Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rhys Smith, Jisc Privacy and AIM: a tale of too much success?

Published byElla Stokes Modified over 8 years ago

Similar presentations

Presentation on theme: "Rhys Smith, Jisc Privacy and AIM: a tale of too much success?"— Presentation transcript:

1 Rhys Smith, Jisc Privacy and AIM: a tale of too much success?

2 2

3 Jisc Jisc is a not-for-profit company that works on behalf of the UK’s R&E community Jisc’s service portfolio includes the high speed network, and other services that build on it This includes a portfolio of Trust & Identity services, and related service development activity Jisc has approximately 18 million eligible users, from UK schools, HE, FE and ACL programmes 3Privacy and AIM: a tale of too much success?

4 Today’s story 1.What we want and why 2.Where are we now? 3.Where we’re going 4.What are we trying to do, anyway? Privacy and AIM: a tale of too much success?4

5 Act I Privacy and AIM: a tale of too much success?5 What we want and why

6 Context & Motivation Hypothesis: » Individual privacy is under attack But? » Do people care? Well » I care! » Every little helps » Higher assurance data is worth $$$ » R&E specifically – anonymous browsing may have real business benefits 6Privacy and AIM: a tale of too much success?

7 Privacy? Today I’m talking about: » Anonymous/pseudonymous access to resources » Only releasing PII with appropriate policy and/or consent. Some good general, relevant, privacy principles are... 7 Privacy is an overloaded term Privacy and AIM: a tale of too much success?

8 Privacy by Design Privacy is usually very hard to retrofit properly Take privacy into account during the whole design & engineering process 8Privacy and AIM: a tale of too much success?

9 Data Protection != Privacy Protection EU privacy laws are somewhat (!) over effective » Good, obviously, but hinders usefulness UK seems to be slowly moving towards more of a risk based approach rather than black/white » c.f. UK ICO guidance 9Privacy and AIM: a tale of too much success?

10 Privacy vs Utility Constant battle (especially in EU) » Protect individual & organisational privacy » Whilst also retaining usefulness of federated identity (rich attribute ecosystem) » Boils down to Trust vs Privacy Striking a balance is hard! » Different answer for every context 10Privacy and AIM: a tale of too much success?

11 Act II Privacy and AIM: a tale of too much success?11 Where are we now

12 State of the Union Let’s have a look at how design choice can influence privacy in SAML federations 12Privacy and AIM: a tale of too much success?

13 State of the Union – SAML federations Web SSO » E-journals » Web systems » Learning platforms » Etc Many R&E federations Gov federations Commercial uses And beyond… 13Privacy and AIM: a tale of too much success?

14 Mesh Federation 14 IdPs RPs Privacy and AIM: a tale of too much success?

15 Hub & Spoke 15 IdPs RPs Privacy and AIM: a tale of too much success?

16 Privacy and Utility in a Mesh World 16Privacy and AIM: a tale of too much success? User » Can remain anonymous to the service IdP » Tailor attribute release per RP » Traceability » See which RPs the user users RP » Anonymous Personalisation » Sees which IdP the user came from

17 Privacy in a Mesh World » Anonymity (or pseudonymity) is easy › Opaque identifiers targeted per RP » Non PII attributes released » PII attributes destroy anonymity, so only released with specific purposes and trust base 17Privacy and AIM: a tale of too much success?

18 Privacy in a Hub & Spoke world 18Privacy and AIM: a tale of too much success? User » Can remain anonymous to the service Hub » Traceability » Tailor release policy to RP » Sees everything RP » Anonymous Personalisation » Doesn’t know user or IdP IdP » Doesn’t know which services the user uses

19 Privacy in a Hub & Spoke world 19Privacy and AIM: a tale of too much success? » Double Blind › Better privacy guarantees than Mesh… assuming you trust the hub! » Triple Blind › New cryptographic techniques meaning no single entity has full picture

20 Act III Privacy and AIM: a tale of too much success?20 Where we’re going

21 Improving the current - SAML » If privacy protection is the goal, then we’ve largely achieved it! » Problem is – a bit too well, in many contexts › Utility has suffered which may affect take up of services » So looking to shift the balance slightly 21Privacy and AIM: a tale of too much success?

22 (EU) DP CoC An attempt to help increase utility » help the lack of attributes problem Services sign up to a promise to respect data privacy » Makes use of EU DP “code of conduct” allowances 22Privacy and AIM: a tale of too much success?

23 Entity Categories Mark particular entities with annotations » Shows entity is a member of a particular category » Can be used to help attribute release, influence UI, etc Research & Scholarship category » Attempt to help attribute release for the R&S world › “Service Providers that support research and scholarship interaction, collaboration or management as an essential component” 23Privacy and AIM: a tale of too much success?

24 Next Gen - Moonshot Moonshot » Federated Access for anything » EAP/RadSec & SAML & GSS-API & Trust Router UK pilot » April 2013 -> Dec 2014 » Focus on research community requirements (SSH, etc) GÉANT pilot » March 2013 -> March 2015 » Focus on interfederation from the start with Trust Router 24Privacy and AIM: a tale of too much success?

25 Privacy in the Moonshot world Just like everything else – depends on deployment model Assuming common deployment model will be mesh » Similar privacy properties » But a few minor tweaks to enhance utility 25Privacy and AIM: a tale of too much success?

26 Trust Router How do entities find each other? » No metadata like SAML » No heirarchy like eduroam Trust Router » Allows Moonshot entities to securely locate each other and communicate. » Multi-layered trust network 26Privacy and AIM: a tale of too much success?

27 Trust Router - Communities 27 Authentication Policy Community / (Community of Registration) Authentication Policy Community / (Community of Registration) Community A Community B Community C Organisation validation to APC’s defined standards Policy coming from community requirements. Could include: Registration LoA AuthN LoA Operational Practices User behaviour Attribute release (RADIUS & SAML) Etc. Privacy and AIM: a tale of too much success?

28 Whole Trust Network 28Privacy and AIM: a tale of too much success?

29 Community A 29Privacy and AIM: a tale of too much success?

30 Community B 30Privacy and AIM: a tale of too much success?

31 Community C 31Privacy and AIM: a tale of too much success?

32 Act IV Privacy and AIM: a tale of too much success?32 What are we trying to do anyway?

33 What do our customers want? …want the moon on a stick » Ease of use for the users » Federated authentication so they don’t have to manage passwords » High assurance identities (in some cases) » A rich attribute ecosystem (for interesting AAI decision making) 33Privacy and AIM: a tale of too much success? Services

34 What do our customers want? …the needs are quite different: » To enable their users to make better use of tools available: › Ease of use for the users (that’s the same) - federated authentication to enable › Ease of discovery of services » Requirements for identity assertion that fits with their current IDM capabilities › Identity assurance is probably high in many cases, but tidying up IDM and asserting per user what level that is will be *expensive* » An attribute ecosystem that is low risk and high benefit, but easy to manage 34Privacy and AIM: a tale of too much success? Home Organisations (i.e. IdPs)

35 What do our customers want? Last in these slides, but should be first in our minds » Just want to get their job done › As quickly and easily as possible › Any kind of AAI that gets in their way or slows them down is a negative 35Privacy and AIM: a tale of too much success? Users

36 So, have we gone too far? Privacy and AIM: a tale of too much success?36 Yes we have! » We’re stifling our users. Something is wrong But, also, no we haven’t: » Privacy and anonymity is important Umm… So what do we do? » Remember to be more pragmatic. » Help our community to think about risk/benefit approaches instead of black/white. » Provide support and guidance

Download ppt "Rhys Smith, Jisc Privacy and AIM: a tale of too much success?"

Similar presentations

Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.

Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.
Federation management A mess? 9.4.2008 Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.

Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.
Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.

Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.
Trust Router. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any.

Trust Router. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any.
Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) 21.6.2012 FIM for research collaboration workshop Mikael Linden,

Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) FIM for research collaboration workshop Mikael Linden,
Trust Router Workshop 15 th October 2014. Introduction to the Day Moonshot Workshop.

Trust Router Workshop 15 th October Introduction to the Day Moonshot Workshop.
 Drug Prevention and Education Programs.  There is a growing trend in both prevention and mental health services towards Evidenced Based Practices (EBP).

 Drug Prevention and Education Programs.  There is a growing trend in both prevention and mental health services towards Evidenced Based Practices (EBP).
Moonshot Workshop 14 th October 2014. Introduction to the Day Moonshot Workshop.

Moonshot Workshop 14 th October Introduction to the Day Moonshot Workshop.
Copyright JNT Association 20051Optional www.ukfederation.org.uk Copyright JNT Association 2007 1 Joining the UK Access Management Federation 4th April.

Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
A case for Shibboleth and grid security: are we paranoid about identity? UK e-Science All Hands Meeting, 2006 Mark Norman 19 Sept 2006.

A case for Shibboleth and grid security: are we paranoid about identity? UK e-Science All Hands Meeting, 2006 Mark Norman 19 Sept 2006.
Identity Federation: Some Challenges and Thoughts OGF 19 Jan 30, 2007 Von Welch

Identity Federation: Some Challenges and Thoughts OGF 19 Jan 30, 2007 Von Welch
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
Control of Personal Information in a Networked World Rebecca Wright Boaz Barak Jim Aspnes Avi Wigderson Sanjeev Arora David Goodman Joan Feigenbaum ToNC.

Control of Personal Information in a Networked World Rebecca Wright Boaz Barak Jim Aspnes Avi Wigderson Sanjeev Arora David Goodman Joan Feigenbaum ToNC.
Geneva, Switzerland, 15-16 September 2014 Introduction of ISO/IEC 29003 Identity Proofing Patrick Curry Director, British Business Federation Authority.

Geneva, Switzerland, September 2014 Introduction of ISO/IEC Identity Proofing Patrick Curry Director, British Business Federation Authority.
FIM-ig Federated Identity Management Interest Group.

FIM-ig Federated Identity Management Interest Group.
AAI with simpleSAMLphp

AAI with simpleSAMLphp
National Science Foundation Chief Information Officer CIO Fall Update for the Advisory Committee for Business and Operations: Identity Management 2.0 George.

National Science Foundation Chief Information Officer CIO Fall Update for the Advisory Committee for Business and Operations: Identity Management 2.0 George.
EuroPKI 2008 Manuel Sánchez Óscar Cánovas Gabriel López Antonio F. Gómez Skarmeta University of Murcia Levels of Assurance and Reauthentication in Federated.

EuroPKI 2008 Manuel Sánchez Óscar Cánovas Gabriel López Antonio F. Gómez Skarmeta University of Murcia Levels of Assurance and Reauthentication in Federated.

Similar presentations

Ads by Google