1 / 51

Privacy-Friendly and Trustworthy Identity Management with Attribute-Based Credentials

Privacy-Friendly and Trustworthy Identity Management with Attribute-Based Credentials. NITC / SEARCC Conference 2017 Colombo, Sri Lanka 2017-09-14. Prof. Dr. Kai Rannenberg Deutsche Telekom Chair of Mobile Business & Multilateral Security Goethe University Frankfurt www.m-chair.de.

carollam
Download Presentation

Privacy-Friendly and Trustworthy Identity Management with Attribute-Based Credentials

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy-Friendly and Trustworthy Identity Management with Attribute-Based Credentials NITC / SEARCC Conference 2017 Colombo, Sri Lanka 2017-09-14 Prof. Dr. Kai Rannenberg Deutsche Telekom Chair of Mobile Business & Multilateral Security Goethe University Frankfurt www.m-chair.de

  2. Agenda • Privacy (and security) issues of typical federated Identity Management architectures • Identity Management and Overidentification • Identity Assurance and the “Calling Home” problem • Solution approaches • Partial Identities • Attribute Based Credentials (Privacy-ABCs) • Application examples • Using Privacy-ABCs in the ABC4Trust Project • Redactable Signatures for Cloud Identity Management • Conclusions & Outlook

  3. Agenda • Privacy (and security) issues of typical federated Identity Management architectures • Identity Management and Overidentification • Identity Assurance and the “Calling Home” problem • Solution approaches • Partial Identities • Attribute Based Credentials (Privacy-ABCs) • Application examples • Using Privacy-ABCs in the ABC4Trust Project • Redactable Signatures for Cloud Identity Management • Conclusions & Outlook

  4. Typical federated architecture for Identity Management (IdM) Identity Service Provider (IdSP) Relying Party (RP) trust 1. request access 1. Request access 3. token request 2. policy 4. token response 5. token User

  5. Typical federated architecture for Identity Management (IdM) Identity Service Provider (IdSP) Relying Party (RP) trust 1. request access 1. Request access 3. token request 2. policy 4. token response 5. token User

  6. Identity Management and Overidentification Identity Service Provider (IdSP) Relying Party (RP) RP gets to know values of the tokens and thus toomuch of the user’s identity. trust 1. request access 1. Request access 3. token request 2. policy 4. token response 5. token User

  7. Agenda • Privacy (and security) issues of typical federated Identity Management architectures • Identity Management and Overidentification • Identity Assurance and the “Calling Home” problem • Solution approaches • Partial Identities • Attribute Based Credentials (Privacy-ABCs) • Application examples • Using Privacy-ABCs in the ABC4Trust Project • Redactable Signatures for Cloud Identity Management • Conclusions & Outlook

  8. The “Calling Home” Problem Identity Service Provider (IdSP) Relying Party (RP) IdSP usually learns about RP via token request. trust IdSP learns time of access & attributes requested. 1. request access 1. Request access 3. token request 2. policy 4. token response 5. token User

  9. STORK European eID PEPS Triple “Calling Home” Requester Relying Party Assurance Token (reference) Assurance Token Provider (“Identity Provider”) Gateway Home Country of Assurance Token Provider Gateway Home Country of Relying Party

  10. Agenda • Privacy (and security) issues of typical federated Identity Management architectures • Identity Management and Overidentification • Identity Assurance and the “Calling Home” problem • Solution approaches • Partial Identities • Attribute Based Credentials (Privacy-ABCs) • Application examples • Using Privacy-ABCs in the ABC4Trust Project • Redactable Signatures for Cloud Identity Management • Conclusions & Outlook

  11. People live their life in different roles (professional, private, volunteer) using different identities (pseudonyms): email accounts, SIM cards, eBay trade names, chat names, Facebook names, …) Differentiated identitieshelp to protect privacy, especially anonymity personal security/safety enable reputation buildingat the same time Identity management systems support users using role based identities help to present the “right” identity in the right context Organisationsaim tosort out User Accounts in different IT systems Authentication Rights management Access control Unified identitieshelp to ease administration manage customer relations Identity management systems ease single-sign-on by unify accounts solve the problems of multiple passwords Identity Management (IdM)2 sides of a medal with enormous economic potential

  12. People live their life in different roles (professional, private, volunteer) using different identities (pseudonyms): email accounts, SIM cards, eBay trade names, chat names, Facebook names, …) Differentiated identitieshelp to protect privacy, especially anonymity personal security/safety enable reputation buildingat the same time Identity management systems support users using role based identities help to present the “right” identity in the right context Organisationsaim tosort out User Accounts in different IT systems Authentication Rights management Access control Unified identitieshelp to ease administration manage customer relations Identity management systems ease single-sign-on by unify accounts solve the problems of multiple passwords Identity Management (IdM)2 sides of a medal with enormous economic potential

  13. Partial Identities needed Identities Management Based on [Clauß, Köhntopp 2001]

  14. Identity Definition inISO/IEC 24760 to reduce the risk of Overidentification • Identity (partial identity): • “Set of attributes related to an entity” • From “A Framework for Identity Management” (ISO/IEC 24760) • Part 1: Terminology and concepts (IS:2011) • Part 2: Reference framework and requirements (IS:2015) • Part 3: Practice (IS:2016) [standards.iso.org/ittf/PubliclyAvailableStandards/index.html] [www.jtc1sc27.din.de/en]

  15. Agenda • Privacy (and security) issues of typical federated Identity Management architectures • Identity Management and Overidentification • Identity Assurance and the “Calling Home” problem • Solution approaches • Partial Identities • Attribute Based Credentials (Privacy-ABCs) • Application examples • Using Privacy-ABCs in the ABC4Trust Project • Redactable Signatures for Cloud Identity Management • Conclusions & Outlook

  16. Attribute Based Credentials (Privacy-ABCs) • Certifying relevant attributes • Token issuance and presentation unlinkable • Rather “coins” (that cannot be distinguished)than “bank notes” (that have a serial number) • Users can disclose (minimal) subsets of the encoded claims • To respond to unanticipated requests of RPs • Without invalidating the token integrity • E.g. Certificate for birth date -> Claim for being over 21 • Two major approaches and technologies • U-Prove (Credentica -> Microsoft) • Idemix (IBM)

  17. Two approaches forPrivacy-ABCs Zero-Knowledge Proofs Blind Signatures Issuer Issuer User User Verifier Verifier U-Prove Idemix (Identity Mixer) Brands, Paquin et al. Discrete Logs, RSA, .. Damgard, Camenisch & Lysyanskaya Strong RSA, pairings (LMRS, q-SDH)

  18. Selective Authentication with Privacy-ABCs Verifier / Relying Party (RP) Credential Issuer / Identity Service Provider (IdSP) trust 3. request access 4. request policy- compliant token 1. request credentials 2. collect credentials 6. present token 5. compute minimal disclosure token Recipient / Prover (User)

  19. Partial Identities enabled Identities Management Based on [Clauß, Köhntopp 2001]

  20. Agenda • Privacy (and security) issues of typical federated Identity Management architectures • Identity Management and Overidentification • Identity Assurance and the “Calling Home” problem • Solution approaches • Partial Identities • Attribute Based Credentials (Privacy-ABCs) • Application examples • Using Privacy-ABCs in the ABC4Trust Project • Redactable Signatures for Cloud Identity Management • Conclusions & Outlook

  21. ABC4TrustObjectives • A common, unified architecture for ABC systems to enable • Comparing their respective features • Combining them on common platforms • “Lock-In” free usage of ABC systems • Open reference implementations of selected ABC systems • Deployments in actual production enabling • Minimal disclosure • Provision of anonymous feedback to a community to one is accredited as a member • Relevant Standards • e.g. in ISO/IEC JTC 1/SC 27/WG 5“Identity Management and Privacy Technologies”

  22. ABC4TrustPartners Johann Wolfgang Goethe-Universität Frankfurt, DE Alexandra Institute AS, DK Research Academic ComputerTechnology Institute, GR IBM Research - Zurich, CH Miracle A/S, DK NSN Management International GmbH, DE Technische Universität Darmstadt, DE Unabhängiges Landeszentrum für Datenschutz, DE Eurodocs AB, SE CryptoExperts SAS, FR Microsoft NV, BE Söderhamn Kommun, SE

  23. ABC4Trust Pilot Trial: Course Rating • Course ratings conducted anonymously without lecturers knowing participants’ identities • Conduct polls based on attendance • Issue multiple credentials (student cards, class attendance) • Verify with anonymous proofs towards “untrusted” infrastructure • Privacy-friendly rewarding process Computer Technology Institute & Press –“Diophantus” Patras, Greece

  24. ABC4Trust Pilot Trial:Community Interaction • School internal forum for communication among pupils, teachers, and personnel • Provide trusted authentication while protecting pseudonymity/anonymity • Usability: make privacy technology understandable for non-technical users (e.g. pupils) Norrtullskolan School Söderhamn, Sweden

  25. ABC4Trust ArchitectureEntities and Interactions Issuer Revocation Authority [Optional] Credential Revocation Revocation info retrieval Credential Issuance Revocation Info Retrieval User Presentation Token Token Inspection Inspector [Optional] Relying Party (Verifier)

  26. Agenda • Privacy (and security) issues of typical federated Identity Management architectures • Identity Management and Overidentification • Identity Assurance and the “Calling Home” problem • Solution approaches • Partial Identities • Attribute Based Credentials (Privacy-ABCs) • Application examples • Using Privacy-ABCs in the ABC4Trust Project • Redactable Signatures for Cloud Identity Management • Conclusions & Outlook

  27. Service Provider (SP) provides online services to users Identity Service Provider (IdSP) handles identification and authentication of users for the SP Userwants to access protected service at SP that requires authentication Advantages:Scalability, Elasticity, Cost Effectiveness… Disadvantage: Lack of Privacy Cloud-based Identity Managementcurrently { “id":"12345==", "given_name":"Max", "family_name":,"Mustermann" "birthdate":,"01-01-1990" "gender":,"M" } 29

  28. Service Provider (SP) provides online services to users Identity Service Provider (IdSP) handles identification and authentication of users for the SP User wants to access protected service at SP that requires authentication Advantages: Scalability, Elasticity, Cost Effectiveness…PrivacyStrong Authentication CREDENTIAL Advanced cloud-based Identity Management { “id":"12345==", "given_name":"Max", "family_name":,"Mustermann" "birthdate":,"01-01-1990" "gender":,"M" } { “id":"ByKPb", "given_name":"gRyxiU5", "family_name":,“jHlkFm" "birthdate":,“dfGTrFd" "gender":,“LmNoP" } 30

  29. Agenda • Privacy (and security) issues of typical federated Identity Management architectures • Identity Management and Overidentification • Identity Assurance and the “Calling Home” problem • Solution approaches • Partial Identities • Attribute Based Credentials (Privacy-ABCs) • Application examples • Using Privacy-ABCs in the ABC4Trust Project • Redactable Signatures for cloud-based Identity Management • Conclusions & Outlook

  30. Conclusions & Outlook • The Internet and related services are coming ever closer to people. • A more privacy friendly Internet requires: • Decentralisation • Partial Identities and Identifiers (assured when needed) • Minimum Disclosure • Privacy-ABCs, Redactable Signatures • Strong Sovereign Assurance Tokens (smart cards, mobile devices (?), …) • ABC4Trust Book • www.abc4trust.eu • https://github.com/p2abcengine/ • www.credential.eu • www.jtc1sc27.din.de/en • www.fidis.net • www.picos-project.eu • www.primelife.eu • www.prime-project.eu • www.m-chair.de, Kai.Rannenberg@m-chair.de

  31. Deutsche Telekom Chair of Mobile Business & Multilateral Security Prof. Dr. Kai Rannenberg Goethe University Frankfurt Theodor-Adorno-Platz 4 60629 Frankfurt, Germany Phone +49 (0)69 798 34701 Fax +49 (0)69 798 35004 E-Mail: info@m-chair.de WWW: www.m-chair.de

  32. References 1 • ABC4Trust: www.abc4trust.eu • ABC4Trust video: https://abc4trust.eu/index.php/press/2011-11-08-14-42-18 • Kim Cameron, Reinhard Posch, Kai Rannenberg: Proposal for a common identity framework: A User-Centric Identity Metasystem; Pp. 477 – 500 in [Rannenberg, Royer, Deuker 2009] • Sebastian Clauß, Marit Köhntopp: Identity management and its support of multilateral security. Computer Networks, Volume 37, Issue 2, October 2001, Pages 205-219 • FIDIS: Future of Identity in the Information Society; www.fidis.net • Christian Kahl, Katja Böttcher, Markus Tschersich, Stephan Heim, Kai Rannenberg: How to enhance Privacy and Identity Management for Mobile Communities: Approach and User driven Concepts of the PICOS Project; Pp. 277-288 in: Kai Rannenberg, Vijay Varadharajan, Christian Weber: Security and Privacy – Silver Linings in the Cloud; Proceedings of 25th IFIP International Information Security Conference (IFIP SEC 2010), 20-23 September 2010, Brisbane, Australia, Springer IFIP Advances in Information and Communication Technology Series, Vol. 330, ISBN 978-3-642-15256-6 • Ioannis Krontiris, Herbert Leitold, Reinhard Posch, Kai Rannenberg: eID Interoperability; Pp. 167-186 in: Walter Fumy, Manfred Paeschke (Eds.): Handbook of eID Security – Concepts, Practical Experiences, Technologies, Publicis, ISBN 978-3-89578-379-1 • ISO/IEC JTC 1/SC 27/WG 5: Identity Management and Privacy Technologies; www.jtc1sc27.din.de • PICOS: Privacy and Identity Management for Community Services; www.picos-project.eu • PRIME: Privacy and Identity Management for Europe; www.prime-project.eu • PrimeLife: Privacy and Identity Management for Life; www.primelife.eu

  33. References 2 • Kai Rannenberg: Multilateral Security – A concept and examples for balanced security; Pp. 151-162 in: Proceedings of the 9th ACM New Security Paradigms Workshop 2000, September 19-21, 2000 Cork, Ireland; ACM Press; ISBN 1-58113-260-3 • Kai Rannenberg: CamWebSim and Friends: Steps towards Personal Security Assistants; Pp. 173 - 176 in Viktor Seige et al.: The Trends and Challenges of Modern Financial Services – Proceedings of the Information Security Summit; May 29-30, 2002, Prague; Tate International; ISBN 80-902858-5-6 • Kai Rannenberg: Identity management in mobile cellular networks and related applications; Information Security Technical Report; Vol. 9, No. 1; 2004; pp. 77 – 85; ISSN 1363-4127 • Kai Rannenberg, Jan Camenisch, Ahmad Sabouri: Attribute-based Credentials for Trust - Identity in the Information Society– • Kai Rannenberg, Denis Royer, Andre Deuker: The Future of Identity in the Information Society – Opportunities and Challenges; Springer 2009, ISBN 978-3-540-88480-4 • Deutsche Telekom Chair for Mobile Business & Multilateral Security; www.m-chair.de • Daniel Villatoro, Jetzabel Serna, Víctor Rodríguez, Marc Torrent-Moreno: The TweetBeat of the City: Microblogging Used for Discovering Behavioural Patterns during the MWC2012; pP. 43-56 in: Jordi Nin, Daniel Villatoro: Citizen in Sensor Networks; LFirst International Workshop, CitiSens 2012, Montpellier, France, August 27, 2012, Revised Selected Papers, Lecture Notes in Computer Science, Volume 7685,2013 • Jan Zibuschka, Lothar Fritsch, Mike Radmacher, Tobias Scherner, Kai Rannenberg: Enabling Privacy of Real-Life LBS: A Platform for Flexible Mobile Service Provisioning; in Proceedings of the 22nd IFIP TC-11 International Information Security Conference 2007; 14-16 May 2007, Sandton, South Africa; Springer IFIP Series

  34. About the speaker “Master” TU Berlin (Dipl.-Inform.) 1989Technical data protection in distributed systems PhD: Freiburg University (Dr. rer. pol.) 1997“Criteria and Certification of multilateral IT-Security“ -> Standardization at ISO/IEC JTC 1/SC 27 and DIN NI-27 Kolleg “Sicherheit in der Kommunikationstechnik“ Gottlieb Daimler- and Karl Benz-Foundation 1993 – 1999 -> Multilateral Security: “Empowering Users, Enabling Applications“ Microsoft Research Cambridge 1999 – 2002 Goethe University Frankfurt since 2002 ISO/IEC JTC 1/SC 27/WG 5 since 2006:Identity Management and Privacy Technologies

  35. ABC4Trust ArchitectureTechnical building blocks Reference implementationwith ABC functionality • coded in the ABC-Engine, • exposed to the application layeras web-services, • as open source. For developers • Easier application development • Cryptographic operations are abstracted away from. For users • Only need to install a browser plug-in

  36. ABC4Trust Architecture Characteristics • Unification of features • Selective disclosure, pseudonymity, unlinkability, … • XML specification of the data exchange between e.g. Issuer, User, Verifier, Revocation Authority • Crypto Architecture • Allows seamless integration of cryptographic primitives • Encapsulated in components with common interfaces, allowing the rest of the cryptographic layer to be implementation-agnostic • Users can • obtain credentials for more than one Privacy-ABC technology and • use them on the same hardware and software platforms. • Service providers and Identity Service Providers can • adopt whatever Privacy-ABC technology best suits their needs. • Open source implementation available on Github • Avoid technology lock-in • Raise trust in Privacy-ABC technologies

  37. ABC4Trust @GitHub • https://github.com/p2abcengine/ • Source codes available under Apache license  • Documentation, installation guide and wiki pages

  38. CREDENTIAL Vision and Perspective The vision of the CREDENTIAL consortium is to develop, test, and showcaseinnovativecloud-based servicesfor storing, managing, and sharing digital identity information and other highly critical personal data with a demonstrably higher level of security than other current solutions. Enhance privacy (proxy re-encryption, malleable signatures, …) strong hardware-based multi-factor authentication 40

  39. CREDENTIALProject Overview • Call:H2020-DS-2014-1 • Acronym: CREDENTIAL • Type of Action: Innovation Action (IA) • Number:653454 • Partners: 12 • Duration: 36 months • Start Date: 2015-10 • Estimated Project Cost: approx. 6.5 M Euro • Requested EU Contribution: approx. 6 M Euro • Coordinator: Austrian Institute of Technology GmbH • Technical Coordinator: Graz University of Technology

  40. CREDENTIALPartners

  41. CREDENTIALProject Goals Develop an architecture for secure and privacy-friendly cloud-based identity management • Advance novel cryptograhic and secure technologies • Privacy and high security assurance assuming an “Honest but curious” cloud service provider • Combination of Proxy Re-Encryption and Redactable (Malleable) signatures • Selective disclosure of identity attributes • Strong authentication • Two-Factor authentication instead of username/password towards the cloud • Inclusion of strong hardware-based approaches (e.g. TPM, TEE, SE) incorporated in client devices • Make it available, usable and push it to market-readiness level • Human centered design • Interoperability with existing IdM technologies • Pilot, test, evaluate and make it economically relevant • Evaluate the technology in three pilot areas • Standardization 43

  42. CREDENTIALTechnology Pillars

  43. Cryptographic building blocksProxy Re-Encryption A (Encrypt) CA Proxy CB B (Decrypt) Plaintext Plaintext A’s Public Key B’s Private Key Re-Encryption Key A→B A’s Private Key B’s Public Key A semi-trusted proxy can alter a ciphertext, which has been encrypted for one party A, so that it may be decrypted by another party B. The proxy thereby gains neither access to the plaintext of the data nor to the decryption key. 45

  44. Proxy Re-EncryptionExample Application: Data Sharing • User A wants to protect her files in the cloud: • Encrypts files for herself • Uploads files to a cloud storage • User A wants to share files with User B: • Generates a re-encryption key • Hands re-encryption key to cloud storage • Cloud storage re-encrypts User A‘s files for User B on demand.

  45. Cryptographic building blocks Redactable Signatures • Signer produces a signature. • Allow for replacement or removal of (specified) parts of a message after signature creation (selective disclosure). • Original signature stays valid (can be updated without involving the signer). 47

  46. Proxy re-encryption +redactable signatures • Combination of Proxy Re-Encryption and Redactable Signatures to achieve: • Confidentiality and Secure Data Sharing • Integrity/Authenticity and Selective Disclosure • 3rd party redacts without seeing underlying plaintext • Data provider not directly involved

  47. A possible combination for more privacy-friendly cloud-based Identity Management Re-encrypted by IdSP for SP ... <pr:Person xsi:type="pr:Physical <pr:Identification> <pr:Value>KPbgisdf</pr:V <pr:Type>http://reference.e-g </pr:Identification> ... ... <pr:Person xsi:type="pr:Physical <pr:Identification> <pr:Value>ByKPbgRyxiU5</pr:V <pr:Type>http://reference.e-g </pr:Identification> <pr:Name> <pr:GivenName>ByKPbg</pr:Given <pr:FamilyName>BxiU5</pr:Fami </pr:Name> ... Identity Service Provider (IdSP) Service Provider (SP) Signature by IdSP Signature valid Re-enc key for SP SP decrypts ... <pr:Person xsi:type="pr:Physical <pr:Identification> <pr:Value>123456</pr:V <pr:Type>http://reference.e-g </pr:Identification> ... ... <pr:Person xsi:type="pr:Physical <pr:Identification> <pr:Value>ByKPbgRyxiU5</pr:V <pr:Type>http://reference.e-g </pr:Identification> <pr:Name> <pr:GivenName>ByKPbg</pr:Given <pr:FamilyName>BxiU5</pr:Fami </pr:Name> ... Encrypted attributes Redactable signature by attribute provider (attribute authority) Attributes selectively redacted Plaintext 49

  48. CREDENTIAL Demonstration/Piloting • e-Government pilot • Lombardy Region SP for publicadministration (Italy) • Wallet for employees and citizens • e-Health pilot • Industry partners from health and IT sector (Germany) • Quantified self / medical patient data store • e-Business pilot • InfoCert LegalCloud trust services (Italy) • Cloud identity provider for public andprivate sector 50

More Related