| A client-side CardSpace-Liberty integration architecture | | BIBAK | Full-Text | 1-7 | |
| Waleed A. Alrodhan; Chris J. Mitchell | |||
| Over the last few years, many identity management schemes, frameworks and
system specifications have been proposed; however these various schemes and
frameworks are typically not interoperable. In this paper we propose an
approach to enable interoperation between two of the most prominent identity
management schemes, namely the Liberty Alliance Project scheme (specifically
the ID-FF LEC Profile) and the Microsoft CardSpace (formerly known as InfoCard)
scheme. This integration should enhance interoperability by enabling users to
make use of identity management systems even if the system participants are
using different schemes. The main advantages and disadvantages of the proposed
integration model are also investigated. Keywords: CardSpace, Liberty, federation, identity management, integration | |||
| Identity protection factor (IPF) | | BIBAK | Full-Text | 8-18 | |
| Arshad Noor | |||
| Since the dawn of computing, operating systems and applications have used
many schemes to identify and authenticate entities accessing resources within
computers. While the technologies and schemes have varied, there appears to
have been little attempt to classify them based on their ability to resist
attacks from unauthorized entities.
With the proliferation of identity management technologies in the market today, it is becoming increasingly difficult to assess and compare them with each other. As the threat level continues to rise on the internet, and regulations governing information technology continue to grow, risk managers need more objective mechanisms to assign risk to their systems so they may apply appropriate mitigating controls. This paper attempts to describe a classification scheme that will permit the comparison of seemingly different identification and authentication (I&A) technologies on the basis of their vulnerability to attacks. With a better understanding of related authentication technologies, companies can determine the appropriate technology to use for mitigating authentication risks. Keywords: access control, asymmetric key, authentication, identification &
authentication, identity management, identity protection factor (IPF),
shared-secret, symmetric key | |||
| OpenID identity discovery with XRI and XRDS | | BIBAK | Full-Text | 19-25 | |
| Drummond Reed; Les Chasen; William Tan | |||
| The work examines the identity discovery problems that needed to be
addressed by the OpenID 2.0 protocol in order to enable a user-centric Internet
identity layer. The paper illustrates how the OASIS XRI and XRDS specifications
were applied to help solve these identity discovery challenges. The work also
considers interoperable identity discovery for other Internet identity
frameworks such as SAML, Information Cards, and the Higgins Project, and
recommends future work. Keywords: Higgins project, OpenID, SAML, XRDS, XRI, Yadis, extensible resource
descriptor sequence, extensible resource identifier, i-card, identifier,
identity discovery, information card, resolution, user-centric identity | |||
| A content-driven access control system | | BIBAK | Full-Text | 26-35 | |
| Jessica Staddon; Philippe Golle; Martin Gagné; Paul Rasmussen | |||
| Protecting identity in the Internet age requires the ability to go beyond
the identification of explicitly identifying information like social security
numbers, to also find the broadly-held attributes that, when taken together,
are identifying. We present a system that can work in conjunction with natural
language processing algorithms or user-generated tags, to protect identifying
attributes in text. The system uses a new attribute-based encryption protocol
to control access to such identifying attributes and thus protects identity.
The system supports the definition of user access rights based on role or
identity. We extend the existing model of attribute-based encryption to support
threshold access rights and provide a heuristic instantiation of revocation. Keywords: access control, attribute-based encryption, inference control, revocation,
secret sharing | |||
| Secure roaming with identity metasystems | | BIBAK | Full-Text | 36-47 | |
| Long Nguyen Hoang; Pekka Laitinen; N. Asokan | |||
| The notion of identity metasystem has been introduced as the means to ensure
inter-operability among different identity systems while providing a consistent
user experience. Current identity metasystems provide limited support for
secure roaming: by "roaming" we refer to the ability of a user to use the same
set of identities and credentials across different terminals. We argue that in
order to support different types of roaming, the identity metasystem client
should be structured as a set of distributable components. We describe such
distributed client-side software architecture and how that architecture is
implemented by adapting Novell's Bandit project. We use our implementation to
demonstrate how credentials are stored in a trusted device in the form of a
mobile phone but can be used on less trusted terminals in the form of PCs. Keywords: identity metasystem, mobility, roaming | |||
| Secure communication for ad-hoc, federated groups | | BIBAK | Full-Text | 48-58 | |
| Andreas Sjöholm; Ludwig Seitz; Babak Sadighi | |||
| Ad-hoc federated groups are getting increasingly popular as means of
addressing collaborative tasks that require information sharing. However, in
some application scenarios, the security of the shared information is vital.
Managing the communication security of such groups in an efficient way is a
difficult task.
This paper presents an architecture that enables secure communication for ad-hoc, cross-organisational groups. Our architecture covers group admission control, group key management and secure group communication. The groups in question are expected to be ad-hoc groups where the potential participants have no prior knowledge of each other and thus federation mechanisms need to be used to establish group admission rights. In order to handle group admission we use the SAML and XACML standards, for group key management we use the TGDH protocol. Our approach thus supports decentralised management of the most important tasks in secure group communication using an integrated approach based on established security standards. We have also produced a demo implementation to show the feasibility of our architecture. This research was pursued as part of the TrustDis project funded by the Swedish Governmental Agency for Innovation Systems (Vinnova). Keywords: Diffie-Hellman, XACML, access control, authorization, secure group
communication, tree-based group | |||
| User-centric PKI | | BIBAK | Full-Text | 59-71 | |
| Radia Perlman; Charlie Kaufman | |||
| The goal of supporting Single Sign-On to the Web has proven elusive. A
number of solutions have been proposed -- and some have even been deployed --
but the capability remains unavailable to most users and the solutions deployed
raise concerns for both convenience and security. In this paper, we enumerate
desirable attributes in a scheme for authenticating from an Internet browser to
a web site and the authorization that follows. We categorize the currently
deployed or advocated approaches, describing their benefits and issues, and we
suggest incremental improvements to such schemes. We then outline a design for
public-key based authentication particularly suited to what we believe to be
the common case: users, acting on their own behalf (as opposed to as an
employee of an organization), performing actions on the web such as making a
purchase or maintaining an account at a service provider. We contrast the
usability/privacy/security properties of our design with other identity
management/authentication schemes deployed or being proposed today. Our design
is truly user-centric, in the sense that the user acts as his own CA, and as a
decision point for authorizing release of user information to web sites, rather
than having an Identity Provider be the center of trust. Keywords: PKI, authentication, single sign-on, web services | |||
| Public key superstructure "it's PKI Jim, but not as we know it!" | | BIBAK | Full-Text | 72-88 | |
| Stephen Wilson | |||
| While PKI has had its difficulties (like most new technologies) the unique
value of public key authentication in paperless transactions is now widely
acknowledged. The naïve early vision of a single all-purpose identity
system has given way to a more sophisticated landscape of multiple PKIs, used
not for managing identity per se, but rather more subtle memberships,
credentials and so on. It is well known that PKI's successes have mostly been
in closed schemes. Until now, this fact was often regarded as a compromise;
many held out hope that a bigger general purpose PKI would still eventuate. But
I argue that the dominance of closed PKI over open is better understood as
reflecting the reality of identity plurality, which independently is becoming
the norm through the Laws of Identity and related frameworks.
This paper introduces the term "Public Key Superstructure" to describe a new way to knit together existing mature PKI components to improve the utility and practicality of digital certificates. The "superstructure" draws on useful precedents in the security printing industry for manufacturing specialized security goods without complicated or un-natural liabilities, and inter-national accreditation arrangements for achieving cross-border recognition of certificates. The model rests on a crucial re-imagining of certificates as standing for relationships rather than identities. This elegant re-interpretation of otherwise standard elements could truly be a paradigm shift for PKI, for it grounds certificates in familiar, even mundane management processes. It will bring profound yet easily realized benefits for liability, cost, interoperability, scalability, accreditation, and governance. Keywords: PKI, authentication, digital certificates, public key infrastructure | |||
| Audit and backup procedures for hardware security modules | | BIBAK | Full-Text | 89-97 | |
| Túlio Cicero Salvaro de Souza; Jean Everson Martina; Ricardo Felipe Custódio | |||
| Hardware Security Modules (HSMs) are an useful tool to deploy public key
infrastructure (PKI) and its applications. This paper presents necessary
procedures and protocols to perform backup and audit in such devices when
deployed in PKIs. These protocols were evaluated in an implementation of a real
HSM, enabling it to perform secure backups and to provide an audit trail, two
important considerations for a safe PKI operation. It also introduces a
ceremony procedure to support the operation of such HSMs in a PKI environment. Keywords: PKI ceremony, embedded cryptographic hardware, hardware security module, key
life-cycle, key management, public key infrastructure | |||
| Securing the core with an Enterprise Key Management Infrastructure (EKMI) | | BIBAK | Full-Text | 98-111 | |
| Arshad Noor | |||
| The last twenty-five years has witnessed an emphasis on protecting the
network and computing host as a proxy for protecting data from unauthorized
access. While this was a reasonable strategy at the dawn of network-based
computing, given the state of the internet today with its security issues, this
strategy is proving to be hopeless.
This paper advances the notion that the time has finally come to begin what we should have done initially -- protect the core of our computing infrastructure: the data -- in addition to protecting the network and computing host. The paper describes an architecture -- and a specific implementation of that architecture -- to enable the encryption of data across the enterprise in a platform and application-independent manner. The architecture describes the use of a Public Key Infrastructure (PKI) and a Symmetric Key Management System (SKMS) within an Enterprise Key Management Infrastructure (EKMI), to securely -- and centrally -- manage the life-cycle of the symmetric encryption keys used for data encryption. Keywords: XML encryption (XENC), XML signature (DSIG), enterprise key management
infrastructure (EKMI), key-management (KM), public key infrastructure (PKI),
symmetric key client library (SKCL), symmetric key management system (SKMS),
symmetric key services (SKS), symmetric key services markup language (SKSML) | |||
| A federation of web services for Danish health care | | BIBAK | Full-Text | 112-121 | |
| Esben Dalsgaard; Kåre Kjelstrøm; Jan Riis | |||
| Having relevant, up-to-date information about a patient's health care
history is often crucial for providing the appropriate treatment. In Denmark,
IT systems have been built to support different work flows in the health
sector, but the systems are rarely connected and have become islands of data.
To remedy this situation, a service-oriented architecture based on web services for online exchange of health care data between the vast array of heterogeneous IT systems in the sector is being built. The architecture forms a federation of web services and enables secure and reliable authentication of end-users and systems in the Danish health sector. The architecture is based on national and international standards and specifications. Yet it defines its own profile for secure interchange of data due to a lack of available international profiles that could handle the special needs of the health sector at the time of project inception. The architecture has evolved through a pilot project from mid 2005 to the end of 2007, and is being tested in a small scale 1{sup:st} quarter 2008. This paper aims to convey experiences from the project, so rich in benefits that the architecture has been accepted and standardized as the foundation for the future of system integration in the health sector in Denmark. Keywords: SAML, SOA, SOAP, WS-trust, X509 certificates, digital signatures, electronic
patient records, federated identity management, health care, security token
service, single sign on, web services | |||
| Security and privacy system architecture for an e-hospital environment | | BIBAK | Full-Text | 122-130 | |
| Kathryn Garson; Carlisle Adams | |||
| Hospitals are now using electronic medical records and computer applications
in order to provide more efficient and thorough care for their patients. The
Mobile Emergency Triage system provides doctors with decision support for
emergency care by pulling information from a patient's health record and a
medical literature database. In order to achieve compliance with privacy
legislations PIPEDA and PHIPA, security and privacy measures must be put in
place. Encryption and access control are necessary for ensuring proper
authorization and confidentiality for patient records. Strong authentication
and audit logs are required to ensure access only by those allowed. We discuss
differences in security technologies and detail the ones used in our MET
system. A new encryption technology called policy-based encryption proves to be
quite useful within a health care environment for providing both encryption and
access control. We propose an extension to an existing scheme which allows for
the use of this cryptography in a hospital setting. Keywords: authentication, health care, policy-based encryption, privacy | |||