Embed Size (px)
DESCRIPTION
NISnet meeting 10.10.2007 Mobile Applied Trusted Computing. Josef Noll, [email protected]. Security and authentication: Leading questions. What do I fear? That somebody steals my identity and I can't do anything about it. That biometrics takes it all – and privacy disappears - PowerPoint PPT Presentation
Citation preview
10.20.2007, Josef Noll NISnet
NISnet meeting 10.10.2007
Mobile Applied Trusted Computing
Josef Noll,
10.10.2007, Josef Noll NISnet
Security and authentication:
Leading questions What do I fear?
– That somebody steals my identity and I can't do anything about it.– That biometrics takes it all – and privacy disappears
What can I use to make life more comfortable?– Reduce number of “secure devices” I have to carry (BankID,
Telenor access card, keys, money, credit card, …)– Have a device which is secure (enough).
Why is my phone the security infrastructure?– Because I can ask my operator to block it, if it gets stolen.– Because it is not an insecure Microsoft device.
10.10.2007, Josef Noll NISnet
Summary:
Identity in the virtual world Real world:
see and/or talk Voice Face
Virtual world: email, web
Username, passwd SIM, PKI Security, privacy
Service world (between providers)
Identity management Service level agreement
(SLA) Trust relation
10.10.2007, Josef Noll NISnet
Introduction:
Identity Identity is attributes of your persona
– Social, Corporate and Private IDs Internet was built without an identity layer
– Identity 2.0 stems from Web 2.0– People, information and software– More user-oriented (wikis, comments, tags)– More seamless web services (AJAX)
Service related security– Provide just the information which is necessary
Mobile challenges
10.10.2007, Josef Noll NISnet
Summary:
Identity 2.0 – The goal User centric
– More like real life ID’s (passport, license)– Multiple ID’s (PID, SID, CID)– Certificates and preferences– Choose attributes
~more privacy ID providers
– Multiple providers– Own certificates
Mobile, and de-centralized
Personal(PID)
Corporate(CID)Social
(SID)
Identity
10.10.2007, Josef Noll NISnet
Challenge: Role based service access
Next Generation Applications:
– Customized services– Remote services– Proximity services– High flexibility– Telecom-IT integration
Challenges– Privacy– Trust– Application security
Appx
Appy
Appz
Identity providerCorporate - CID
VPN admittance Public Authority
…
Bank
Application providers
CertificateCertifica
te
Certificate
Social - SID
sports origin
Private - PIDMastercard,
VisaSoc. sec. number
Certificate
Telecom
Josef
Role based service access
My identities
10.10.2007, Josef Noll NISnet
New role:Identity provider
Certificate
Josefine
Remote services
Proximity services
Who provides?–ID provider
Where to store?–Network–Phone
How to store/backup?–long term, short term
10.10.2007, Josef Noll NISnet
Summary:Security Challenges Mobile based access and payment
– Next generation SIM cards– Virtualization of SIM credentials– Contactless access through NFC – (out-of-band) key distribution in heterogeneous networks
User privacy enhancing technologies– service specific authentication methods– role-based access mechanisms
Semantic Web and Web Services– Policies and rules support in ontologies– Trust distribution in distributed ontologies– Privacy protection in social networks
