Transcript ppt

Identity Management:
A Technical Perspective
Richard Cissée
DAI-Labor; Technische Universität Berlin
[email protected]
www.DAI-Labor.de
Overview
Main building blocks of Identity Management Systems:
• AAA components
•
Authentication: Validating the identity of users
•
Authorization: Granting access rights to users for
specific services
•
Accounting: Monitoring resource usage
• User Management components
•
Management of identities and personal information
(Single Sign-On Mechanisms)
Richard Cissée 02.12.2003
2
Introduction: Multi-Agent
System Technology
• Software agents are characterized by
•
Autonomy/ Proactiveness: An agent acts (on behalf of a user, as a
part of a multi-agent system etc.) by trying to reach given goals
•
Ability to communicate with other agents, e.g. by offering and using
services
•
Mobility: Agents may migrate between different host platforms,
depending on their current tasks
•
Intelligence: An agent encapsulates knowledge, such as personal
information
• Multi-Agent System Technology especially suitable for
distributed, heterogeneous, dynamic systems
Richard Cissée 02.12.2003
3
AAA: Authentication
• Authentication methods as means to establish identity
via
•
something the user is: biometrics
•
something the user knows: passwords/ PINs (*)
•
something the user has: hardware tokens (e.g. smart
cards) / software tokens (digital certificates) (*)
or combinations thereof. In the last case,
Authentication is possible without identification
• Some methods (*) are usable by agents, others by
human users only
Richard Cissée 02.12.2003
4
Authentication in AgentBased IM Systems
• Each user is represented by a user agent
• Authentication as a two-step procedure:
•
Human user – user agent via conventional methods
(optional)
•
User agent – target application/ service (mainly via
certificates)
• Potential risks of malicious agents compromising the
security of the system have to be addressed
Richard Cissée 02.12.2003
5
AAA: Authorization
• Access Control Lists authorize users to access specific services
•
large number of relationships
•
updating information is error-prone (e.g. removing users)
• Role-Based Access Control mechanisms authorize user roles to
access specific services
•
Each user identity is assigned one or several roles
•
Roles are granted privileges
•
Separation of duties: User may not participate via more than one
role in a transaction
•
Reduced number of relationships
•
Improved accuracy of Access Control information
Richard Cissée 02.12.2003
6
Authorization in AgentBased IM Systems
• Role-Based Access Control suitable because of
underlying role concept in multi-agent systems
• User Agents are assigned roles
•
by adding components/ knowledge to the agent, or
•
by updating the agent <-> role assignment information
• Agents may negotiate role assignments
• In the case of trusted agents, Authorization without
management of assignment information is feasible
Richard Cissée 02.12.2003
7
AAA: Accounting
• Mechanisms for monitoring the usage of specific
resources, sub-services etc.
• Accounting information required
•
to determine whether Authentication/ Authorization
information has to be modified
•
to update additional user information (Personalization)
•
to support Session Management (especially in the
context of mobile services)
• Further purposes (Billing, System configuration)
outside the main focus of Identity Management
Richard Cissée 02.12.2003
8
Management of Identities
and Personal Information
• Main goal: Interoperability of identity management
information
•
Synchronization of distributed information
•
Benefit for users: Simplified sign-on to different
services/ applications
•
Emerging XML standards, e.g. Security Assertion
Markup Language (SAML) for Authentication and
Authorization
•
Different approaches (centralized, federated, agentbased management of identity information)
Richard Cissée 02.12.2003
9
Centralized Single Sign-On
(1/2)
User 1
User 2
User 3
Richard Cissée 02.12.2003
Service
A
Authentication
Server
Service
B
10
Centralized Single Sign-On
(2/2)
• Central authentication server (Example: Passport)
• User signs on to authentication server and, if
successful, is automatically signed on to further
participating services/ applications
• Problems:
•
Trust (user has to trust authentication server)
•
Security (authentication server as single point of failure/
central point of attack)
•
Privacy (personal information that is collected in
addition to authentication information)
Richard Cissée 02.12.2003
11
Federated Simplified SignOn (1/2)
User 1
User 2
User 3
Richard Cissée 02.12.2003
Service
A
"Circle of
Trust"
Service
B
12
Federated Simplified SignOn (2/2)
• (Example: Liberty Alliance Specification)
• User signs on to different service/ applications and
may opt-in to federate the respective accounts.
• With each sign-on the user is seamlessly signed on to
further services/ applications within a group of
participants (‚Circle of Trust‘)
• Problems:
• Trust
• Privacy (personal information that is collected in
addition to authentication information)
Richard Cissée 02.12.2003
13
Agent-Based Single Sign-On
(1/2)
User 1
User
Agent 1
User 2
User
Agent 2
User 3
User
Agent 3
Richard Cissée 02.12.2003
Service
A
Service
B
14
Agent-Based Single Sign-On
(2/2)
• User logs in to personal user agent
• User agent manages account information required for
different services/ applications as well as additional
personal information
• User agent resides on platform controlled by the user
(online/ on mobile device/ special hardware)
• No central authentication server or exchange of
information between participating services/
applications required
• Increased privacy, security & trust
Richard Cissée 02.12.2003
15
Conclusion
• Multi-Agent System Technology as a possible solution
for different aspects of Identity Management Systems
• Open issues:
•
Integration of existing and agent-based approaches
•
Consequences of introducing agents as additional
entities – with own identities?
Richard Cissée 02.12.2003
16