identity metasystem in location based persistent
play

Identity Metasystem in Location Based Persistent Authentication - PowerPoint PPT Presentation

Dec 23, 2023 •339 likes •510 views

Identity Metasystem in Location Based Persistent Authentication EuroCAT 2009 European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy Hasan Ibne Akram M.Sc. Computer Science Fraunhofer Institute

  1. Identity Metasystem in Location Based Persistent Authentication EuroCAT 2009 European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy Hasan Ibne Akram M.Sc. Computer Science Fraunhofer Institute for Secure Information Technology Munich, Germany Munich University of Technology Munich, Germany

  2. Outline - Motivation - Introduction to PAISE - Privacy Principles for Smart Environments - Identity Metasystem - Identity Metasystem Technologies - OpenID - Windows CardSpace - Higgins - Proposed Architecture - Evaluation - Conclusion & Future Outlook

  3. 3 Motivation - Authentication in smart environment is traditionally device centric - If the device is stolen, there is a good chance of your identity being stolen - User can be impersonated - Traditional Location Tracking System (LTS), e.g., RFID, GPS etc. has been criticized by the privacy proponents - LTS is inherently lacks privacy principles EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  4. 4 Introduction to PAISE - A shift from device tracking paradigm to person tracking paradigm. - Person tracking using "Time-of-Flight" (TOF) cameras EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  5. 5 Privacy Principles for Smart Environments - Notice - Choice and Consent - Anonymity and Pseudonymity - Proximity and Locality EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  6. 6 Federated Identity 3 players of federation • Identity Provider Identity Metasystem • Relying Party • Subject/User EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  7. 7 Identity Metasystem C Com pi l er TCP/ I P I dent i t y M I dent i t y M et asyst em et asyst em Assem Assem bl y bl y Assem Assem bl y bl y Assem Assem bl y bl y Et her net Et her net Tokenr i ng Tokenr i ng 802. 11 802. 11 Ker ber os Ker ber os X. 509 X. 509 SAM SAM L L http://www.identityblog.com/stories/2005/07/05/IdentityMetasystem.htm EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  8. 8 Identity Metasystem Technologies –OpenID • Objective: Reduce username and password • Protocol was developed in 2005 • Main Features of OpenID – Light Weight Identity – Decentralized – Single-Sign-On • “ OpenID is a free and easy way to use a single digital identity across the Internet.” [ http://openid.net/ ] EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  9. 9 Identity Metasystem Technologies – Windows CardSpace • Windows CardSpaceis a client software from Microsoft which is a visual metaphor for identity selector for the end- user. • Windows CardSpace provides controlling power to the end- users on the fact that which information (about the end- users) should reach to the Relying Party and which should not. • It is shipped with Windows Vista (or as an add-on in Windows XP); it is not meant to replace the other standards handling digital identity rather to utilize and extend them. • CardSpace is token agnostic, i.e. it supports any token type i.e. SAML, OpenID, Kerberos or custom token type. EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  10. 10 Identity Metasystem Technologies – Higgins • An open source identity framework being developed at the Eclipse Foundation. • Higgins is a software infrastructure that supports consistence user experience that works with digital identity protocols, e.g. WS-Trust, OpenID, SAML, XDI, LDAP etc. • The main objective of the Higgins project is to manage multiple contexts, interoperability, define common interfaces for an identity system. • Various technologies including LDAP, SAML, WS-*, OpenID etc. can be plugged into the Higgins framework. EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  11. 11 Identity Metasystem Technologies Evaluation w.r.t. the Privacy Principles EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  12. 12 Proposed Architecture EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  13. 13 Evaluation 1. Notice 2. Choice and Consent 3. Anonymity and Pseudonymity 4. Proximity and Locality EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  14. 14 Conclusion &Future Outlook • Implementation of the architecture • Proof of Concept • Combining the Architecture with ProtectServe of Kantara Initiative Work Group - User Managed Access (UMA) – ProtectServe Specification • 4 Legged Scenario – User, IdP (the resource provider), RP (the consumer) and a Authorization Manager (AM) • Identity Dashboard • Web link: http://kantarainitiative.org/confluence/display/uma/Home EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

  15. 15 Thank you for paying attention. Questions? Contact: hasan.akram@sit.fraunhofer.de EuroCAT 2009 Identity Metasystem in Location Based Persistent Authentication - Hasan Ibne Akram European Workshop on Combining Context with Trust, Security and Privacy 9 September 2009, Pisa, Italy

Recommend

Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based

Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based

Contents Background Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based Signature Conclusion Manik Lal Das DA-IICT, Gandhinagar, India About DA-IICT and Our Group DA-IICT is a private university,

563 views • 35 slides
Persistent Data Structures and Managed References Clo j ures approach to Identity and State

Persistent Data Structures and Managed References Clo j ures approach to Identity and State

Persistent Data Structures and Managed References Clo j ures approach to Identity and State Rich Hickey Agenda Functions and processes Identity, State, and Values Persistent Data Structures Clojures Managed References

534 views • 39 slides
Location Based Services for J2ME F. Ricci Content Location-based services What is a

Location Based Services for J2ME F. Ricci Content Location-based services What is a

Location Based Services for J2ME F. Ricci Content Location-based services What is a location How to obtain location data Satellites Cellular network Short range positioning beacons JSR 179 Location API

767 views • 59 slides
Identity-Based Cryptosystems and Quadratic Residuosity Marc Joye Proxy: Fabrice Benhamouda PKC

Identity-Based Cryptosystems and Quadratic Residuosity Marc Joye Proxy: Fabrice Benhamouda PKC

Identity-Based Encryption Cocks IBE Scheme Algebraic Structure Applications Conclusion Identity-Based Cryptosystems and Quadratic Residuosity Marc Joye Proxy: Fabrice Benhamouda PKC 2016 Tapei, Taiwan 1 / 20 Identity-Based Encryption

655 views • 38 slides
Location- -based Routing in based Routing in Location Sensor Networks Sensor Networks Jie Gao

Location- -based Routing in based Routing in Location Sensor Networks Sensor Networks Jie Gao

Location- -based Routing in based Routing in Location Sensor Networks Sensor Networks Jie Gao Computer Science Department Stony Brook University 9/22/05 Jie Gao, CSE590-fall05 1 Location- -based routing based routing Location

1.07k views • 62 slides
Large-Scale Systems (2): Legion Legion vision: Metasystem consisting of millions of hosts,

Large-Scale Systems (2): Legion Legion vision: Metasystem consisting of millions of hosts,

CPSC-662 Distributed Computing Object-Oriented Distributed Technology Large-Scale Systems (2): Legion Legion vision: Metasystem consisting of millions of hosts, billions of objects, co- existing in a loose confederation tied together with

90 views • 6 slides
Location, Location, Location, Location, Location: Location: GPS and Google Earth GPS and

Location, Location, Location, Location, Location: Location: GPS and Google Earth GPS and

Location, Location, Location, Location, Location: Location: GPS and Google Earth GPS and Google Earth South Carolina Conference for the Social Studies October 5, 2007 Myrtle Beach, SC Julia Davis judavis@richlandone.org MaryAnn Sansonetti

395 views • 12 slides
Who Are You? Who Are You? Identity and Location in IP Geoff Huston APNIC Addresses and the IP

Who Are You? Who Are You? Identity and Location in IP Geoff Huston APNIC Addresses and the IP

Who Are You? Who Are You? Identity and Location in IP Geoff Huston APNIC Addresses and the IP Architecture Addresses and the IP Architecture Architecturally, IP Addresses are: Drawn from a Stable Global space Intended to be used in

382 views • 25 slides
Internet Identity Workshop IIW 2008b Introduction Johannes Ernst NetMesh Inc.

Internet Identity Workshop IIW 2008b Introduction Johannes Ernst NetMesh Inc.

Internet Identity Workshop IIW 2008b Introduction Johannes Ernst NetMesh Inc. http://netmesh.info/jernst Johannes Ernst Modern Identity History Facebook Proprietary et al. Yadis URL-based Age of identity Card-based interop

1.01k views • 24 slides
Location Services Based on Location Services Based on Cellular Networks Cellular Networks Mikko

Location Services Based on Location Services Based on Cellular Networks Cellular Networks Mikko

Location Services Based on Location Services Based on Cellular Networks Cellular Networks Mikko Voipio Next Generation Wireless Networks November 31, 2005 Background Background A lot of information is location based Location is,

509 views • 18 slides
Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie Gao Jie Gao Computer Science Department Stony Brook University Papers Papers [Karp00] Karp, B. and Kung, H.T., Greedy Perimeter Stateless

605 views • 49 slides
Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie Gao Jie Gao Computer Science Department Stony Brook University 1 Papers Papers [Karp00] Karp, B. and Kung, H.T., Greedy Perimeter Stateless

493 views • 10 slides
Location- -based Routing in based Routing in Location Sensor Networks I Sensor Networks I Jie

Location- -based Routing in based Routing in Location Sensor Networks I Sensor Networks I Jie

Location- -based Routing in based Routing in Location Sensor Networks I Sensor Networks I Jie Gao Computer Science Department Stony Brook University 9/25/05 Jie Gao CSE590-fall06 1 Papers Papers [Karp00] Karp, B. and Kung, H.T.,

545 views • 51 slides
Galindo-Garcia Identity-Based Signature Revisited. Sanjit Chatterjee, Chethan Kamath and Vikas

Galindo-Garcia Identity-Based Signature Revisited. Sanjit Chatterjee, Chethan Kamath and Vikas

Galindo-Garcia Identity-Based Signature Revisited. Galindo-Garcia Identity-Based Signature Revisited. Sanjit Chatterjee, Chethan Kamath and Vikas Kumar Indian Institute of Science, Bangalore November 2, 2013 Galindo-Garcia Identity-Based

584 views • 57 slides
Attribute-Based Cryptography Lecture 21 And Pairing-Based Cryptography 1 Identity-Based

Attribute-Based Cryptography Lecture 21 And Pairing-Based Cryptography 1 Identity-Based

Attribute-Based Cryptography Lecture 21 And Pairing-Based Cryptography 1 Identity-Based Encryption 2 Identity-Based Encryption In PKE, KeyGen produces a random (PK,SK) pair 2 Identity-Based Encryption In PKE, KeyGen produces a random

1.47k views • 114 slides
Securing WSNs and the IoT: Performance Analysis of Identity-based Signatures Tobias Markmann

Securing WSNs and the IoT: Performance Analysis of Identity-based Signatures Tobias Markmann

Securing WSNs and the IoT: Performance Analysis of Identity-based Signatures Tobias Markmann tobias.markmann@haw-hamburg.de 23.04.2014 Outline 1. Introduction 2. Background 3. Identity-based Signature Schemes 4. Evaluation 5. Results 6.

1.06k views • 35 slides
Location- -based Routing in based Routing in Location Sensor Networks II Sensor Networks II

Location- -based Routing in based Routing in Location Sensor Networks II Sensor Networks II

Location- -based Routing in based Routing in Location Sensor Networks II Sensor Networks II Jie Gao Computer Science Department Stony Brook University Papers Papers Geographic routing in practice: Kim, Y.-J., Govindan, R., Karp, B.,

1.26k views • 59 slides
Measuring Location Based Success March 3 rd , 2011 @AsifRKhan @TheLBMA Founder & President

Measuring Location Based Success March 3 rd , 2011 @AsifRKhan @TheLBMA Founder & President

Measuring Location Based Success March 3 rd , 2011 @AsifRKhan @TheLBMA Founder & President www.thelbma.com Scan To WIn Simon Salts Social Loca.on Marke.ng @incslinger Location Based Location Based Services Marketing A

672 views • 45 slides
Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes Identity theft can cost you time and money. Tips for Preventing Identity Theft

322 views • 10 slides
Location Based Services Location Based Services Technologies Technologies Communication

Location Based Services Location Based Services Technologies Technologies Communication

Location Based Services Location Based Services Technologies Technologies Communication Networks Laboratory Dept. of Informatics and Telecommunications University of Athens Stathes Hadjiefthymiades Communication Networks 1 Communication

459 views • 12 slides
Identity, State and Values Clojures approach to concurrency Rich Hickey Agenda Functions

Identity, State and Values Clojures approach to concurrency Rich Hickey Agenda Functions

Identity, State and Values Clojures approach to concurrency Rich Hickey Agenda Functions and processes Identity, State, and Values Persistent Data Structures Clojures Managed References Q&A Functions Function

615 views • 40 slides
Identity and Access Management Using Identity Management and Identity Governance to increase

Identity and Access Management Using Identity Management and Identity Governance to increase

Identity and Access Management Using Identity Management and Identity Governance to increase Automation and Security. Identity Management (IAM, IdM) defining and managing the roles and access privileges of individual network users, and the

2.89k views • 13 slides
Attribute-Based Cryptography Lecture 21 And Pairing-Based Cryptography Identity-Based

Attribute-Based Cryptography Lecture 21 And Pairing-Based Cryptography Identity-Based

Attribute-Based Cryptography Lecture 21 And Pairing-Based Cryptography Identity-Based Encryption Identity-Based Encryption In PKE, KeyGen produces a random (PK,SK) pair Identity-Based Encryption In PKE, KeyGen produces a random (PK,SK) pair

1.65k views • 115 slides
T-110.456 Next generation cellular networks Location Services Based on Cellular Systems Alexei

T-110.456 Next generation cellular networks Location Services Based on Cellular Systems Alexei

T-110.456 Next generation cellular networks Location Services Based on Cellular Systems Alexei Semenov 06.04.2005 Agenda - Introduction - Location Service System Architecture - Mobile Location Protocol - Evolution of Location Services -

450 views • 17 slides

More recommend