Who am I Now?

373 views
322 views

Published on

A presentation I gave on behalf of OSDL in 2005.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
373
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
4
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Who am I Now?

  1. 1. “Who Am I Now?”: Identity and Mobility David “Lefty” Schlesinger Director, Open Source Technologies OSDL NEPs and Carriers Face-to-Face© 2006, ACCESS Co. Ltd. All rights reserved. 10 Oct. 2006
  2. 2. Do you know me?   “How can you tell?”—Dorothy Parker, on being told that Pres. Calvin Coolidge had died   Identity in the literal village (c. 12th century) is fundamentally different than identity in the virtual village (c. 21st century)   When mobility is limited, establishing identity is relatively easy   As mobility increases, establishing identity becomes both more difficult, more important, and potentially more useful Copyright © 2006, PalmSource, Inc. All rights reserved. 2
  3. 3. How Is Identity Established?   First-hand Recognition •  This is the trivial case •  Limited utility outside of very constrained contexts, by its very nature   Second-Hand Recognition (aka “Introduction”) •  A mutually trusted third party is necessary to make the introduction •  Second-hand recognition becomes first-hand recognition   You know me, you know her, but does she know me? •  Identity relationships are not inherently transitive Copyright © 2006, PalmSource, Inc. All rights reserved.
  4. 4. Increased Mobility Requires Credentials   Reputation could be passed on, one hop at a time. Someone had to vouch for you, or give you a reference   As we travelled farther, we needed credentials   As we did more things, and needed to establish our identities for different purposes, we needed more credentials   Today, we travel farther than ever, both physically and virtually; we do more things than ever. Copyright © 2006, PalmSource, Inc. All rights reserved.
  5. 5. Third-Hand Recognition…   …otherwise known as “credentials” •  Again, a trusted third party (aka “an authority”) is required •  A business card is not a credential; lose your wallet and see for yourself! •  My driver’s license is not generally helpful in Nepal…   Credentials need to be authenticatable •  The authority can (hopefully) validate credentials, but this is not always practical… •  Challenges and responses… Copyright © 2006, PalmSource, Inc. All rights reserved.
  6. 6. Some Different Kinds of Credentials Copyright © 2006, PalmSource, Inc. All rights reserved.
  7. 7. A Quick Digression…   The GSM/SIM system is the most widespread identity management infrastucture ever created… •  More than 1.7 billion subscribers in over 200 countries at the end of 2005 •  There are more countries with GSM systems than there are in the United Nations! •  There are more countries with GSM systems than there are with McDonalds!   UMTS/USIM will make even greater functionality available Copyright © 2006, PalmSource, Inc. All rights reserved.
  8. 8. Who I Am Depends on What’s Going On   A particular “identity”, i.e. a given credential, is only meaningful in a given context and domain •  Driver’s license at the airport ticket counter…? Okay! •  Passport at the airport ticket counter…? Okay! •  Driver’s license at the roadside…? Okay! •  Passport at the roadside…? Not okay. •  Passport at immigration…? Okay! •  Driver’s license at immigration…? Not okay.   Potentially, my mobile device can encompass all these credentials and more… Copyright © 2006, PalmSource, Inc. All rights reserved.
  9. 9. Authentication   Authentication reliably associates an actual human being (i.e. a physical identity) with a digital identity •  Via something you know (e.g. a password) •  Via something you have (e.g. a token) •  Via something you are (e.g. biometrics)   Strong authentication requires multiple factors •  My passport functions as a two-factor authentication: a physical token with an embedded “biometric device”…   As we do more with our mobile devices—i.e. as our mobile devices hold more, and more sensitive information about us—the need to authenticate increases Copyright © 2006, PalmSource, Inc. All rights reserved.
  10. 10. Another Brief Digression •  The hanko: something you have… == •  Hanko design requires research; they need to be unique, even for common names –  430,000 people in Japan have the last name “Sato” •  This is why archaic scripts, such as tensho (i.e. “seal script”) are used for this sort of thing… •  Since the hanko is only a single-factor authentication scheme, and since there are no protections against copying, physical or digital, hanko counterfeit is a growing and serious problem in Japan Copyright © 2006, PalmSource, Inc. All rights reserved.
  11. 11. One Response…   Mitsubishi Pencil Co. introduced the “Dial Bank Hanko”…   Two eight-position dials alter the arrangement of the pattern on the outer rings •  64 possibilities… •  Acceptance has been…slow Copyright © 2006, PalmSource, Inc. All rights reserved.
  12. 12. Who I Am Depends on Who You Are   Identity is about relationship and access •  My work “identity”: access to my corporate network, servers, etc. •  My cellphone “identity”: access to my provider’s network •  My Google “identity”: access to email, etc. •  My Amazon “identity”: access to my recommendations, past orders, etc.   Managing a multiplicity of “identities” becomes increasingly difficult… Copyright © 2006, PalmSource, Inc. All rights reserved.
  13. 13. Multiple Identity Disorder…?   Even in a given context, one can have multiple identities. At work I have: •  An email “identity” •  A source code management system “identity” •  A bug tracking system “identity” •  A payroll system “identity” •  And several others… Copyright © 2006, PalmSource, Inc. All rights reserved.
  14. 14. Names   Names abstract multiple identities, multiple kinds of identity, and the attributes of identity •  My web page changes, but the URL remains the same…   Names simplify access to identity •  “www.google.com” or 72.14.205.99 or 72.14.205.104 or…?   For a name to be useful, you need access to the information it abstracts •  This is the function of “a directory” •  LDAP is one example: I can access all my work “identities” through a single password… Copyright © 2006, PalmSource, Inc. All rights reserved.
  15. 15. Partial Identities   Mary has   Boyfriend Bob sees •  A Social Security •  A Social Security number number •  An auto insurance •  An auto insurance policy policy number number •  A work phone •  A work phone •  A personal mobile •  A personal mobile phone phone •  A diary •  A diary Copyright © 2006, PalmSource, Inc. All rights reserved.
  16. 16. Partial Identities   Mary has   Mary’s employer sees •  A Social Security •  A Social Security number number •  An auto insurance •  An auto insurance policy policy number number •  A work phone •  A work phone •  A personal mobile •  A personal mobile phone phone •  A diary •  A diary Copyright © 2006, PalmSource, Inc. All rights reserved.
  17. 17. Why Partial Identities?   In a secure system, access to resources is based on the “principle of least privilege”   Similarly, in identity management, access to information should be based on the “principle of data economy”   Transactions should be •  Unobservable: they directly reveal no information about the parties involved •  Untraceable: no framing information is usable to identify the parties involved •  Unlinkable: no two transactions can be associated with one another   Anonymity should be the baseline… Copyright © 2006, PalmSource, Inc. All rights reserved.
  18. 18. “But wait, there’s more!”   As mobile devices, and the systems supporting them become more capable, the information which can be incorporated into one or more of our identities expands: •  Location •  Location history •  Friends and contacts •  Preferences •  Buying habits •  Etc… Copyright © 2006, PalmSource, Inc. All rights reserved.
  19. 19. Expanded Identities, Expanded Services   Based on my preferences, location and time of day, the content of my personal mobile “portal” can be customized… •  Most likely in coordination with service-providing partners   “I’m away from home, it’s lunch time in this time zone, and I like ramen…” •  I like places with counters better than places with tables… •  I especially like Sapporo-style miso ramen… •  Etc., etc… Copyright © 2006, PalmSource, Inc. All rights reserved.
  20. 20. A Sample Enhanced Transaction   I choose a participating restaurant from the selection on my phone’s customized portal…   A token (a credential) is transferred to my phone by the service provider…   When I go to the (physical) restaurant, my phone transfers the token back… •  I get a discount on my ramen •  The service provider is paid a “finder’s fee” by the ramen-ya •  The service provider pays a participation fee to the network operator Copyright © 2006, PalmSource, Inc. All rights reserved.
  21. 21. A Couple of Points…   My mobile operator doesn’t need to know I like ramen, only that I received a token (of some sort) that I might redeem…   The ramen-ya doesn’t need to know anything about me (other than that I’ve presented them with a verifiably valid discount token) Copyright © 2006, PalmSource, Inc. All rights reserved.
  22. 22. More Scenarios…   Based on my location and my DVD-buying habits… •  The service provider recommends a movie to me… •  I buy an “e-movie-ticket” through my mobile device… •  My mobile operator passes the payment to the theater… •  The theater pays the service provider…   The service provider is able to leverage the mobile operator’s billing infrastructure!   My phone can be my wallet—eCash experiments in Tokyo… Copyright © 2006, PalmSource, Inc. All rights reserved.
  23. 23. Some Proposed Definitions   Mobile Identity = Data + Policies regarding the use of that data   Mobile Identity is a set of claims a “digital subject” makes regarding itself Copyright © 2006, PalmSource, Inc. All rights reserved.
  24. 24. Challenges   Security is not generally a goal of users, they don’t view it as making them more productive…   Users underestimate the consequences of insufficient security •  Thus, they are not willing to invest a lot of effort in order to learn how to use security mechanisms… Copyright © 2006, PalmSource, Inc. All rights reserved.
  25. 25. What’s Needed Here…?   User-friendly interfaces need to be developed for the non- expert to prevent unintentional misuse •  Different “partial identities” for different purposes   Verifiable linkage between real and digital identity on user’s device is critical to prevent impersonation   Published identifying data—both personal and device characteristics—must be protected against misuse Copyright © 2006, PalmSource, Inc. All rights reserved.
  26. 26. What Are We Doing?   The ACCESS Linux Platform provides facilities which can be leveraged for on-device identity management •  A flexible, policy-driven security infrastructure •  Support for a variety of authentication schemes through Linux’s PAM infrastructure •  Certificate management services •  SIM tool kit •  Vaulting services Copyright © 2006, PalmSource, Inc. All rights reserved.
  27. 27. Some Recommended Reading   The Consortium of the Future of Identity in the Information Society (FIDIS): www.fidis.net •  D3.3: A Study on Mobile Identity Management •  D11.1: Towards a Taxonomy of Mobility and Identity   Digital Identity, J. Philip Windley, O’Reilly Books Copyright © 2006, PalmSource, Inc. All rights reserved.
  28. 28. That’s all, folks! Thanks! Copyright © 2006, PalmSource, Inc. All rights reserved. 28

×