1 / 29

Identity Management is

Identity Management is. THE ANSWER !!. What is the question?. what are risks to mitigate? what are the new risks created by trusting the ID management? what are the new risks created by ID fraud or failure malicious abuse of ID recovery denial of service

zenaida-hall
Download Presentation

Identity Management is

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identity Management is THE ANSWER !!

  2. What is the question? • what are risks to mitigate? • what are the new risks created by trusting the ID management? • what are the new risks created by • ID fraud or failure • malicious abuse of ID recovery • denial of service • You may think you are building one thing but if it works, it will become another

  3. What is the Question? • Targeted Ads Public Services & Finance When the Real Merges with the Artificial?

  4. “Identity Providers” Provide Fraud prevention & detection Payment DRM Resource allocation Personalization & price discrimination Filtering

  5. Reputations Systems Assume strategic behaviors by opponents Always linked to persistent pseudonym Low end reputation systems merge with rating systems Examples: eBay, slashdot, political blogs, kazaa Reputation designs have assumptions about fluidity of community embeds identity in a community

  6. Bit Torrent Swarm downloading No static reputation Must upload in order to download NO assumptions about community

  7. Who Is an ID Provider Amazon Honor System Small payments for web sites not accepting cash Rollout in the blog and open source communities Micropayments from pre-established accounts Fraud prevention & detection, Payment, Resource allocation Personalization & price discrimination, Filtering FaceBook Places identity in a community Available to employers martial status, orientation, religion, political interests cultural indicators are you one of us? Personalization & price discrimination, Filtering, resource allocation?

  8. Rating Systems Assume passive acceptance of ratings, active rating parties There may be no identity or account information Work on “wisdom of crowds” integration of many low quality signals is better than a single signal Examples: eopinions, Zagats Web site rating based on shared history and community behavior

  9. Securing the User: Account Management as Privacy Service Series of failed third party payment and privacy management systems generate one time credit cards decrease spam by creating single-merchant emails protect physical location information decrease fraud for merchants and subscribers generate individual credentials

  10. No Single Identity Identity systems determine fraud tolerance any entity with equal or more tolerance will seek to free ride any entity with more tolerance will under-invest in protecting the identifier identifiers free riders tragedy of the commons risk shifting MySpace solving this requires better systems, as well as better regulation

  11. Securing the User on the Network Identity based cryptography Sender ID Domain Keys IPv6

  12. Identity Based Cryptography Implications If eBay signed all outgoing emails at server, no phishing and no masquerade Incoming server could examine email and identify genuine emails, inside the trusted network Select customers could be given authentication for customer subgroups e.g., Bank of America with Comcast address Has the potential to retain the value of the merchant-customer email channel in the face of massive phishing Can be implemented ad-hoc

  13. Identity -Based Cryptography A Master secret key for each domain Master secret key generates individual keys Individual keys are distributed using trusted network Individual secret key has public key Anyone can generate the public key knowing the identity string and master secret key identity key confirms email, domain association domain association can confirm other attributes 20 ms per email for sig/verify compatible with current email via headers

  14. Microsoft Sender ID Check that TCP/IP addresses are correct all along the loop Cannot address NAT Cannot address botnets or subversions of networks Requires large-scale coordination for rollout

  15. Yahoo Domain Keys Authenticate DNS with traditional cryptography Authenticate emails as sent from domains Traditional PKI structure Problematic for political reasons, requires coordination In summer of 06, AOL rejected gmail email because of domain-key based spam

  16. Design for the Network or the Human? Start with human trust behaviors Trust Used for simplification Encompasses discrete technical problems privacy, integrity, data security Embeds discrete policy problems business behavior, customer service, quality of goods, privacy

  17. Usability on the Surface • Does What we Built Work? • Toolbars, do people pay attention? • Signed Email, tor • can you install it • can you use it • can you detect it? • Seals • A triumph of style over substance • SSL • what is that funny lock and what does it mean? • economics is NOT the same as business

  18. Dominant Trust Communication

  19. Beyond Interface Deep • Security people may want • surveillance as prevention • information more than privacy provision • Not built for the way people act • would that be a 7.2 privacy preference? • do you trust more or les than 17% • we’ll helpfully stop you from lying in any circumstance • With appropriate risk communication, signaling, etc • examination of how humans evaluate risk • computer security -- decision-making under uncertainty

  20. Security and Processes • Business processes • Organizational processes • Security aligned with users and processes • to the extent that this is possible • Users subvert security when it • violates privacy • provides nonrepudiation for all actions (blog, IM) • prevents use of media • or it is simply in the way • human risk behaviours are fairly consistent • trust pictures of faces, discount risks

  21. Trust and Context vs. Resource VerificationResources are often fairly easy to identify as “good” or “bad” in physical realms

  22. Trust and Context vs. Resource VerificationResources are often fairly easy to identify as “good” or “bad” in physical realms

  23. Trust and Context Fewer signals in economic terms Less usable in design terms

  24. Standing on the Toenails of Giants? • Economics • Behavioral • adversaries prefer to limit conflict scope • credible commitment • the advantage of closing off options • tipping • small incentives • Rational • CENTRALIZED PLANNED ECONOMIES DON’T WORK • distributed mechanisms, coordination at the low level

  25. Behavioral Economics implies Usability • usability studies • involving designers at an earlier level • what do users understand? • wireless & broadband • wide spread deployment by non-experts • botnets, e.g., home users, major tier 1 threat • Usability in Depth implies economics • Interface • Interactions • Incentives • is it rational to design for humans as if they were machines? • Social context • Human and Organizational requirements

  26. Net Trust Building from Theory • Using Social Context to Build Digital Context

  27. Beyond Trusted Third Parties • Giving users their own histories • This is a new site you have never visited • This site has no domain name, just a IP address • in a more meaningful manner, e.g. alert • FDIC says this in not a bank • BBB says YUCK • Your friends haven’t visited this site • As opposed to • Verisign has not approved this certification

  28. Identity Systems Place risk on responsible party instant credit == instant loss no distribution of some loses the police will not risk liberty to enforce your cheap business plan Do not allow risk-shifting to citizens pay for construction, maintenance through taxation pay for financial failures in personal lives law enforcement implements prosecution of the victim or perpetrator of crime there is no cost to the creator of the risks

  29. Educate the Individual Education without empowerment is useless risk that could be decreased is instead shifted empower by design and regulation

More Related