SlideShare a Scribd company logo

Who am I Now?

David Schlesinger
David Schlesinger

The document discusses identity and mobility in the modern world. As mobility has increased, establishing identity has become both more difficult and important. Identity is now established through credentials from trusted third parties rather than just first or second-hand recognition. Modern mobile devices have the potential to consolidate various credentials and contextual identities, and enable new services through personalized access to user information with privacy and security protections. Challenges remain around user-friendly identity management and verifying the link between real and digital identities.

1 of 28
Download to read offline
“Who Am I Now?”: Identity and Mobility David “Lefty” Schlesinger Director, Open Source Technologies OSDL NEPs and Carriers Face-to-Face © 2006, ACCESS Co. Ltd. All rights reserved. 10 Oct. 2006
Do you know me?   “How can you tell?”—Dorothy Parker, on being told that Pres. Calvin Coolidge had died   Identity in the literal village (c. 12th century) is fundamentally different than identity in the virtual village (c. 21st century)   When mobility is limited, establishing identity is relatively easy   As mobility increases, establishing identity becomes both more difficult, more important, and potentially more useful Copyright © 2006, PalmSource, Inc. All rights reserved. 2
How Is Identity Established?   First-hand Recognition •  This is the trivial case •  Limited utility outside of very constrained contexts, by its very nature   Second-Hand Recognition (aka “Introduction”) •  A mutually trusted third party is necessary to make the introduction •  Second-hand recognition becomes first-hand recognition   You know me, you know her, but does she know me? •  Identity relationships are not inherently transitive Copyright © 2006, PalmSource, Inc. All rights reserved.
Increased Mobility Requires Credentials   Reputation could be passed on, one hop at a time. Someone had to vouch for you, or give you a reference   As we travelled farther, we needed credentials   As we did more things, and needed to establish our identities for different purposes, we needed more credentials   Today, we travel farther than ever, both physically and virtually; we do more things than ever. Copyright © 2006, PalmSource, Inc. All rights reserved.
Third-Hand Recognition…   …otherwise known as “credentials” •  Again, a trusted third party (aka “an authority”) is required •  A business card is not a credential; lose your wallet and see for yourself! •  My driver’s license is not generally helpful in Nepal…   Credentials need to be authenticatable •  The authority can (hopefully) validate credentials, but this is not always practical… •  Challenges and responses… Copyright © 2006, PalmSource, Inc. All rights reserved.
Some Different Kinds of Credentials Copyright © 2006, PalmSource, Inc. All rights reserved.
A Quick Digression…   The GSM/SIM system is the most widespread identity management infrastucture ever created… •  More than 1.7 billion subscribers in over 200 countries at the end of 2005 •  There are more countries with GSM systems than there are in the United Nations! •  There are more countries with GSM systems than there are with McDonalds!   UMTS/USIM will make even greater functionality available Copyright © 2006, PalmSource, Inc. All rights reserved.
Who I Am Depends on What’s Going On   A particular “identity”, i.e. a given credential, is only meaningful in a given context and domain •  Driver’s license at the airport ticket counter…? Okay! •  Passport at the airport ticket counter…? Okay! •  Driver’s license at the roadside…? Okay! •  Passport at the roadside…? Not okay. •  Passport at immigration…? Okay! •  Driver’s license at immigration…? Not okay.   Potentially, my mobile device can encompass all these credentials and more… Copyright © 2006, PalmSource, Inc. All rights reserved.
Authentication   Authentication reliably associates an actual human being (i.e. a physical identity) with a digital identity •  Via something you know (e.g. a password) •  Via something you have (e.g. a token) •  Via something you are (e.g. biometrics)   Strong authentication requires multiple factors •  My passport functions as a two-factor authentication: a physical token with an embedded “biometric device”…   As we do more with our mobile devices—i.e. as our mobile devices hold more, and more sensitive information about us—the need to authenticate increases Copyright © 2006, PalmSource, Inc. All rights reserved.
Another Brief Digression •  The hanko: something you have… == •  Hanko design requires research; they need to be unique, even for common names –  430,000 people in Japan have the last name “Sato” •  This is why archaic scripts, such as tensho (i.e. “seal script”) are used for this sort of thing… •  Since the hanko is only a single-factor authentication scheme, and since there are no protections against copying, physical or digital, hanko counterfeit is a growing and serious problem in Japan Copyright © 2006, PalmSource, Inc. All rights reserved.
One Response…   Mitsubishi Pencil Co. introduced the “Dial Bank Hanko”…   Two eight-position dials alter the arrangement of the pattern on the outer rings •  64 possibilities… •  Acceptance has been…slow Copyright © 2006, PalmSource, Inc. All rights reserved.
Who I Am Depends on Who You Are   Identity is about relationship and access •  My work “identity”: access to my corporate network, servers, etc. •  My cellphone “identity”: access to my provider’s network •  My Google “identity”: access to email, etc. •  My Amazon “identity”: access to my recommendations, past orders, etc.   Managing a multiplicity of “identities” becomes increasingly difficult… Copyright © 2006, PalmSource, Inc. All rights reserved.
Multiple Identity Disorder…?   Even in a given context, one can have multiple identities. At work I have: •  An email “identity” •  A source code management system “identity” •  A bug tracking system “identity” •  A payroll system “identity” •  And several others… Copyright © 2006, PalmSource, Inc. All rights reserved.
Names   Names abstract multiple identities, multiple kinds of identity, and the attributes of identity •  My web page changes, but the URL remains the same…   Names simplify access to identity •  “www.google.com” or 72.14.205.99 or 72.14.205.104 or…?   For a name to be useful, you need access to the information it abstracts •  This is the function of “a directory” •  LDAP is one example: I can access all my work “identities” through a single password… Copyright © 2006, PalmSource, Inc. All rights reserved.
Partial Identities   Mary has   Boyfriend Bob sees •  A Social Security •  A Social Security number number •  An auto insurance •  An auto insurance policy policy number number •  A work phone •  A work phone •  A personal mobile •  A personal mobile phone phone •  A diary •  A diary Copyright © 2006, PalmSource, Inc. All rights reserved.
Partial Identities   Mary has   Mary’s employer sees •  A Social Security •  A Social Security number number •  An auto insurance •  An auto insurance policy policy number number •  A work phone •  A work phone •  A personal mobile •  A personal mobile phone phone •  A diary •  A diary Copyright © 2006, PalmSource, Inc. All rights reserved.
Why Partial Identities?   In a secure system, access to resources is based on the “principle of least privilege”   Similarly, in identity management, access to information should be based on the “principle of data economy”   Transactions should be •  Unobservable: they directly reveal no information about the parties involved •  Untraceable: no framing information is usable to identify the parties involved •  Unlinkable: no two transactions can be associated with one another   Anonymity should be the baseline… Copyright © 2006, PalmSource, Inc. All rights reserved.
“But wait, there’s more!”   As mobile devices, and the systems supporting them become more capable, the information which can be incorporated into one or more of our identities expands: •  Location •  Location history •  Friends and contacts •  Preferences •  Buying habits •  Etc… Copyright © 2006, PalmSource, Inc. All rights reserved.
Expanded Identities, Expanded Services   Based on my preferences, location and time of day, the content of my personal mobile “portal” can be customized… •  Most likely in coordination with service-providing partners   “I’m away from home, it’s lunch time in this time zone, and I like ramen…” •  I like places with counters better than places with tables… •  I especially like Sapporo-style miso ramen… •  Etc., etc… Copyright © 2006, PalmSource, Inc. All rights reserved.
A Sample Enhanced Transaction   I choose a participating restaurant from the selection on my phone’s customized portal…   A token (a credential) is transferred to my phone by the service provider…   When I go to the (physical) restaurant, my phone transfers the token back… •  I get a discount on my ramen •  The service provider is paid a “finder’s fee” by the ramen-ya •  The service provider pays a participation fee to the network operator Copyright © 2006, PalmSource, Inc. All rights reserved.
A Couple of Points…   My mobile operator doesn’t need to know I like ramen, only that I received a token (of some sort) that I might redeem…   The ramen-ya doesn’t need to know anything about me (other than that I’ve presented them with a verifiably valid discount token) Copyright © 2006, PalmSource, Inc. All rights reserved.
More Scenarios…   Based on my location and my DVD-buying habits… •  The service provider recommends a movie to me… •  I buy an “e-movie-ticket” through my mobile device… •  My mobile operator passes the payment to the theater… •  The theater pays the service provider…   The service provider is able to leverage the mobile operator’s billing infrastructure!   My phone can be my wallet—eCash experiments in Tokyo… Copyright © 2006, PalmSource, Inc. All rights reserved.
Some Proposed Definitions   Mobile Identity = Data + Policies regarding the use of that data   Mobile Identity is a set of claims a “digital subject” makes regarding itself Copyright © 2006, PalmSource, Inc. All rights reserved.
Challenges   Security is not generally a goal of users, they don’t view it as making them more productive…   Users underestimate the consequences of insufficient security •  Thus, they are not willing to invest a lot of effort in order to learn how to use security mechanisms… Copyright © 2006, PalmSource, Inc. All rights reserved.
What’s Needed Here…?   User-friendly interfaces need to be developed for the non- expert to prevent unintentional misuse •  Different “partial identities” for different purposes   Verifiable linkage between real and digital identity on user’s device is critical to prevent impersonation   Published identifying data—both personal and device characteristics—must be protected against misuse Copyright © 2006, PalmSource, Inc. All rights reserved.
What Are We Doing?   The ACCESS Linux Platform provides facilities which can be leveraged for on-device identity management •  A flexible, policy-driven security infrastructure •  Support for a variety of authentication schemes through Linux’s PAM infrastructure •  Certificate management services •  SIM tool kit •  Vaulting services Copyright © 2006, PalmSource, Inc. All rights reserved.
Some Recommended Reading   The Consortium of the Future of Identity in the Information Society (FIDIS): www.fidis.net •  D3.3: A Study on Mobile Identity Management •  D11.1: Towards a Taxonomy of Mobility and Identity   Digital Identity, J. Philip Windley, O’Reilly Books Copyright © 2006, PalmSource, Inc. All rights reserved.
That’s all, folks! Thanks! Copyright © 2006, PalmSource, Inc. All rights reserved. 28

Recommended

Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
From Pitch to Profit: Pitfalls to avoid when running creative businesses
From Pitch to Profit: Pitfalls to avoid when running creative businessesFrom Pitch to Profit: Pitfalls to avoid when running creative businesses
From Pitch to Profit: Pitfalls to avoid when running creative businesses
James Cotton
 
The Re- Return of Black and White SEO
The Re- Return of Black and White SEOThe Re- Return of Black and White SEO
The Re- Return of Black and White SEO
Performics.Convonix
 
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
Egyptian Engineers Association
 
Authentication technologies
Authentication technologiesAuthentication technologies
Authentication technologiesNicholas Davis
 
OSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsOSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
Accenture the Netherlands
 
CIS14: Identifying Things (and Things Identifying Us)
CIS14: Identifying Things (and Things Identifying Us)CIS14: Identifying Things (and Things Identifying Us)
CIS14: Identifying Things (and Things Identifying Us)
CloudIDSummit
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsRamesh Nagappan
 

Recommended

Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
From Pitch to Profit: Pitfalls to avoid when running creative businesses
From Pitch to Profit: Pitfalls to avoid when running creative businessesFrom Pitch to Profit: Pitfalls to avoid when running creative businesses
From Pitch to Profit: Pitfalls to avoid when running creative businesses
James Cotton
 
The Re- Return of Black and White SEO
The Re- Return of Black and White SEOThe Re- Return of Black and White SEO
The Re- Return of Black and White SEO
Performics.Convonix
 
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
Egyptian Engineers Association
 
Authentication technologies
Authentication technologiesAuthentication technologies
Authentication technologiesNicholas Davis
 
OSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsOSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
Accenture the Netherlands
 
CIS14: Identifying Things (and Things Identifying Us)
CIS14: Identifying Things (and Things Identifying Us)CIS14: Identifying Things (and Things Identifying Us)
CIS14: Identifying Things (and Things Identifying Us)
CloudIDSummit
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsRamesh Nagappan
 
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CloudIDSummit
 
Basic Security for Digital Companies - #MarketersUnbound (2014)
Basic Security for Digital Companies - #MarketersUnbound (2014)Basic Security for Digital Companies - #MarketersUnbound (2014)
Basic Security for Digital Companies - #MarketersUnbound (2014)
Justin Bull
 
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...Vivastream
 
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...Vivastream
 
Startup Spotlight: OneID
Startup Spotlight: OneIDStartup Spotlight: OneID
Startup Spotlight: OneID
pii2011
 
3.5 Online Services and Security and Privacy of Data
3.5 Online Services and Security and Privacy of Data3.5 Online Services and Security and Privacy of Data
3.5 Online Services and Security and Privacy of DataMomina Mateen
 
Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Nicholas Davis
 
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Nicholas Davis
 
Bug Bounty Programs : Good for Government
Bug Bounty Programs : Good for GovernmentBug Bounty Programs : Good for Government
Bug Bounty Programs : Good for Government
Dinesh O Bareja
 
Digital Identity
Digital Identity Digital Identity
Digital Identity
SanjaySharma1059
 
Identity 101: Boot Camp for Identity North 2016
Identity 101: Boot Camp for Identity North 2016Identity 101: Boot Camp for Identity North 2016
Identity 101: Boot Camp for Identity North 2016
Kaliya "Identity Woman" Young
 
Evolution of identity Stoyan Kenderov - MAC 2014 conference
Evolution of identity Stoyan Kenderov - MAC 2014 conferenceEvolution of identity Stoyan Kenderov - MAC 2014 conference
Evolution of identity Stoyan Kenderov - MAC 2014 conference
Stoyan Kenderov
 
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
Identive
 
WOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & SecurityWOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & Security
Victoria Armstrong
 
Physician Office Presentation
Physician Office PresentationPhysician Office Presentation
Physician Office Presentation
franbodh
 
Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2
Management Insights LLC
 
Electronic Authentication More Than Just A Password
Electronic Authentication More Than Just A PasswordElectronic Authentication More Than Just A Password
Electronic Authentication More Than Just A PasswordNicholas Davis
 
Electronic authentication more than just a password
Electronic authentication more than just a passwordElectronic authentication more than just a password
Electronic authentication more than just a passwordNicholas Davis
 
Biometric authentication methods
Biometric authentication methodsBiometric authentication methods
Biometric authentication methods
FelixTaelemans
 
Internet of Things (2015)
Internet of Things (2015)Internet of Things (2015)
Internet of Things (2015)
Patrice Kerremans
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 

More Related Content

Similar to Who am I Now?

CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CloudIDSummit
 
Basic Security for Digital Companies - #MarketersUnbound (2014)
Basic Security for Digital Companies - #MarketersUnbound (2014)Basic Security for Digital Companies - #MarketersUnbound (2014)
Basic Security for Digital Companies - #MarketersUnbound (2014)
Justin Bull
 
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...Vivastream
 
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...Vivastream
 
Startup Spotlight: OneID
Startup Spotlight: OneIDStartup Spotlight: OneID
Startup Spotlight: OneID
pii2011
 
3.5 Online Services and Security and Privacy of Data
3.5 Online Services and Security and Privacy of Data3.5 Online Services and Security and Privacy of Data
3.5 Online Services and Security and Privacy of DataMomina Mateen
 
Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Nicholas Davis
 
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Nicholas Davis
 
Bug Bounty Programs : Good for Government
Bug Bounty Programs : Good for GovernmentBug Bounty Programs : Good for Government
Bug Bounty Programs : Good for Government
Dinesh O Bareja
 
Digital Identity
Digital Identity Digital Identity
Digital Identity
SanjaySharma1059
 
Identity 101: Boot Camp for Identity North 2016
Identity 101: Boot Camp for Identity North 2016Identity 101: Boot Camp for Identity North 2016
Identity 101: Boot Camp for Identity North 2016
Kaliya "Identity Woman" Young
 
Evolution of identity Stoyan Kenderov - MAC 2014 conference
Evolution of identity Stoyan Kenderov - MAC 2014 conferenceEvolution of identity Stoyan Kenderov - MAC 2014 conference
Evolution of identity Stoyan Kenderov - MAC 2014 conference
Stoyan Kenderov
 
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
Identive
 
WOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & SecurityWOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & Security
Victoria Armstrong
 
Physician Office Presentation
Physician Office PresentationPhysician Office Presentation
Physician Office Presentation
franbodh
 
Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2
Management Insights LLC
 
Electronic Authentication More Than Just A Password
Electronic Authentication More Than Just A PasswordElectronic Authentication More Than Just A Password
Electronic Authentication More Than Just A PasswordNicholas Davis
 
Electronic authentication more than just a password
Electronic authentication more than just a passwordElectronic authentication more than just a password
Electronic authentication more than just a passwordNicholas Davis
 
Biometric authentication methods
Biometric authentication methodsBiometric authentication methods
Biometric authentication methods
FelixTaelemans
 
Internet of Things (2015)
Internet of Things (2015)Internet of Things (2015)
Internet of Things (2015)
Patrice Kerremans
 

Similar to Who am I Now? (20)

CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
 
Basic Security for Digital Companies - #MarketersUnbound (2014)
Basic Security for Digital Companies - #MarketersUnbound (2014)Basic Security for Digital Companies - #MarketersUnbound (2014)
Basic Security for Digital Companies - #MarketersUnbound (2014)
 
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
 
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
Notes Version: Is More Data Always Better The Legal Risks of Data Collection,...
 
Startup Spotlight: OneID
Startup Spotlight: OneIDStartup Spotlight: OneID
Startup Spotlight: OneID
 
3.5 Online Services and Security and Privacy of Data
3.5 Online Services and Security and Privacy of Data3.5 Online Services and Security and Privacy of Data
3.5 Online Services and Security and Privacy of Data
 
Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...
 
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
 
Bug Bounty Programs : Good for Government
Bug Bounty Programs : Good for GovernmentBug Bounty Programs : Good for Government
Bug Bounty Programs : Good for Government
 
Digital Identity
Digital Identity Digital Identity
Digital Identity
 
Identity 101: Boot Camp for Identity North 2016
Identity 101: Boot Camp for Identity North 2016Identity 101: Boot Camp for Identity North 2016
Identity 101: Boot Camp for Identity North 2016
 
Evolution of identity Stoyan Kenderov - MAC 2014 conference
Evolution of identity Stoyan Kenderov - MAC 2014 conferenceEvolution of identity Stoyan Kenderov - MAC 2014 conference
Evolution of identity Stoyan Kenderov - MAC 2014 conference
 
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
idOnDemand | Article | Looking For An ID Solution? Get It From idOnDemand!
 
WOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & SecurityWOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & Security
 
Physician Office Presentation
Physician Office PresentationPhysician Office Presentation
Physician Office Presentation
 
Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2
 
Electronic Authentication More Than Just A Password
Electronic Authentication More Than Just A PasswordElectronic Authentication More Than Just A Password
Electronic Authentication More Than Just A Password
 
Electronic authentication more than just a password
Electronic authentication more than just a passwordElectronic authentication more than just a password
Electronic authentication more than just a password
 
Biometric authentication methods
Biometric authentication methodsBiometric authentication methods
Biometric authentication methods
 
Internet of Things (2015)
Internet of Things (2015)Internet of Things (2015)
Internet of Things (2015)
 

Recently uploaded

National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 

Recently uploaded (20)

National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 

Who am I Now?

  • 1. “Who Am I Now?”: Identity and Mobility David “Lefty” Schlesinger Director, Open Source Technologies OSDL NEPs and Carriers Face-to-Face © 2006, ACCESS Co. Ltd. All rights reserved. 10 Oct. 2006
  • 2. Do you know me?   “How can you tell?”—Dorothy Parker, on being told that Pres. Calvin Coolidge had died   Identity in the literal village (c. 12th century) is fundamentally different than identity in the virtual village (c. 21st century)   When mobility is limited, establishing identity is relatively easy   As mobility increases, establishing identity becomes both more difficult, more important, and potentially more useful Copyright © 2006, PalmSource, Inc. All rights reserved. 2
  • 3. How Is Identity Established?   First-hand Recognition •  This is the trivial case •  Limited utility outside of very constrained contexts, by its very nature   Second-Hand Recognition (aka “Introduction”) •  A mutually trusted third party is necessary to make the introduction •  Second-hand recognition becomes first-hand recognition   You know me, you know her, but does she know me? •  Identity relationships are not inherently transitive Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 4. Increased Mobility Requires Credentials   Reputation could be passed on, one hop at a time. Someone had to vouch for you, or give you a reference   As we travelled farther, we needed credentials   As we did more things, and needed to establish our identities for different purposes, we needed more credentials   Today, we travel farther than ever, both physically and virtually; we do more things than ever. Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 5. Third-Hand Recognition…   …otherwise known as “credentials” •  Again, a trusted third party (aka “an authority”) is required •  A business card is not a credential; lose your wallet and see for yourself! •  My driver’s license is not generally helpful in Nepal…   Credentials need to be authenticatable •  The authority can (hopefully) validate credentials, but this is not always practical… •  Challenges and responses… Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 6. Some Different Kinds of Credentials Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 7. A Quick Digression…   The GSM/SIM system is the most widespread identity management infrastucture ever created… •  More than 1.7 billion subscribers in over 200 countries at the end of 2005 •  There are more countries with GSM systems than there are in the United Nations! •  There are more countries with GSM systems than there are with McDonalds!   UMTS/USIM will make even greater functionality available Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 8. Who I Am Depends on What’s Going On   A particular “identity”, i.e. a given credential, is only meaningful in a given context and domain •  Driver’s license at the airport ticket counter…? Okay! •  Passport at the airport ticket counter…? Okay! •  Driver’s license at the roadside…? Okay! •  Passport at the roadside…? Not okay. •  Passport at immigration…? Okay! •  Driver’s license at immigration…? Not okay.   Potentially, my mobile device can encompass all these credentials and more… Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 9. Authentication   Authentication reliably associates an actual human being (i.e. a physical identity) with a digital identity •  Via something you know (e.g. a password) •  Via something you have (e.g. a token) •  Via something you are (e.g. biometrics)   Strong authentication requires multiple factors •  My passport functions as a two-factor authentication: a physical token with an embedded “biometric device”…   As we do more with our mobile devices—i.e. as our mobile devices hold more, and more sensitive information about us—the need to authenticate increases Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 10. Another Brief Digression •  The hanko: something you have… == •  Hanko design requires research; they need to be unique, even for common names –  430,000 people in Japan have the last name “Sato” •  This is why archaic scripts, such as tensho (i.e. “seal script”) are used for this sort of thing… •  Since the hanko is only a single-factor authentication scheme, and since there are no protections against copying, physical or digital, hanko counterfeit is a growing and serious problem in Japan Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 11. One Response…   Mitsubishi Pencil Co. introduced the “Dial Bank Hanko”…   Two eight-position dials alter the arrangement of the pattern on the outer rings •  64 possibilities… •  Acceptance has been…slow Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 12. Who I Am Depends on Who You Are   Identity is about relationship and access •  My work “identity”: access to my corporate network, servers, etc. •  My cellphone “identity”: access to my provider’s network •  My Google “identity”: access to email, etc. •  My Amazon “identity”: access to my recommendations, past orders, etc.   Managing a multiplicity of “identities” becomes increasingly difficult… Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 13. Multiple Identity Disorder…?   Even in a given context, one can have multiple identities. At work I have: •  An email “identity” •  A source code management system “identity” •  A bug tracking system “identity” •  A payroll system “identity” •  And several others… Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 14. Names   Names abstract multiple identities, multiple kinds of identity, and the attributes of identity •  My web page changes, but the URL remains the same…   Names simplify access to identity •  “www.google.com” or 72.14.205.99 or 72.14.205.104 or…?   For a name to be useful, you need access to the information it abstracts •  This is the function of “a directory” •  LDAP is one example: I can access all my work “identities” through a single password… Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 15. Partial Identities   Mary has   Boyfriend Bob sees •  A Social Security •  A Social Security number number •  An auto insurance •  An auto insurance policy policy number number •  A work phone •  A work phone •  A personal mobile •  A personal mobile phone phone •  A diary •  A diary Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 16. Partial Identities   Mary has   Mary’s employer sees •  A Social Security •  A Social Security number number •  An auto insurance •  An auto insurance policy policy number number •  A work phone •  A work phone •  A personal mobile •  A personal mobile phone phone •  A diary •  A diary Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 17. Why Partial Identities?   In a secure system, access to resources is based on the “principle of least privilege”   Similarly, in identity management, access to information should be based on the “principle of data economy”   Transactions should be •  Unobservable: they directly reveal no information about the parties involved •  Untraceable: no framing information is usable to identify the parties involved •  Unlinkable: no two transactions can be associated with one another   Anonymity should be the baseline… Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 18. “But wait, there’s more!”   As mobile devices, and the systems supporting them become more capable, the information which can be incorporated into one or more of our identities expands: •  Location •  Location history •  Friends and contacts •  Preferences •  Buying habits •  Etc… Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 19. Expanded Identities, Expanded Services   Based on my preferences, location and time of day, the content of my personal mobile “portal” can be customized… •  Most likely in coordination with service-providing partners   “I’m away from home, it’s lunch time in this time zone, and I like ramen…” •  I like places with counters better than places with tables… •  I especially like Sapporo-style miso ramen… •  Etc., etc… Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 20. A Sample Enhanced Transaction   I choose a participating restaurant from the selection on my phone’s customized portal…   A token (a credential) is transferred to my phone by the service provider…   When I go to the (physical) restaurant, my phone transfers the token back… •  I get a discount on my ramen •  The service provider is paid a “finder’s fee” by the ramen-ya •  The service provider pays a participation fee to the network operator Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 21. A Couple of Points…   My mobile operator doesn’t need to know I like ramen, only that I received a token (of some sort) that I might redeem…   The ramen-ya doesn’t need to know anything about me (other than that I’ve presented them with a verifiably valid discount token) Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 22. More Scenarios…   Based on my location and my DVD-buying habits… •  The service provider recommends a movie to me… •  I buy an “e-movie-ticket” through my mobile device… •  My mobile operator passes the payment to the theater… •  The theater pays the service provider…   The service provider is able to leverage the mobile operator’s billing infrastructure!   My phone can be my wallet—eCash experiments in Tokyo… Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 23. Some Proposed Definitions   Mobile Identity = Data + Policies regarding the use of that data   Mobile Identity is a set of claims a “digital subject” makes regarding itself Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 24. Challenges   Security is not generally a goal of users, they don’t view it as making them more productive…   Users underestimate the consequences of insufficient security •  Thus, they are not willing to invest a lot of effort in order to learn how to use security mechanisms… Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 25. What’s Needed Here…?   User-friendly interfaces need to be developed for the non- expert to prevent unintentional misuse •  Different “partial identities” for different purposes   Verifiable linkage between real and digital identity on user’s device is critical to prevent impersonation   Published identifying data—both personal and device characteristics—must be protected against misuse Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 26. What Are We Doing?   The ACCESS Linux Platform provides facilities which can be leveraged for on-device identity management •  A flexible, policy-driven security infrastructure •  Support for a variety of authentication schemes through Linux’s PAM infrastructure •  Certificate management services •  SIM tool kit •  Vaulting services Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 27. Some Recommended Reading   The Consortium of the Future of Identity in the Information Society (FIDIS): www.fidis.net •  D3.3: A Study on Mobile Identity Management •  D11.1: Towards a Taxonomy of Mobility and Identity   Digital Identity, J. Philip Windley, O’Reilly Books Copyright © 2006, PalmSource, Inc. All rights reserved.
  • 28. That’s all, folks! Thanks! Copyright © 2006, PalmSource, Inc. All rights reserved. 28