ABSTRACT
User centricity is a significant concept in federated identity management (FIM), as it provides for stronger user control and privacy. However, several notions of user-centricity in the FIM community render its semantics unclear and hamper future research in this area. Therefore, we consider user-centricity abstractly and establish a comprehensive taxonomy encompassing user-control, architecture, and usability aspects of user-centric FIM. On the systems layer, we discuss user-centric FIM systems and classify them into two predominant variants with significant feature sets. We distinguish credential-focused systems, which advocate offline identity providers and long-term credentials at a user's client, and relationship-focused systems, which rely on the relationships between users and online identity providers that create short-term credentials during transactions. Note that these two notions of credentials are quite different. The further one encompasses cryptographic credentials as defined by Lysyanskaya et al. [30], the latter one federation tokens as used in today's FIM protocols like Liberty.We raise the question where user-centric FIM systems may go--within the limitations of the user-centricity paradigm as well as beyond them. Firstly, we investigate the existence of a universal user-centric FIM system that can achieve a superset of security and privacy properties as well as the characteristic features of both pre-dominant classes. Secondly, we explore the feasibility of reaching beyond user-centricity, that is, allowing a user of a user-centric FIM system to again give away user-control by means of an explicit act of delegation. We do neither claim a solution for universal user-centric systems nor for the extension beyond the boundaries ventures by leveraging the properties of a credential-focused FIM system.
- Introduction to usability, 2005. http://www.usabilityfirst.com/intro/index.txl.]]Google Scholar
- ABADI, M., AND NEEDHAM, R. Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering 22, 1 (1996), 6--15.]] Google ScholarDigital Library
- ASHLEY, P., HADA, S., KARJOTH, G., POWERS, C., AND SCHUNTER, M. Enterprise Privacy Authorization Language (EPAL 1.1), 2003.]]Google Scholar
- BETTINI, C., JAJODIA, S., WANG, X. S., AND WIJESEKERA, D. Provisions and obligations in policy rule management. J. Netw. Syst. Manage. 11, 3 (2003), 351--372.]] Google ScholarDigital Library
- BLAZE, M., FEIGENBAUM, J., AND KEROMYTIS, A. D. KeyNote: Trust management for public-key infrastructures (position paper). Lecture Notes in Computer Science 1550 (1999), 59--63.]] Google ScholarDigital Library
- BLAZE, M., FEIGENBAUM, J., AND LACY, J. Decentralized trust management. Tech. Rep. 96--17, 28, 1996.]] Google ScholarDigital Library
- BRANDS, S. Rethinking Public Key Infrastructure and Digital Certificates--Building in Privacy. PhD thesis, Eindhoven Institute of Technology, Eindhoven, The Netherlands, 1999.]]Google Scholar
- BRICKELL, E., CAMENISCH, J., AND CHEN, L. Direct anonymous attestation. In CCS '04: Proceedings of the 11th ACM conference on Computer and communications security (New York, NY, USA, 2004), ACM Press, pp. 132--145.]] Google ScholarDigital Library
- CAMENISCH, J. Protecting (anonymous) credentials with the trusted computing group's trusted platform modules v1.2. In Proceedings of the 21st IFIP International Information Security Conference (SEC 2006) (2006).]]Google Scholar
- CAMENISCH, J., AND LYSYANSKAYA, A. Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In Advances in Cryptology -- EUROCRYPT 2001 (2001), B. Pfitzmann, Ed., vol. 2045 of LNCS, Springer Verlag, pp. 93--118.]] Google ScholarDigital Library
- CAMENISCH, J., AND LYSYANSKAYA, A. Dynamic accumulators and application to efficient revocation of anonymous credentials. In Advances in Cryptology -- CRYPTO 2002 (2002), M. Yung, Ed., vol. 2442 of LNCS, Springer Verlag, pp. 61--76.]] Google ScholarDigital Library
- CAMENISCH, J., AND LYSYANSKAYA, A. Signature schemes and anonymous credentials from bilinear maps. In Advances in Cryptology -- CRYPTO 2004 (2004), LNCS, Springer Verlag.]]Google Scholar
- CAMENISCH, J., AND SHOUP, V. Practical verifiable encryption and decryption of discrete logarithms. In Advances in Cryptology -- CRYPTO 2003 (2003), D. Boneh, Ed., LNCS.]]Google Scholar
- CAMENISCH, J., SOMMER, D., AND ZIMMERMANN, R. A general certification framework with applications to privacy-enhancing certificate infrastructures. In Proceedings of the 21st IFIP International Information Security Conference (2006).]]Google ScholarCross Ref
- CAMERON, K. Laws of identity, 5/12/2005.]]Google Scholar
- CHASE, M., AND LYSYANSKAYA, A. On signatures of knowledge. Cryptology ePrint Archive, Report 2006/184, 2006.]]Google Scholar
- CRANOR, L., LANGHEINRICH, M., MARCHIORI, M., PRESLER-MARSHALL, M., AND REAGLE, J. The Platform for Privacy Preferences 1.0 (P3P1.0) Specification.]]Google Scholar
- EUROPEAN PARLIAMENT. Directive 95/46/ec of the european parliament and the council of 24 october 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities (1995).]]Google Scholar
- HALL, R. S., HEIMBIGNER, D., AND WOLF, A. L. A cooperative approach to support software deployment using the software dock. In ICSE '99: Proceedings of the 21st international conference on Software engineering (Los Alamitos, CA, USA, 1999), IEEE Computer Society Press, pp. 174--183.]] Google ScholarDigital Library
- Higgins Trust Framework, 2006. http://www.eclipse.org/higgins/.]]Google Scholar
- HOUSLEY, R., POLK, W., FORD, W., AND SOLO, D. RFC 3280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, Apr. 2002. Status: Informational.]] Google ScholarDigital Library
- IDENTITY-MANAGEMENT. Liberty alliance project. http://www.projectliberty.org.]]Google Scholar
- INTERNET2. Shibboleth. http://shibboleth.internet2.edu.]]Google Scholar
- J. MERRELS, SXIP IDENTITY. DIX: Digital Identity Exchange Protocol. Internet Draft, March 2006.]]Google Scholar
- KALER, C., AND NADALIN, A. Web services federation language, 2003.]]Google Scholar
- KALER, C., AND NADALIN, A. Ws-federation: Passive requestor profile, 2003. Available from: ftp://www6.software.ibm.com/software/developer/library/ws-fedpass.pdf.]]Google Scholar
- LI, N., WINSBOROUGH, W. H., AND MITCHELL, J. C. Distributed credential chain discovery in trust management: extended abstract. In ACM Conference on Computer and Communications Security (2001), pp. 156--165.]] Google ScholarDigital Library
- LIBERTY ALLIANCE. Liberty alliance id-ff 1.2 specifications. Available at http://www.projectliberty.org.]]Google Scholar
- LÜER, C., AND VAN DER HOEK, A. Jploy: User-centric deployment support in a component platform.]]Google Scholar
- LYSYANSKAYA, A., RIVEST, R., SAHAI, A., AND WOLF, S. Pseudonym systems. In Selected Areas in Cryptography (1999), H. Heys and C. Adams, Eds., vol. 1758 of LNCS, Springer Verlag.]] Google ScholarDigital Library
- MICROSOFT. A technical reference for InfoCard v1.0 in windows, 2005.]]Google Scholar
- NATIONAL INSTITUTE FOR STANDARDS AND TECHNOLOGY (NIST). Digital signature standard (dss), 2000.]]Google Scholar
- OASIS STANDARD. Security assertion markup language (SAML) V2.0, 2005.]]Google Scholar
- OECD. OECD guidelines on the protection of privacy and transborder flows of personal data, 1980.]]Google Scholar
- PRIME CONSORTIUM. Privacy and Identity Management for Europe (PRIME). Web site at www.prime-project.eu.]]Google Scholar
- RIVEST, R., SHAMIR, A., AND ADLEMAN, L. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21, 2 (Feb. 1978), 120--126.]] Google ScholarDigital Library
Index Terms
- User centricity: a taxonomy and open issues
Recommendations
User centricity: A taxonomy and open issues
The Second ACM Workshop on Digital Identity Management - DIM 2006User centricity is a significant concept in federated identity management (FIM), as it provides for stronger user control and privacy. However, several notions of user-centricity in the FIM community render its semantics unclear and hamper future ...
Identity federation and privacy: one step beyond
DIM '08: Proceedings of the 4th ACM workshop on Digital identity managementProviding Single Sign-On (SSO) between SPs and enabling SPs to share user personal attributes are critical for both users to benefit from a seamless access to their services, and SPs to realize new business opportunities. Today, however, the users have ...
Understanding User Centricity
This new column will cover user centricity as it applies to software design and development. It will include real-world examples of common problems in software development and describe simple techniques for solving such problems.
Comments