Upload
martin-majlis
View
291
Download
0
Tags:
Embed Size (px)
Citation preview
Pragmatic authentication
Hinke, Martin
Outline
• Introduction• Basic principles • Current approaches• Our suggestions
Voting mechanism
• Government knows, who can vote• Voter trusts VS, that it will not reveal his/her identity• Voter & Government trust, that VS is not cheating
Pragmatic Authentication
• Government knows own citizens• Citizen has and regularly uses X• X is trustworthy for Government
Pragmatic Tool - Requirements
• Trustworthy o Governmento Userso Security Specialists
• User friendly• Cheap• Safe• Private (anonymous)
Pragmatic Tool (2)
• more widely used → more easy to use• more widely used → less trustworthy• less complicated → more easy to use• less complicated → less secure
User uses
• All timeo own bodyo clothes
• Daily o mobile phoneo bank cardo e-mail o social networks
• Rarelyo DigiDo OpenID
The Chasm of Death
• Some users may be lost during loginVOTING
SYSTEM
AUTHEN
SYSTEM
Own body / Clothes
• Bodyo very trustworthyo problematic installationo ethical problems
• Clotheso more people lose phone than clotheso short endurance o highly visible for other people
Mobile Phone / Banking Tools
• Mobile phoneo widely usedo high probability of losto user has more phones
• Banking tools o widely usedo trustworthy for both sideso user has multiple accounts
• Government assigns always same ID
E-Mail / Social Networks
• Technology o Hybrid Onboarding - Details o Federated Login - Details
• Exampleo Sourceforge - Detailso Plaxo
20M users 92% success rate
o Facebook Connect 60M users 80k sites 2/3 of US Top 100
OpenID / DigiD
• OpenIDo in the past for "geeks"o now more spread - AOL, BBC, Google, IBM, Microsoft,
MySpace, Orange, PayPal, VeriSign, Yahoo!, etc.o Google, AOL,Yahoo!, MS - 73%
• DigiDo Digital Identity o 7M accountso 3 authentication levels: basic, medium, higho Growing number of services
Our suggestion
• Same mechanism like OpenIDo User (U) choose partner (P)o U is redirected to P siteo U logs in and is redirected backo User is logged in
• Requirementso Same protocolo E.g.: OpenID
Underwear Authentication
• Underwear is very secure o More people lose their phone/wallet than underwearo Wallet/phone is more accessible by foreign people
• But not quite sophisticated → improvement is needed• Process
o User asks government for labelso User attaches label to underwearo Hybrid mechanism
• Same trustworthy level as PC
Cycling Voting
• Everybody is using bike• Bike can be improved with bar code / RFID chip
Questions?
Thank You!
Thank You!