Presentation is loading. Please wait.

Presentation is loading. Please wait.

User-centric Handling of Identity Agent Compromise Daisuke Mashima Dr. Mustaque Ahamad Swagath Kannan College of Computing Georgia Institute of Technology.

Published byAnton Bludworth Modified over 9 years ago

Similar presentations

Presentation on theme: "User-centric Handling of Identity Agent Compromise Daisuke Mashima Dr. Mustaque Ahamad Swagath Kannan College of Computing Georgia Institute of Technology."— Presentation transcript:

1 User-centric Handling of Identity Agent Compromise Daisuke Mashima Dr. Mustaque Ahamad Swagath Kannan College of Computing Georgia Institute of Technology Atlanta, GA, USA ESORICS 2009, Saint Malo, France, 2009

2 2 Increasing Risk of Identity Theft Variety of online identity credentials –Passwords, certificates, SSN, credit card number, etc. –Loss and theft are possible Consequence of online identity theft –Impersonation –Breach of sensitive information –Financial loss –and more …

3 3 User-centric Identity Management Recent trend in identity management systems Advantage –User can choose appropriate credentials flexibly Disadvantage –Users are expected to be more responsible for their online identity usage Users need to have more robust control over and awareness of identity credential usage.

4 4 Outline Limitations in existing implementations Our approach Prototype implementation in GUIDE-ME Evaluation Conclusion / Future Work

5 5 GUIDE-ME Georgia tech User-centric IDEntity Management Environment Local and remote Identity Agents (IdAs) User / Local IdA Remote IdA Relying Party [1] Negotiation [3] Authorization Token [4] Identity Credential [2] Authorization Token + Ownership Proof

6 6 Limitation of Current Systems Loss, theft, or compromise of user devices / authentication credentials is possible. No effective mechanism to support user ’ s awareness of credential usage. Revocation of compromised devices takes time.

7 7 Assumptions Relying parties (RPs) require a requesting agent to demonstrate the knowledge of user ’ s private key for ownership verification. –Ownership proof and identity credential work together to prove identity. (Joint Authority) –Proof Key in CardSpace, U-Prove, GUIDE-ME, … RPs follow specified protocol. –Robust verification minimizes their future risks.

8 8 Online monitoring agent –Enhance user ’ s awareness –Accessible to users Threshold Signatures –Eliminate single point of attack/failure –Achieve immediate revocation of compromised identity agents –Enable users to control the monitoring feature Our Approach … Private KeyKey Shares

9 9 Monitoring Agent Storage Token - Run on TTP chosen by a user - Log identity credential usage - Send usage report periodically - (Detect & block suspicious usage) High-level Idea in Simplified Setting Local IdA stores user ’ s identity credential. Storage token and online monitoring agent are newly added. 2-3 threshold signature scheme is employed. User Local IdA

10 10 Scenario with Storage Token User / Local IdA Monitoring Agent Relying Party Negotiation

11 11 Scenario without Storage Token User / Local IdA Monitoring Agent Relying Party Negotiation Report usage log periodically

12 12 Prototype Implementation User + Local IdA (Java app) Remote IdA (Java Web Server) Relying Party (Java Web server) [1] Negotiation (Text file) [3] Authorization Token [4] Identity Credential [2] Authorization Token + Monitoring Agent (Java Servlet) Storage Token (USB Drive) Email (SMS)

13 13 Response Time ArchitectureResponse TimeOverhead Original1.253- W/O Token2.0470.794 W/ Token1.7990.547 Table1: Comparison of Response Time [seconds] Remote IdA, RP, and monitoring agent –Run on separate machines in our campus NW Local IdA (User Device) –Connected via a cable TV Internet service Shorter than “ 4-second threshold ” by Akamai

14 14 User-Centricity Properties of user-centricity presented by Bhargav-Spantzel et al. Revocability –By updating key shares, compromised agents are disabled immediately. Audit / Notification –Online monitoring agent under user’s control can log and report identity credential usage. Usability –Monitoring agent mitigates the impact on usability.

15 15 Summary of Security Analysis None of local IdA, remote IdA, monitoring agent, and storage token is a single point of attack. Monitoring agent is still effective even when both local and remote IdAs are compromised. Eavesdropping of messages to monitoring agent does not leak sensitive information. Storage Token does not require fancy security features.

16 16 Security, Privacy and Usability Trade-offs Security Never (rarely) use Storage Token Proactive Update Use Storage Token whenever necessary Privacy Usability Do not carry or care about Storage Token

17 17 Recovery and Availability Recovery can be done by creating a new instance by re-generating key shares –No CA or IdP needs to be involved Missing storage token –Monitoring agent works in place of it Disabled Monitoring agent –Users can use services by using storage token Disabled local IdA –Key shares available from a remote IdA, monitoring agent, storage token are enough.

18 18 Conclusion Proposed a mechanism to enhance user ’ s control and awareness in user-centric identity management systems –User-centric identity-usage monitoring –Fast revocation of compromised identity agents –Flexible use of hardware storage token to balance usability, security, and privacy Presented an actual proof of concept –Response time measurements –Security and user-centricity analysis

19 19 Future Work Enhancement of monitoring agent ’ s functionality –Real-time anomaly detection mechanism Integration into other architecture –Windows CardSpace etc. User studies to evaluate usability

20 20 Thank you very much. Questions? ご拝聴ありがとうございました。 mashima@cc.gatech.edu http://www.cc.gatech.edu/~mashima Merci.

Download ppt "User-centric Handling of Identity Agent Compromise Daisuke Mashima Dr. Mustaque Ahamad Swagath Kannan College of Computing Georgia Institute of Technology."

Similar presentations

Datamax/MCL Off-Line License Activation Method

Datamax/MCL Off-Line License Activation Method
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Institute for Cyber Security

Institute for Cyber Security
1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.
MyProxy Jim Basney Senior Research Scientist NCSA

MyProxy Jim Basney Senior Research Scientist NCSA
Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.
17 Copyright © 2005, Oracle. All rights reserved. Deploying Applications by Using Java Web Start.

17 Copyright © 2005, Oracle. All rights reserved. Deploying Applications by Using Java Web Start.
0 - 0.

0 - 0.
Addition Facts 1 - 20.

Addition Facts
Computer Security CIS326 Dr Rachel Shipsey.

Computer Security CIS326 Dr Rachel Shipsey.
Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.
Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Banking Services AVAILABLE FOR A SMALL BUSINESS. BANKING SERVICES 2 Welcome 1. Agenda 2. Ground Rules 3. Introductions.

Banking Services AVAILABLE FOR A SMALL BUSINESS. BANKING SERVICES 2 Welcome 1. Agenda 2. Ground Rules 3. Introductions.
Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011).

Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011).
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Discovering Computers Fundamentals, 2012 Edition

Discovering Computers Fundamentals, 2012 Edition
Application Server Based on SoftSwitch

Application Server Based on SoftSwitch
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Luca Maria Aiello, Università degli Studi di Torino, Computer Science department 1 Tempering Kademlia with a robust identity based system.

Luca Maria Aiello, Università degli Studi di Torino, Computer Science department 1 Tempering Kademlia with a robust identity based system.

Similar presentations

Ads by Google