1 / 11

Human identity - a security perspective

Human identity - a security perspective. Thomas Kriegelstein. Security - Goals. Secrecy No disclosure of the document Integrity Discovery of changes to the document Accountability Knowledge/Proof of the document‘s origin require cryptographic mechanisms to achieve them. Availability

reed-sullivan
Download Presentation

Human identity - a security perspective

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Human identity - a security perspective Thomas Kriegelstein

  2. Security - Goals • Secrecy • No disclosure of the document • Integrity • Discovery of changes to the document • Accountability • Knowledge/Proof of the document‘s origin • require cryptographic mechanisms to achieve them. • Availability • requires organisational mechanisms to achieve it. TU Dresden

  3. Security – Mechanisms • Encryption/Decryption • Integrity protection/testing • Signature generation/verification • They require a secret. • The secret lies in keys not algorithms. • They require cryptographic keys . TU Dresden

  4. Implications of Anonymity Anonymity is the state of being not identifiable within a set of subjects, the anonymity set. • All elements are different. • All use different cryptographic keys. • Use of keys for accountability impossible. TU Dresden

  5. Implications of Pseudonymity Pseudonymity is the use of pseudonyms as IDs. • User accounts, e-mail addresses are considered pseudonyms. • Ongoing usage of pseudonyms provides/increases linkability. • Pseudonyms within computer security utilize authentication to prevent usage by strangers. TU Dresden

  6. Usage of Pseudonyms I • Type of the pseudonym is determined by pseudonym‘s reuse: role pseudonym role relationship pseudonym transaction pseudonym personal pseudonym relationship pseudonym linkability anonymity TU Dresden

  7. Usage of Pseudonyms II • Linkability can not decrease. • Linkability should be small beforehand of pseudonym‘s reuse. • Anonymity is required. • Management should not increase linkability: • Of pseudonyms. • Of actions. TU Dresden

  8. Implications on Identity • Mapping from pseudonym to human being is needed. • Can be achieved by: • What he knows. • What he possesses. • What he is. • What is known about him. • No use of such a mapping without trust to it, unless usage is enforced. TU Dresden

  9. The Big Picture others ID2 User1 Me Trustee ID1 P1 P4 P3 P2 User2 System boundary Me others TU Dresden

  10. Conclusions • Trustworthy use of different pseudonyms requires anonymity. • Linkability of pseudonyms can‘t be guaranteed. • Linkability of actions can‘t be reduced. • Management should not increase linkability. • Within computer security there are goals to achieve, pseudonyms to use and policies to enforce, but there is no identity apart from equality of bit strings or linkability of pseudonyms. TU Dresden

  11. Conditional Anonymity Revocation User2 Trustee Judge User1 Action/P4 ensureDetectable P4/P2 Link P4/P3 P4 linked P4 linked/P4 Action performed/P2 detect P4/P1 detect P4/Judge P4 is ID1 TU Dresden

More Related