Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity Federation: Some Challenges and Thoughts OGF 19 Jan 30, 2007 Von Welch

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Identity Federation: Some Challenges and Thoughts OGF 19 Jan 30, 2007 Von Welch"— Presentation transcript:

1 Identity Federation: Some Challenges and Thoughts OGF 19 Jan 30, 2007 Von Welch vwelch@ncsa.uiuc.edu

2 1/30/072GSI Credential Management OGF 19 Federated Identity Session Topics Identity Federation and Federated Identities Motivations Privacy Incident Response

3 1/30/073GSI Credential Management OGF 19 Federated Identity Session Identity Federation and Federated Identities We are talking both about two types of federation Federating identity systems –Allowing users at A, B, C, etc. to access Sites X, Y, Z, etc. Federating individual identities across systems –Allowing a user to have an identity composed of attributes from L, M, N, VO, etc.

4 1/30/074GSI Credential Management OGF 19 Federated Identity Session Motivation for Identity Federation Identity Federation is a lot of work –Ask anyone here… Why are we doing it? Yes, it’s cool. Copper plumbing is cool too, but not many have it. At the end of the day, how will it pay the bills?

5 1/30/075GSI Credential Management OGF 19 Federated Identity Session Motivations User: Holy grail of security - convenience Resource provider: Outsourcing of user management (If we can work out incident response) Virtual Organization: Another win, enable them to participate in identity Identity Provider: Get to be really nice guys?

6 1/30/076GSI Credential Management OGF 19 Federated Identity Session Privacy Kim Cameron’s laws of Identity –Sounds good Some resource providers want to keep users pseudo-anonymous –And we can help there What about in other cases? Plenty of other privacy leaks for SPs looking to circumvent it Identity today on the Internet is really IP addresses

7 1/30/077GSI Credential Management OGF 19 Federated Identity Session Privacy? This is really least privilege –And we haven’t had much success getting users interested there Will users care enough to read a pop up? Really, I think anonymization services are needed –E.g. Web Anonymizers Trust Negotiation may have a role to play here

8 1/30/078GSI Credential Management OGF 19 Federated Identity Session Who is going to represent the user? ``Humans are incapable of securely storing high-quality cryptographic keys, and they have unacceptable speed and accuracy when performing cryptographic operations. (They are also large, expensive to maintain, difficult to manage, and they pollute the environment. It is astonishing that these devices continue to be manufactured and deployed. But they are sufficiently pervasive that we must design our protocols around their limitations.)'’ –Network Security / PRIVATE Communication in a PUBLIC World by Charlie Kaufman, Radia Perlman, & Mike Speciner (Prentice Hall 2002)

9 1/30/079GSI Credential Management OGF 19 Federated Identity Session User Representation? Think we can agree users need help –Policies, attribute wallet, all that state Who will provide it? Current Identity Providers? –My University, ProtectNetwork, etc. My Bank? –Seems like they are going to have to be an IdP anyway, maybe they can make money at it? Local OS? –CardSpace/KeyChain/Higgins/etc. –Is there a difference between this and a network service any more? What is the agreement going to be between the user and this party?

10 1/30/0710GSI Credential Management OGF 19 Federated Identity Session Incident Response Everything is great until something goes wrong - Murphy’s 2nd Law When we start moving to valuable resources, it seems clear that incident response is going to be a big issue in all of this

11 1/30/0711GSI Credential Management OGF 19 Federated Identity Session Incident Response Theorem: Resource providers must have the ability to act locally, think globally It must be possible for a resource provider to cut off any user locally, without having to involve anyone else Then it must be must be possible for the process to proceed on the global stage

12 1/30/0712GSI Credential Management OGF 19 Federated Identity Session Incident Response What is the global process? –What are the separation of duties/SLA intersections? It seems resource provider is typically the wronged party and bears liability User may sometime bear some liability –E.g. my allocation got eaten! Different from physical world case of credit cards where user is the wronged party and credit provider bears ultimate liability

13 1/30/0713GSI Credential Management OGF 19 Federated Identity Session Incident Response Liability implies Resource Provider must drive Incident Response Comparison to current practice with ISP: wronged party must get court order to map Internet identity (IP address) to real world identity Our resource providers have SLA with IdPs, which helps But if this is going to work, IdPs must care about incidents

14 1/30/0714GSI Credential Management OGF 19 Federated Identity Session Incident Response Theorem: If this is going to work, IdPs must eat their own dog food - I.e. they must be as dependent on the Identity System as the resource providers Use of Identity System internally tells you more about its reliability that any policy statement Similar use to resource provider and you’re probably in good shape No policy will allow IdP to effectively run a system with external use unfamiliar to IdP

15 1/30/0715GSI Credential Management OGF 19 Federated Identity Session Thank you

Download ppt "Identity Federation: Some Challenges and Thoughts OGF 19 Jan 30, 2007 Von Welch"

Similar presentations

Building Secure Mashups D. K. Smetters PARC Usable.

Building Secure Mashups D. K. Smetters PARC Usable.
Identity Network Ideals – Heterogeneity & Co-existence

Identity Network Ideals – Heterogeneity & Co-existence
Use specific reasons and examples to support your opinion.

Use specific reasons and examples to support your opinion.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
From Authentication to Privilege Management to the Attribute Economy: Marketing runs amok…

From Authentication to Privilege Management to the Attribute Economy: Marketing runs amok…
Economic Tussles in Federated Identity Management Tyler Moore joint work with Susan Landau WEIS 2011.

Economic Tussles in Federated Identity Management Tyler Moore joint work with Susan Landau WEIS 2011.
Cloud Computing COMP 1631, Winter 2011 Yanggang Chen.

Cloud Computing COMP 1631, Winter 2011 Yanggang Chen.
Polling Stations There are four questions posted in the classroom Indicate a “yes” response by placing a tally mark on the white board The results of the.

Polling Stations There are four questions posted in the classroom Indicate a “yes” response by placing a tally mark on the white board The results of the.
Friendships & Relationships

Friendships & Relationships
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.

CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Forming a team. Which Competition? Environment YES is for researchers working in natural environmental sciences the science needed to provide solutions.

Forming a team. Which Competition? Environment YES is for researchers working in natural environmental sciences the science needed to provide solutions.
Copyright JNT Association 2009NorduNET, 18 th September 20091 Protecting Privacy in Global Networks Andrew Cormack Chief Regulatory Adviser, JANET(UK)

Copyright JNT Association 2009NorduNET, 18 th September Protecting Privacy in Global Networks Andrew Cormack Chief Regulatory Adviser, JANET(UK)
Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.

Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.
Future Research Directions Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.

Future Research Directions Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.
Security Colin Armstrong School of Information Systems Curtin University

Security Colin Armstrong School of Information Systems Curtin University
Safer Web Browsing Terry Labach Information Security Services IST.

Safer Web Browsing Terry Labach Information Security Services IST.
Ch 20 Q and A IS333, Spring 2015 Victor Norman. Universal Service Means every computer can talk “directly” with every other one. A message is not addressed.

Ch 20 Q and A IS333, Spring 2015 Victor Norman. Universal Service Means every computer can talk “directly” with every other one. A message is not addressed.

Similar presentations

Ads by Google