Transcript ppt
Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin [email protected] www.DAI-Labor.de Overview Main building blocks of Identity Management Systems: • AAA components • Authentication: Validating the identity of users • Authorization: Granting access rights to users for specific services • Accounting: Monitoring resource usage • User Management components • Management of identities and personal information (Single Sign-On Mechanisms) Richard Cissée 02.12.2003 2 Introduction: Multi-Agent System Technology • Software agents are characterized by • Autonomy/ Proactiveness: An agent acts (on behalf of a user, as a part of a multi-agent system etc.) by trying to reach given goals • Ability to communicate with other agents, e.g. by offering and using services • Mobility: Agents may migrate between different host platforms, depending on their current tasks • Intelligence: An agent encapsulates knowledge, such as personal information • Multi-Agent System Technology especially suitable for distributed, heterogeneous, dynamic systems Richard Cissée 02.12.2003 3 AAA: Authentication • Authentication methods as means to establish identity via • something the user is: biometrics • something the user knows: passwords/ PINs (*) • something the user has: hardware tokens (e.g. smart cards) / software tokens (digital certificates) (*) or combinations thereof. In the last case, Authentication is possible without identification • Some methods (*) are usable by agents, others by human users only Richard Cissée 02.12.2003 4 Authentication in AgentBased IM Systems • Each user is represented by a user agent • Authentication as a two-step procedure: • Human user – user agent via conventional methods (optional) • User agent – target application/ service (mainly via certificates) • Potential risks of malicious agents compromising the security of the system have to be addressed Richard Cissée 02.12.2003 5 AAA: Authorization • Access Control Lists authorize users to access specific services • large number of relationships • updating information is error-prone (e.g. removing users) • Role-Based Access Control mechanisms authorize user roles to access specific services • Each user identity is assigned one or several roles • Roles are granted privileges • Separation of duties: User may not participate via more than one role in a transaction • Reduced number of relationships • Improved accuracy of Access Control information Richard Cissée 02.12.2003 6 Authorization in AgentBased IM Systems • Role-Based Access Control suitable because of underlying role concept in multi-agent systems • User Agents are assigned roles • by adding components/ knowledge to the agent, or • by updating the agent <-> role assignment information • Agents may negotiate role assignments • In the case of trusted agents, Authorization without management of assignment information is feasible Richard Cissée 02.12.2003 7 AAA: Accounting • Mechanisms for monitoring the usage of specific resources, sub-services etc. • Accounting information required • to determine whether Authentication/ Authorization information has to be modified • to update additional user information (Personalization) • to support Session Management (especially in the context of mobile services) • Further purposes (Billing, System configuration) outside the main focus of Identity Management Richard Cissée 02.12.2003 8 Management of Identities and Personal Information • Main goal: Interoperability of identity management information • Synchronization of distributed information • Benefit for users: Simplified sign-on to different services/ applications • Emerging XML standards, e.g. Security Assertion Markup Language (SAML) for Authentication and Authorization • Different approaches (centralized, federated, agentbased management of identity information) Richard Cissée 02.12.2003 9 Centralized Single Sign-On (1/2) User 1 User 2 User 3 Richard Cissée 02.12.2003 Service A Authentication Server Service B 10 Centralized Single Sign-On (2/2) • Central authentication server (Example: Passport) • User signs on to authentication server and, if successful, is automatically signed on to further participating services/ applications • Problems: • Trust (user has to trust authentication server) • Security (authentication server as single point of failure/ central point of attack) • Privacy (personal information that is collected in addition to authentication information) Richard Cissée 02.12.2003 11 Federated Simplified SignOn (1/2) User 1 User 2 User 3 Richard Cissée 02.12.2003 Service A "Circle of Trust" Service B 12 Federated Simplified SignOn (2/2) • (Example: Liberty Alliance Specification) • User signs on to different service/ applications and may opt-in to federate the respective accounts. • With each sign-on the user is seamlessly signed on to further services/ applications within a group of participants (‚Circle of Trust‘) • Problems: • Trust • Privacy (personal information that is collected in addition to authentication information) Richard Cissée 02.12.2003 13 Agent-Based Single Sign-On (1/2) User 1 User Agent 1 User 2 User Agent 2 User 3 User Agent 3 Richard Cissée 02.12.2003 Service A Service B 14 Agent-Based Single Sign-On (2/2) • User logs in to personal user agent • User agent manages account information required for different services/ applications as well as additional personal information • User agent resides on platform controlled by the user (online/ on mobile device/ special hardware) • No central authentication server or exchange of information between participating services/ applications required • Increased privacy, security & trust Richard Cissée 02.12.2003 15 Conclusion • Multi-Agent System Technology as a possible solution for different aspects of Identity Management Systems • Open issues: • Integration of existing and agent-based approaches • Consequences of introducing agents as additional entities – with own identities? Richard Cissée 02.12.2003 16