Embed Size (px)
Citation preview
IdentityManagement
Marco Casassa MontTrusted E-Services Lab
Hewlett-Packard LaboratoriesBristol, UKJune 2002
Enterprise 1
Enterprise 2
E-Commerce 1 E-Commerce 2Home
Government Services
ServiceTax
HomeOffice Driving
Licence
Health
B2B
P2P
B2G
C2G
B2C
Contexts
Enterprise 1
Enterprise 2
E-Commerce 1 E-Commerce 2Home
Telecom
ISP 1
ISPs
Identity Providers
Service
Government Services
Tax
HomeOffice Driving
Licence
Health
TTPs
Identity Management
Views of Identity
Foo.com view
of me
“Me me”
“The Aggregated me”
Enterprise view of m
e
Government view
CreditRating
Identity Aspects
• Authenticity• Dynamism• Longevity• Trustworthiness• Accountability• Privacy• Simplicity
Identity Management Issues
• Ownership & Control
• Identity Thefts & Frauds
• Protection (Mobile Appliances)
Identity ManagementActivities
Liberty Alliance Project
“Liberty Alliance Project is an alliance formed to deliver and support a federated network identity solution
for the Internet that enables single sign-on for consumers as well as
business users in an open, federated way …”
http://www.projectliberty.org/
Liberty Alliance Project
User
Browser
E-Commerce Sites
Identity Providers
SSO
SSOModules
Authentication
SSOModules
SSOModules
Internet
Exchange ofIdentity and Profile Information
Trusted Third Parties, Trust Services, ...
Research
• Accountable Management of Identities
• Personal Identity Assistant
• Virtual Private Identity Networks
Logging & Audit
Notification/Authorization
TracingModule
UserIdentity Provider/Enterprise
Identity Providers/Enterprises
Negotiation ofPrivacy Policy
Provision ofIdentity & Profile
Data
Plug-inIdentity/Profile
Disclosure
Notifications/Requests of Authorization
Transaction / Interaction
1
3
2
Tracing, Fraud Detection, Forensic Analysis
Accountable Management of Identities
Policies
Personal Identity AssistantHome Work Pub
Virtual Private Identity Networks
MallSchoolWork Environment…
Dynamic Groupsof Interest
• Personal Identity Assistant• Discover/Hide from other People• Selective Disclosure of Identity Information• Secure PDA• Tracing and Auditing Mechanisms
