Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK InfraSec 2002 InfraSec 2002 Bristol, 01-03 October 2002 Marco Casassa Mont Richard.

Slides:



Advertisements
Similar presentations
Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.
Advertisements

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
A Framework for Distributed OCSP without Responders Certificate
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
1 Privacy Prof. Ravi Sandhu Executive Director and Endowed Chair March 8, © Ravi Sandhu World-Leading Research.
Extended Validation Models in PKI Alternatives and Implications Marc Branchaud John Linn
Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
7/11/2011Pomcor 1 Pros and Cons of U-Prove, Idemix and Other Privacy-Enhancing Technologies Francisco Corella Karen Lewison Pomcor.
Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
Lecture 23 Internet Authentication Applications
Negotiated Revealing of Trader’s Credentials in e-Marketplaces: Dealing with Trust and Privacy Issues Marco Casassa Mont, Mike Yearworth
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Public Key Infrastructure (X509 PKI)
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
CMSC 414 Computer (and Network) Security Lecture 17 Jonathan Katz.
On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
Understanding Active Directory
Interoperation Between a Conventional PKI and an ID-Based Infrastructure Geraint Price Royal Holloway University of London joint work with Chris Mitchell.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.
14 May 2002© TrueTrust Ltd1 Privilege Management in X.509(2000) David W Chadwick BSc PhD.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Secure Electronic Transaction (SET)
Identity Management Marco Casassa Mont Trusted E-Services Lab Hewlett-Packard Laboratories Bristol, UK June 2002.
NENA Development Conference | October 2014 | Orlando, Florida Security Certificates Between i3 ESInet’s and FE’s Nate Wilcox Emergicom, LLC Brian Rosen.
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
1 Using EMV cards for Single Sign-On 26 th June st European PKI Workshop Andreas Pashalidis and Chris J. Mitchell.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Configuring Directory Certificate Services Lesson 13.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Certificate revocation list
CERTIFICATES. What is a Digital Certificate? Electronic counterpart to a drive licenses or a passport. Enable individuals and organizations to secure.
Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Security in ebXML Messaging CPP/CPA Elements. Elements of Security P rivacy –Protect against information being disclosed or revealed to any entity not.
The privacy risks and rewards of distributed identity Conference Presentation (8 September 2003) Surveillance and Privacy 2003, University of New South.
Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.
Building trust on the internet Extending Attribute Protocols for Status Management and “Other Things” Patrick Richard, Xcert International.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Creating and Managing Digital Certificates Chapter Eleven.
Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.
1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.
SSL Certificates for Secure Websites
Draft ETSI TS Annex C Presented by Michał Tabor for PSD2 Workshop
Security in ebXML Messaging
The New Virtual Organization Membership Service (VOMS)
Public-Key Certificates
CS 465 Certificates Last Updated: Oct 14, 2017.
PKI (Public Key Infrastructure)
Towards Accountable Management of Privacy and Identity Information
Presentation transcript:

Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK InfraSec 2002 InfraSec 2002 Bristol, October 2002 Marco Casassa Mont Richard Brown Active Digital Credentials: Dynamic Provision of Up-to-Date Identity Information

Outline Problem: Provision of Up-to-Date Certified Information in Dynamic Environments Limitations of Current Solutions Proposed Model: Active Digital Credentials Discussion Conclusions

Trends Increase of e-Commerce, B2B and Government Transactions and Interactions on the Internet E-Commerce Initiatives Aiming at Enhancing and Simplifying Customer Experiences (MS Passport, Liberty Alliance) Usage of PKI and Digital Certificates to underpin Government and Business Initiatives Increase of the Number of Interactions with a Lack of Prior Knowledge about the Involved Parties

Identities and Profiles are Key Enablers of Interactions and Transactions on the Internet for E-commerce, Enterprises, Social Purposes and with Government Institutions Role of Digital Identities and Profiles

Problems Trustworthiness of the Involved Parties Authenticity of Identity and Profile Information Provision of Valid and Up-to-Date Identity and Profile Information

Focus of this Work Provision of Up-to-Date Certified Identity and Profile Information in Dynamic Environments: - dynamic changes of financial profile, reputation, rating, etc. depending on transactions, interactions, etc. - dependency on contextual information - …

Digital Credentials and Public Key Infrastructures Digital Credentials: Viable Way to Supply Certified Information. PK Infrastructures Provide Mechanisms for Verification of Validity and Trustworthiness of the Involved Parties Support for Lifecycle Management of Credentials

Classic X.509 PKI Certification Authority (Credential Issuer) Credential Owner Relying Parties Issuance Disclosure Lifecycle Management Request Interpretation Trusted Information Providers Verification

X.509 PKI Certification Authority (CA) must Assess the Validity and Trustworthiness of the Information to be Certified Reliance on CAs for the Provision of Accountable Lifecycle Management of Digital Certificates (including keeping Certificate Revocation Lists - CRLs - up-to-date) Relying Parties must check the validity of Digital Credentials (CRLs, OCSP Responders, etc.)

X.509 PKI Complexity of Dealing with Trust Assessment and Validation of Digital Certificates (CA chains) Scalability Problem of Certification Chains Problem of supplying Certified Information in case of Dynamic Contexts: - validity of certified information - accuracy of certified information - trustworthiness of certified information

Current Approach for X.509 PKI X.509 Attribute Certificate Signature X.509 Identity Certificate IssuerDN Serial Number Credit card: … Expiration: … CERTIFICATE Separation of “Duties”: X.509 Identity Certificate: “medium-term” certified Information X.509 Attribute Certificate: “short-term” certified Information

Issues X.509 Identity and Attribute Certificates contain a Snapshot of the certified Information, at the Issuance Time Short term expiration dates, frequent revocations and Proliferation of Certificates create Complexity and Confusion The whole certificate must be Revoked even if only a subset of the Information contained in a Certificate is not valid anymore The off-line usage of Identity and Attribute Certificates is a myth! Relying Parties must verify (on-line) the validity of Certificates (by accessing CRLs, OCSP, etc.) Certification Authorities should check for the Validity of the Certified Information at the Source of this Information and Update CRLs

Issues Alternative PK Approaches (SPKI, etc.) based on Certificates have the same Problem. Alternative Approaches based on on-the-fly Assertion of Identity and Profile Information (for example SAML) only provide a Certified Snapshot of this Information.

Our Proposal: Active Digital Credentials

Active Digital Credential Objectives: It is a Certified Collection of Attributes along with Embedded Mechanisms to Retrieve and Calculate Attributes’ Values by Executing Local Computation Cope with Dynamic Identity and Profile Information (financial, trust, rating, etc.) Provision of Up-to-Date Certified Information and Added-value Aggregation of this Information Address the Complexity of Current Lifecycle Management by Reducing the need for Certificate Revocation

Active Digital Credential Model Extension of Current Digital Certificate Model, by adding Dynamic Computational Aspects Described in the Context of the X.509 PKI Context (but not limited to the X.509 Model) Work in progress …

LocalProcessing Bank Enterprise Government Attribute Name Attribute Value Validity/ Trust Credit Limit Credit Rating Location … Attributes Active Digital Credential Local/Remote Interactions

Active Digital Credential Attribute 1 Attribute n Attribute Properties Trustworthiness ….. Function 1 Value Function 2 Function j Function k Function 3 Value Trustworthiness Attribute Properties ….. Function x Function y Global Trust Attribute Validity Attribute ….. Payload Trust Info & Signature E X T E R N A L S O U R C E S Code Active Digital Credential

Active Digital Credential Trusted Information Providers Credential IssuerCredential OwnerRelying Parties Dynamic Content Provision Issuance Disclosure Lifecycle Management Model Request Interpretation Embedded Code Local Processing

Active Digital Credentials: Properties Embedded Code Provides Dynamic and Fine-Grained Evaluation of: Values of Credential Attributes Validity and Trustworthiness of these Attributes Validity and Trustworthiness of the Whole Digital Credential Local Elaboration Allows: Aggregation of Multiple Attribute Values Correlation of Information Fetched from Heterogeneous Sources

Active Digital Credentials: Properties The Validity and Trustworthiness of an Active Credentials and any of its Attributes does not need to be Binary (Valid, Not Valid). Fuzziness is allowed. Some of the Credential Attributes Might Not be Valid Anymore, but this Does Not Necessarily Compromise the Validity of the Entire Credential and the other Attributes Embedded Functions can be used to Implement Fine-Grained Decaying Credentials, depending on the Time Factor

Active Digital Credentials: Properties Attributes Values can be disclosed only at the Interpretation Phase, after “Trust Establishment” between the Relying Party and the Information Provider. Privacy Management. Identity Certificates of Trusted Information Providers can be Embedded, for Security Reasons

Scenario 1: Consumer-Service Provider

Scenario 2: Federated Identity Management Credential Issuer Credential Issuance Credential Owner Relying Party Trust Relationships Digital Credentials Lifecycle management Active Credentials Identity Providers Active Credentials Trust Relationships Trust Relationships Information Providers

Credential Owner Need to Trust a Credential Issuer (as for traditional PKI …) Might have to make the Credential Issuer aware of the Relevant Information Providers Can decide which Information can be Accessed by the Credentials Can set Access Control Policies (at the Information Provider site) on this Information Some of this Policies can be set by other Parties (Enterprise, Government, etc.)

Credential Issuer (CA) Responsible for Assessing: Correctness of the embedded functions (it might write them) Trustworthiness of the Information Providers Trustworthiness of the Users that request Credentials It Must be Accountable (need for Auditing Mechanisms) Responsible for Active Credentials’ Lifecycle Management It Needs to Establish Trust Relationships with Information Providers

Relying Party Need to Trust Credential Issuers (as for traditional PKI …) Uses the Added-Value Information (fine-grained trust and validity evaluation for attributes and the overall credentials, aggregated information, etc.) provided by the Interpretation of Active Credentials to Draw his/her Own Conclusions Relies on the Correctness of the Embedded Functions and Makes use of an Extended Infrastructure to Verify and Execute Active Digital Credentials

Active Digital Credential Interpretation Infrastructure Communication Mechanisms Validation & Verification Authorization Logging Local System Context Credential Interpreter API Applications & Services Secure Interpretation Environment, Based on Virtual Machines

Security Considerations Relying Party Information Providers/ Credential Issuers Information Service - Check the Identity of Remote Parties Against List of Trusted Identity Certificates Embedded in the Active Digital Credential - Check Signatures of the Inputs Received by Information Providers

Security Considerations Relying Party Information Providers/ Credential Issuers Information Service - Check Identity of Remote Party - Check the Requests sent by Active Credentials Functions (such as ref. numbers, Credential Digest, etc.) against policies (set by the Credential Owner, etc.) - Digitally Sign (and Encrypt) the Disclosed Information

Security Considerations Relying Party Information Providers/ Credential Issuers Information Service Secure, Encrypted Channel (SSL …)

Discussion Active Digital Credentials Depend on On-line Interactions with Third Parties. The Availability of a Communication Infrastructure might be a Potential Issue (but similar problem exists for traditional credentials …) More Flexibility and Reduced Dependency on Changes of the Certified Information. Does it Really Imply a Simplified Credential Lifecycle Management? Active Digital Credentials can help Credentials’ Owners to Explicitly Control the Disclosures of their Information

Discussion The Technology Necessary to Build Active Digital Credentials is Available, especially in term of Security (secure channels, encryption, signatures, etc.) Requires Trust and Reliance on Credential Issuers and Information Providers. Auditing Mechanisms are necessary to underpin Accountability. We extend the PKI Model, but we Do Not Change the Underlying Trust Model.

Current and Future Work Build a Working Prototype in a Realistic Environment (such as Federated Identity Management) Explore, for Real, the Feasibility of the Proposed Model Investigate the Implications in term of Life-cycle Management (especially for the Embedded Code)

Conclusions The Provision of Up-to-Date Certified Information is an Issue in case of Dynamic Environment. Traditional PKI has Limitations, due to the Static Nature of Digital Certificates Active Digital Credential Model: Embedding Certified Code within Digital Credentials for Retrieval, Processing, Aggregation and Evaluation of Identity and Profile Information Potential Advantages in term of Flexibility and Longevity of Active Digital Credentials Work in Progress …

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.