identity & profile management - the right way - dr. stefan brands june 11, 2002 presented to:
TRANSCRIPT
Identity & Profile Management- The Right Way -
Dr. Stefan Brands
June 11, 2002
Presented to:
Credentica Inc.
Incorporated January 2002, based in Canada What we do: building an Identity & Profile
Management system that removes fundamental security, privacy, and usability barriers
Who we are: seasoned cryptographers, developers and security experts - lots of experience in designing secure systems
Market Trends
t
sen
siti
vit y
Private networks
Extranets
Web Services
Wireless internet
Ad-Hoc Networking
Digital ID spanning many administrative
domains
Steep acceleration of Digital Identity & Profile information bartering
Internet
“Bowling Alley”
Chasm
“Tornado
”
Main Street
Early Market
Trust & Collaboration
Suspicion & Competition
OWNER & USER SERVICEPROVIDER
ACCESSPROVIDER
ISSUER STATUSPROVIDER
AuthenticatedAccess
DATABASEMANAGER
AuthenticatedAccess
AuthenticatedCommunication
AuthenticatedCommunication
AuthenticatedCommunication Authenticated
Communication
Identity & Profile Management
“Nearly 70% of consumers cite privacy concerns as one reason that could make them stop using e-government services.”
— Gartner survey (May 2001)
“meeting data protection standards is a key component [of e-government]. In the area of on-line authentication and identification in particular there is still much work to be done. [...] enhancing privacy should be a Government objective."
— UK Information Commissioner Annual report (June 2001)
Problem: Privacy intrusions (systematic identification, no control over data usage, linkability, conflicts with privacy laws, etc.)
OWNER & USER SERVICEPROVIDER
ACCESSPROVIDER
ISSUER STATUSPROVIDER
AuthenticatedAccess
DATABASEMANAGER
AuthenticatedAccess
AuthenticatedCommunication
AuthenticatedCommunication
AuthenticatedCommunication Authenticated
Communication
Identity & Profile Management
“The lack of trustworthy security services is a major obstacle to the use of information technology in private, in business as well as in public services.”
— European Parliament, Directorate General for Research (March 2001)
“Identification and authentication are becoming more important with the move towards e-government and the rising incidence of identity fraud.”
— U.K. Cabinet Office, Performance and Innovation Unit, “Privacy and data-sharing: The way forward for public services” (April 2002)
Problem: Inadequate security (system abuse, identity theft, data propagation, etc.)
OWNER & USER SERVICEPROVIDER
ACCESSPROVIDER
ISSUER STATUSPROVIDER
AuthenticatedAccess
DATABASEMANAGER
AuthenticatedAccess
AuthenticatedCommunication
AuthenticatedCommunication
AuthenticatedCommunication Authenticated
Communication
Identity & Profile Management
“A single authentication server / service equals a single point of failure.”
— Information Security Magazine (September 1998)
54% of respondents were extremely concerned with the possibility of government employees misusing their personal information, and 64% were extremely concerned about the risk of hackers breaking into government computers.
— Hart-Teeter, “E-GOVERNMENT: To Connect, Protect, and Serve Us” (November 2001)
Problem: Heavy dependence on real-time connection to central servers
OWNER & USER SERVICEPROVIDER
ACCESSPROVIDER
ISSUER STATUSPROVIDER
AuthenticatedAccess
DATABASEMANAGER
AuthenticatedAccess
AuthenticatedCommunication
AuthenticatedCommunication
AuthenticatedCommunication Authenticated
Communication
Identity & Profile Management
GAO (US General Accounting Office) found that at the Department of Veterans Affairs, many employees were sharing passwords: "These types of weaknesses make the financial transaction data and personal information on veteran medical records and benefits stored on these systems vulnerable to misuse, improper disclosure and destruction", GAO said.
— Government Executive Magazine (September 1998)
“…a device like a card is likely to disappear if the carrying person does not feel that its presentation will be of benefit to him.”
— European Committee For Standardization, “Health Informatics” (1998)
Problem: Lending, copying, discarding of credentials (access rights, attributes, profile)
Privacy Dangers of traditional PKI
Lessons Learned
Real world solutions must address security, privacy, and usability for all parties
PKI & digital signatures not designed to offer multi-party security & privacy
Solution must be built into architecture Policies & legislation must surround a multi-
party secure architecture, not replace it
Credentica’s Identity & Profile Management Platform
Name: “Credential Management Platform” Multi-party secure (holistic solution) Any mix of local & central profile data Platform independence (PCs, mobile phones,
Bluetooth devices, 8-bit chipcards, etc.) Privacy slider: Identification & Pseudonymity &
Role-Based & Anonymity & Selective Disclosure Security “slider”: Trust-only & Passwords &
Kerberos & X.509 & Digital Credentials
Credential Management Platform
Public Profile Access
USER
Profile Disclosure
Profile Disclosure
Profile Disclosure
Profile Access
Profile Registration
SERVICEPROVIDER
SYSTEMACCESSPROVIDER
CREDENTIALISSUER
CREDENTIALDATABASEMANAGER
CREDENTIALSTATUSPROVIDER
Credential Status CheckCredential Deliverance
Registration Authorization
Credential Deliverance RemoteProfile- Raw Credentials- Authenticated Credentials- Validated & Authenticated Credentials
Clear/Encrypted
LocalProfile- Raw Credentials- Authenticated Credentials- Validated & Authenticated Credentials
Clear/Encrypted
Credential Deliverance
Digital Credentials
Inherit all the strengths of PKI & digital signatures, but avoid their weaknesses
Protocols described in open literature (350-page MIT Press book & 31 publications)
Scrutinized by world's top cryptographers (Shamir, Rivest, Schnorr, …)
Unanimous acclaim from security, legal, and privacy experts worldwide
Digital Credentials
Properties of Digital Credentials
Privacy:– Untraceable & unlinkable authentication– Selective disclosure of attributes– Private reissuing & updating of credentials
Security:– Information separation between instances– Limited-show credentials– Lending/discarding protection– Chip-card integration
Flexibility:– Online/offline clearing for regulated credentials– Selective records– Server-assisted protocols– Integration with X.509-based PKI– Multi-purpose credentials
Selective Disclosure
Fraud Detection
Additional Information
Contact Information: Credentica Inc.
3710 St-Laurent Blvd, Suite #1Montreal, QuébecCanada H2X 2V4
Tel/fax: (514) 985-4111 E-mail: [email protected]
Further Reading: http://www.credentica.com/technology/book.html http://www.ercim.org/publication/Ercim_News/enw49/brands.html http://www.credentica.com/technology/overview.pdf