Why the Identity messy-system sucks, and how to fix it. Josh Howlett, JANET(UK) TNC 2008, Bruges.

Slides:



Advertisements
Similar presentations
Secure Videoconferencing Jill Gemmill, UAB. Room for Improvement… Videoconferencing applications today No resource discovery – need to already know address.
Advertisements

A brief look at the WS-* framework Josh Howlett, JANET(UK) TF-EMC2 Prague, September 2007.
OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Why eduroam sucks, and how to fix it.
Trends in Identity Management Nate Klingenstein Internet2 EDUCAUSE Security Professional 2007.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public University of the Future 1 TF-Mobility future Klaas Wierenga
SIP Security & the Future of VoIP Nate Klingenstein APAN 26 Queenstown August 5, ~ndk/apanSIP.pdf.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-
T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
1 Higgins 1: a species of Tasmanian long-tailed mouse 2: the name of an open source collaboration of IBM, Novell, Oracle, Parity…
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
SWITCHaai Team Federated Identity Management.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.
EuroPKI 2008 Manuel Sánchez Óscar Cánovas Gabriel López Antonio F. Gómez Skarmeta University of Murcia Levels of Assurance and Reauthentication in Federated.
SAML Right Here, Right Now Hal Lockhart September 25, 2012.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
Federated Identity: What It Brings to Open Government Dr Ken Klingenstein Director, Internet2 Middleware and Security.
Serving society Stimulating innovation Supporting legislation Danny Vandenbroucke & Ann Crabbé KU Leuven (SADL) AAA-architecture for.
, Josef NollNISnet NISnet meeting Mobile Applied Trusted Computing Josef Noll,
17 March 2008 © 2008 The University of Edinburgh, European Microsoft Innovation Center and University of Southampton IT Innovation Centre 1 NextGRID Security.
Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
Tutorial: Building Science Gateways TeraGrid 08 Tom Scavo, Jim Basney, Terry Fleury, Von Welch National Center for Supercomputing.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.
Windows CardSpace Martin Parry Developer Evangelist Microsoft
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Connect. Communicate. Collaborate The authN and authR infrastructure of perfSONAR MDM Ann Arbor, MI, September 2008.
Peering: A Minimalist Approach Rohan Mahy IETF 66 — Speermint WG.
Connect. Communicate. Collaborate The MetaData Service Distributing trust in AAI confederations Manuela Stanica, DFN.
Access Management 2.0: UMA for the #UMAam20 for questions 20 March 2014 tinyurl.com/umawg for slides, recording, and more 1.
Justin Richer The MITRE Corporation October 8, 2014 Overview of OAuth 2.0 and Blue Button + REST.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Image © Viatour Luc ( Project Moonshot TNC 2010 Vilnius, 1 June 2010 Josh Howlett, JANET(UK)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
Authentication and Authorisation in eduroam Klaas Wierenga, AA Workshop TNC Lyngby, 20th May 2007.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Deploying Authorization Mechanisms for Federated Services in eduroam Klaas Wierenga, EuroCAMP Helsinki, 17&18th April 2007.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Growth. Interfederation PKI is globally scalable Unfortunately, its not locally deployable… Federation is locally deployable Can it.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Introduction & use-cases FedAuth IETF78 Maastricht, July 27, 2010
IETF 78 Maastricht 27 July 2010 Josh Howlett, JANET(UK)
Shibboleth for Middle Schools James Burger -
INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.
INDIGO – DataCloud Security and Authorization in WP5 INFN RIA
Workshop on Security for Web Services. Amsterdam, April 2010 Applying SAML to Identity Data Exchange.
Connect. Communicate. Collaborate Applying eduGAIN to network operations The perfSONAR case Diego R. Lopez (RedIRIS) Maurizio Molina (DANTE)
Project Moonshot Daniel Kouřil EGI Technical Forum
Networks ∙ Services ∙ People Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT.
Copyright © 2009 Trusted Computing Group An Introduction to Federated TNC Josh Howlett, JANET(UK) 11 June, 2009.
Access Policy - Federation March 23, 2016
Stop Those Prying Eyes Getting to Your Data
Applying eduGAIN to network operations The perfSONAR case
LIGO Identity and Access Management
Shibboleth Roadmap
Federation Systems, ADFS, & Shibboleth 2.0
Solving the Identity Crisis
Identity Federations - Overview
Géant-TrustBroker Dynamic inter-federation identity management
Federated IdM Across Heterogeneous Clouding Environment
European AFS & Kerberos Conference 2010
ESA Single Sign On (SSO) and Federated Identity Management
The DAMe’s First Steps: eduroam and NAS-SAML
It Is All about Identity (Whatever the Sphere)
Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.
Presentation transcript:

Why the Identity messy-system sucks, and how to fix it. Josh Howlett, JANET(UK) TNC 2008, Bruges.

Overview I.Why Identity matters II.Origins of the Identity messy-system III. Fixing it

I. Why Identity matters An improbable perspective on Identity inspired by Douglas Adams’ essay, the “Ages of Sand”.

1 st – “Understanding big things”

2 nd – “Understanding little things”

3 rd 3 rd – “Computing these things”

4 th – “Connecting these things”

5 th ?

II. Origins of the Identity messy-system

Why Protocol & Trust? Protocol –Saying things about an Identity requires a common language. Trust –Acting on what is said often requires trust in who said it and in what context. Consequently, it is often necessary to share a common understanding of protocol and trust.

II. Origins of the Identity messy-system Protocols

Allopatric speciation in birds

X509 SAML TLS EAPGSS-API Kerberos WS-Security WS-Trust WS-FederationID-WSF ID-FFOpenID OAuth RADIUSDiameter SASL NTLM LDAP PGP 802.1X802.11i Deployments Protocol stack RADSec VMPS Infocard IKE Allopatric speciation in identity protocols DNSSec

Failure of geological strata

Failure of Identity protocol strata 1.Burden: for both users and admins. 2.Disconnect: phishing, SPAM, IP & MAC address spoofing, DHCP abuse, root- kits, social engineering, …

DHCP abuse IEEE gave us 802.1X –Extensible media-independent security framework for network admission. IETF gave us DHCP –No security –RFC 3118 … but mostly useless.

II. Origins of the Identity messy-system Trust

Human Resources University of PaduaUniversity of Pisa C17 th – C20 th trust Human Resources Letter of Introduction (‘Authentication assertion’)

Geography imposes friction

The network removes this friction

40 million users, a few hops away

1.3 billion users, a few more hops away “But what if I only trust these people?”

What is ‘Trust’ ? ‘Technical trust’ –Message and/or end-point authentication and message integrity. ‘Behavioural trust’ –Real life is more complicated. –‘Trust is the belief in the good character of one party, presumed to seek to fulfil policies, ethical codes, law and their previous promises’ (Wikipedia)

Evidential (Based on evidence) Non-evidential (Not based on evidence) Experiential (Based on experience) eg. ID card, white-list, firewall ACL, IM buddies, public phone- book, attributes … eg. belief in someone’s good character, … Non-experiential (Not based on experience) eg. gossip, web of trust, TNC/NEA, PKI… eg. prejudice, leap- of-faith, policy, contract, … ‘Trust metrics’

Trust fabrics Allow a community to share a common understanding of ‘trust’ within their community. Trust fabrics are assembled from ‘trust metrics’. Significant diversity, owing to: –Many types of metrics. –Different aims and objectives. Even R&E trust fabrics built from the same software can be quite different.

‘How do I love thee? Let me count the ways’ Promiscuous federation (eg. OpenID) –“I trust you because I trust everyone” Bilateral federation (eg. ‘conventional’ federated identity) –“I trust you, and only you” Multilateral federation (eg. R&E Shibboleth federations) –“I trust you because I trust him and he trusts you” Peering (eg. content providers trusting different R&E MLFs) –“I trust you and you” (an org affiliated with two or more other MLFs) Leveraged federation (eg. Schools sector within UK federation) –A sub-group within an MLF sharing some additional common policy. Inter-federation (eg. Kalmar Union, InCommon & NIH) –An MLF peering with one or more other MLF(s) Confederation (eg. eduroam, eduGAIN) –An MLF of consisting of multiple MLFs. “Federation soup”

Consequences of diversity The Good –Allows different communities to address their own requirements. The Bad –Increases redundancy and costs. The Ugly –Additional ‘burden’ & ‘disconnect’

III. Fixing it Protocols

Link Network Application Trust metrics e.g. User directory e.g. User directory e.g. TNC/ NEA From Messy-system to Metasystem

“The One Ring” “One ring to rule them all, One ring to find them, One ring to bring them all and in the darkness bind them, In the land of Mordor where the shadows lie.” ‘Lord of the Rings’, J.R.R. Tolkien. –Microsoft-backed WS-Trust and WS-Federation Infocard –Kerberos “the universal authentication platform for the world’s computer networks” – Kerberos Consortium The Identity Metasystem (1)

“The Four Horsemen of the Apocalypse” –Do nothing –Inter-work – eg. Concordia Only identity systems with a web focus –Gateway – eg. EduGAIN Pilot GN2 service connecting some European R&E identity federations. –“SAML over Everything” Use ‘legacy’ protocols to carry SAML. SAML used for expressing AuthN / AuthZ, replacing/supplementing semantics of the ‘legacy’ protocol. Focus of effort in R&E middleware development, with some successes: –OASIS V2.0 Attribute Sharing Profile for X.509 Authentication-based systems. –RADIUS-SAML, Internet2. –DAMe, GN2 JRA5. –Kerberos-bound SAML, University of Muni. The Identity Metasystem (2)

III. Fixing it Trust

Milled edges on coinsAn extremely unpleasant death Establishing trust in currency Technical trustBehavioural trust

Establishing trust in Identity Technical trustBehavioural trust

Improving technical and behavioural trust Technical –Trust fabric diversity  many ways to establish technical trust. –Desirable and perhaps possible to constrain the ways in which technical trust can be established. –Dynamic metadata, Leif Johansson et al. Behavioural –REFEDS

A little policy goes a long way… Perhaps a little more policy could go even further…?

Identity economies Self-asserted (‘user-centric’) Identity = barter –“I will swap my shiny stone for your pointy stick” –Value of identity is proportional to trust attributed to the user. Federated Identity = money –“I promise to pay the bearer on demand the sum of ten pounds (of gold)” –Value of identity is proportional to trust attributed to the authority. Normalised Federated Identity = VISA –“It works in most places, with some constraints. But I don’t need to know anything about the local currency.” –Value of identity is proportional to trust attributed to authority, less the value removed due to normalisation process.”

Fixing it - Conclusions Protocol –We need fewer and smarter protocols. –The One Ring or The Four Horsemen? Trust –We need fewer and smarter policies. –Building the Identity economy common mechanism for technical trust establishment? common policy framework(s) for trust fabrics?

Conclusions A robust Identity infrastructure is essential for realising advanced R&E applications. We have only just started. Identity impacts all parts of the network infrastructure. We need informed protocol & policy development. Come to the 1800 in the Strauss room!

Thank you for your attention

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.