1 / 14

LionShare & USHER

LionShare & USHER. Derek Morr Spring ’06 MM. Overview. LionShare is an academic peer-to-peer filesharing system. Strong emphasis on on identity management: Users must be identified to share files. Optional attribute-based authorization. Authentication.

lilia
Download Presentation

LionShare & USHER

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. LionShare & USHER Derek Morr Spring ’06 MM

  2. Overview • LionShare is an academic peer-to-peer filesharing system. • Strong emphasis on on identity management: Users must be identified to share files. • Optional attribute-based authorization.

  3. Authentication • To identify themselves, users digitally sign certain protocol messages and XML fragments. • Users obtain short-term certs from an online CA, called the SASL-CA. • Think kx509, but with SASL and in Java.

  4. Certificate Types • Identity: CN=DEREK VAUGHAN MORR(dvm105@psu.edu)/dvm105@psu.edu, OU=ACADEMIC SERV & EMERGING TECH, O=Pennsylvania State University, L=UNIVERSITY PARK, ST=Pennsylvania, C=US • Opaque: CN=6ZYEBU6OPVQSCQLEKEM463QVLLQXTUU2PTCSYDLK2VHZA3FJR27UJFUJXB5ZSEVUL3US2FZ5O4LZWIR3737THCFTX4B2RJMWC27LB2DMQFL7ZQAXMD4Q

  5. Authorization • Users can create attribute-based ACLs. • LS 1.1 supports a subset of eduPerson; this may be expanded in a later release. • We use a custom SAML profile to obtain and exchange attributes. This requires a plugin to Shib 1.3.

  6. Split Roots • AuthN (the SASL-CA) is rooted in USHER. • AuthZ (Shib) is rooted in InCommon. • Fortunately, the two CAs have similar policies.

  7. Bridging the Roots • Users obtain an USHER-rooted opaque cert from the SASL-CA with a CryptoShibHandle in the DN: CN=6ZYEBU6OPVQSCQLEKEM463QVLLQXTUU2PTCSYDLK2VHZA3FJR27UJFUJXB5ZSEVUL3US2FZ5O4LZWIR3737THCFTX4B2RJMWC27LB2DMQFL7ZQAXMD4Q • This is a symmetrically encrypted identifier that the IdP can interpret.

  8. Bridging the Roots • Open a mutually authenticated SSL tunnel to IdP with the opaque cert to obtain an InCommon-rooted SAML AttributeAssertion. • The AttributeAssertion is bound to the USHER-rooted opaque cert via Holder-of-Key Confirmation

  9. Holder-of-Key Confirmation <SubjectConfirmation> <ConfirmationMethod> urn:lionshare-test:holder-of-key </ConfirmationMethod> <SubjectConfirmationData> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate> Base64-encoded opaque cert here… </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </SubjectConfirmationData> </SubjectConfirmation>

  10. Security Model USHER Foundation

  11. “Friendly Trust” • AuthZ (Shib) has extensive metadata about each node that supplements PKIX. • AuthN (SASL-CA) does not. Anything from USHER is trusted. • No one wants to run a LS-specific federation.

  12. Deployment • 1.0 - Sept ’05 • 1.1 - April/May ’06 • Penn State got its USHER CA cert last week. • In last stages of testing, should go live “soon.”

  13. SASL-CA Future • Version 0.4 almost ready (rc5 is being prepped). • Version 0.5: • Pluggable cert types, possibly based on HEPKI-TAG certprofiles • May introduce backwards-incompatible protocol changes

More Related