Separating: Authenticate credential management, attribute management and ID management

Tuesday – Session 4 - I

Convener: Jim Fenton, Cisco Systems Notes-taker(s): Jari Koivisto, Cisco Systems A.	Tags for the session - technology discussed/ideas considered: Identity system, attribute, relying party, identity provider, authentication, assertion B.	Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps: Short presentation and discussion Introduction Terminology A basic identity system 	e-commerce site 	IdP 	User Elements of identity management 	Authentication (establishing who the Subject is) 	Credential managemen (prove to relying parties who the Subject is) 	Attribute management (provide information about the subject) User trust 	User trust in their IdP is fundamental 	An ecosystem of IdP is required Authentication Authentication methods 	Methods useful for user authentication are situation-specific 	Problem: Many existing ID systems are bound tightly to IdP Authentication Strength 	Relying party knows how good the authentication should be Authentication endpoint Security opportunities 	Users that authenticate frequently at a given service are more likely to detect anomalies 	IdP providers can detect anomalous user behavior 	Similar to detection of fraudulent credit card transactions Credential management Credential management: functions 	Act as a "key cabinet" for the user 	Support directed ID 	Enforce secure use of credentials Directed identity Security and availability issues 	Security 	High value target 	Availability 	Failure of an ID manager may have severe impact on its Subjects Attribute management Distributed attributes 	Self-asserted attributes have limited utility 	Authoritative sources for different attributes come from different places 	ID system has a role in locating trustable sources of attributes 	Attributes delivered as signed assertions Attribute distribution: Example 	Example of Alice buying wine online 	Alice 	Wine merchant 	IdP 	DMV or Healthcare provider Attribute trust 	Federation: Prearranged trust relationsships 	Accreditation: indirect federation 	Financial institutions, schools Identity provider trust 	IdP has fiduciary responsibility 	To the Subject: 	Must use credentials only for the proper Subject 	To RPs: 	Must associate attribute request and responses reliably 	IdP may coincidentally funtion as an attribute provider Observations 	Scaling is critical 	etc. Discussion: 	RPs have different views what is identity 	Identity vs. Identity information 	Different IdPs give different sets of attributes 	What is the question that RP needs to ask (over 18/21 vs. birth day) 	Attributes of the Subject, e.g. Subjects attibute is: Subject is Cisco employee 	User -> RP -> User -> IdP -> User -> RP 	Yes User is >18 	Discussion about: Is it IdP who user trusts to get the attributes, or should User be the one who makes the decision 	Discussion about the assertions, e.g. State assertion does not mean that it is necessary better than self assertion. Address as an example. 	Federated trust frameworks, level of assurance (1, 2, 3, 4)