.

Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.

The State of Identity Management on Your Campus Session Moderators Jacob Farmer, Indiana University Theresa Semmens, North Dakota State University November.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Creating a European entity Management Architecture for eGovernment Id GUIDE Keiron Salt

Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.

International Planetary Data Alliance Registry Project Update September 16, 2011.

CLASSe PROJECT: IMPROVING SSO IN THE CLOUD Alejandro Pérez Rafael Marín Gabriel López

Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.

The FederID project The First Identity Management and Federation Free Software.

Federation made simple

INDUSTRY WORKSHOP STORK OVERVIEW 2nd Industry Group – 26 June, 2009

Identity Federations - Overview

Data and Applications Security Developments and Directions

Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)

ESA Single Sign On (SSO) and Federated Identity Management

Presentation transcript:

Identity: Setting the Larger Context, Achieving the Right Outcomes Copyright © 2006, Quebec Inc. 7th Annual Privacy and Security Workshop & 15th CACR Information Security Workshop Dr. Stefan Brands November 3, 2006

2 Copyright © 2006, Quebec Inc. “Achieving the right outcomes” – of what? Focus of this presentation: (Large-scale) identity systems To achieve “the right outcomes” one must meet: Functional requirements (SSO, PIM, data sharing, …) Security requirements Interoperability Flexible roadmap (evolution) Privacy (often not an explicit requirement …) Key ingredients to success: Identity policy (relating to privacy) Data protection legislation / FIPs Policy and law must be “technology-neutral” But NOT technology-unaware!!

3 Copyright © 2006, Quebec Inc. Identity management basics Single-domain identity management (“silo”) Quite well represented by FIPs Quite well understood by policy makers (However: automation continues to increase risks) Cross-domain identity management Breaking out of the “identity silos” (electronically!) – To enable (unanticipated) “secondary uses” … Typical data “shared” across domains (a la SAML): – Authentication statements, attribute statements, authorization decision statements Policy and law have NOT caught up! Must be concerned with CROSS-DOMAIN data sharing Requires NEW policies and FIPs

4 Copyright © 2006, Quebec Inc. Technologies for single-domain identity Data repositories Provisioning of identity data WITHIN silos Tools for managing “user accounts” (creation, deletion, I/O) Access management Authentication and authorization to protect resources Policy engines, policy expression languages Auditing and compliance Track how data is created, modified and used User administration Account access reset, delegation, approval workflow, … Data security Data authenticity, integrity, encryption (in transit and at rest)

5 Copyright © 2006, Quebec Inc. Technologies for cross-domain identity All single-domain technologies (augmented) “Discovery” services Simplified/Single Sign-On (SSO) Cross-domain data sharing “glue” Technologies for “linking up” accounts! “Back-end” statistical linking tools to match accounts “Federation” (a la SAML / ID-FF, ID-WSF) – Electronic approach whereby user establishes account linkages – Identity data flows from source to destination (no user “control”) User-centric identity management – Identity data flows through user (data subject) to relying party – User can be given actual control over his/her personal information – Boon to privacy or its worst nightmare?

6 Copyright © 2006, Quebec Inc. User-centric identity: “heavyweight” efforts Microsoft CardSpace (formerly InfoCard) “Windows” UI component and related services for managing identity “cards” – User can select cards (“identity selector”) – Improved protection against local viruses Self-issued and managed identity cards – Managed identity cards issued by identity providers – Any technology that supports WS-* protocols can integrate Liberty Alliance iClient/TMa Expanding Liberty Alliance ID-WSF protocols to support intelligent clients for storing and managing credentials – ID-FF supports browser redirects only (“zero-footprint” browser) Driven by Intel and NTT

7 Copyright © 2006, Quebec Inc. User-centric identity: “lightweight” efforts Higgins project (IBM, Novell, small players): APIs for integrating identity data across multiple systems – SAML, CardSpace, … OSIS (open source effort) Building “identity selectors” compatible with CardSpace OpenID (subsuming DIX and LID) Lightweight Web SSO for URL-based authentication Aimed at blogging community (not security-focused) Bandit Novell-sponsored attempt at common identity framework Heraldry Identity Project: Apache Software Foundation effort using Yadis/ OpenID

8 Copyright © 2006, Quebec Inc. “Laws” of identity (Microsoft & IPC of Ontario) User Control and Consent User can store own identity data and control its release Minimal Disclosure for a Constrained Use Limit scope for unauthorized secondary uses Justifiable Parties A party’s involvement in identity relations must be justifiable Directed Identity Unidirectional identifiers for users to minimize linkage across sites Pluralism of Operators and Technologies Human Integration Consistent Experience across Contexts

9 Copyright © 2006, Quebec Inc. User-centrism: pro-privacy characteristics Can the data subject: Pick his own IdP to meet the RP’s requirements? – Like having your pick of credit card issuer … Consent to or withhold its release – On case-by-case basis, informed, non-coerced, … Hide the identity of the RP from the IdP? Hide the RP’s request from the IdP? See the actual identity data? – Or is it encrypted for SP … Selectively disclose attribute data on identity credentials? Locally store and manage long-lived identity credentials? Avoid correlation handles across IdPs and SPs? – Or are data subjects (unknowingly) linking up all of their account relations with each and every disclosure?

10 Copyright © 2006, Quebec Inc. User-centrism: boon or nightmare to privacy? Data subject as “choke point” is NOT enough User-centrism at its worst (for privacy): User greatly EXTENDS the cross-domain sharing of identity data about him or her Each user-centric data transfer creates a common cross-domain user identifier/handle – The user accelerates the “federation” of his account information! Once accounts are federated, user is powerless: – Organizations can freely exchange user data without user involvement – Identity thieves can freely cross what used to be identity “silos” CardSpace is an ENABLER of PETs, not a PET Current version does not comply with the “laws” of identity MUST be used in conjunction with PETs

11 Copyright © 2006, Quebec Inc. User-centrism without PETs is bad for privacy! “The real danger is the gradual erosion of individual liberties through the automation, integration, and interconnection of many small, separate recordkeeping systems, each of which alone may seem innocuous, even benevolent, and wholly justifiable.” Privacy Protection Study Commission, Personal Privacy in an information Society, (July 1977)

12 Copyright © 2006, Quebec Inc. Example of pro-active government: Quebec Projects: ClicSÉQUR and L'Espace Citoyenne “The government must... implement institutional mechanisms, and even laws, to promote the use of specific technologies for protecting personal information and privacy.... We recommend that the government look into the possibility of establishing a legal framework to ensure that the technologies comply with the imperatives regarding the protection of privacy (privacy-compliant and privacy-enhancing technologies).” -- Minister Gautrin, Quebec E-Government roadmap report, June 2004 “Requirements on the protection of the personal information: … allowing citizens to only use pseudonyms and giving them free choice over their pseudonyms; to limit the possibility of linking identity data; to limit the possibility WITHIN THE GOVERNMENT APPARATUS of tracing the use of identifiers.” -- RFI on authentication solutions

13 Copyright © 2006, Quebec Inc. Proposal for a new Fair Information Principle “An organization must obtain explicit legal authorization if it wants to obtain a unique identifier from a user that has already been associated with that same user by another organization” Even better: “… that can be correlated with any identifier of the same user in another domain” Notes: Inspired by SIN/SSN legislation This would encourage organizations to use independently generated identifiers to transact with their clients An “identifier” is any information that can be (efficiently) resolved to a unique person/user without requiring that person’s active cooperation

14 Copyright © 2006, Quebec Inc. Questions