Design Paper Spring2009

  • Uploaded by: Michael Corsello
  • 0
  • 0
  • June 2020
  • PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA


Overview

Download & View Design Paper Spring2009 as PDF for free.

More details

  • Words: 2,801
  • Pages: 11
Corsello Research Foundation

User Identity Establishment, management, maintenance and representation of identity in software systems

michael.corsello 4/11/2009

Abstract The representation of identity in computer systems is the based upon the need to reference items stored within the computer by some form of handle. The essence of identity is provided a handle, it is possible to identify and access the specific item that handle identifies. To do this unambiguously with confidence is complex. This paper discusses the concepts of identity, where it is used in computer systems, issues in identity and some application schemes for identity usage in computational systems.

Michael Corsello

Design Paper

CSci 283 Computer Security

Introduction An identity is simply a representation of some entity. More specifically, an identity is a logical name, moniker or handle that represents a physical entity such as a person, user or file. In computer applications, all entities within the computer environment have identities that must be unique to ensure proper access.

Identity The identity of an entity (the subject) is the handle used to represent the entity when the entity itself is not available. This is always the case prior to accessing the entity itself. If a client wants to access a specific entity, and that entity is “held” by another entity (the server), the client will identify the specific entity it wants by providing the identity of the entity it is requesting. In order to perform this simple action, several things must hold true: The requesting client must know the appropriate identity for the entity it is requesting The responding server must know the entity that identity “maps” to The correspondence between the identity and the entity must be unique It is quite important to note at this time that an identity is itself an entity in the context of a computer system. In general, the identity may be used as an entity (such as a user account is both an entity and an identity) to provide a binding to other identities and entities.

Knowledge The first aspect of identity is knowledge. A requestor of an entity must know the identity of that entity. In basic human terms for a person to address another person, they must know that person’s name. The name is the person’s identity in this case.

P age |1

User Identities

Michael Corsello

Design Paper

CSci 283 Computer Security

A more subtle but important distinction in this scenario is that many people may share the same name, but the requester simply knows the name of the person they want to speak with and do not know if or who may also share that same name. This is the locality or localization of the identity space. Universe of Discourse When a client and server are communicating, they have an implied universe of discourse, or specific set of information they can share. A server will “know” the appropriate set of entities and their associated identities for communicating with this specific client. That set of entities does not have to be the entire set of entities the server is aware of. This localized set of entities forms the universe of discourse for the conversation between the client and server and forms the “scope” of the identity used in this conversation.

Binding The second aspect of identity is that of binding a physical entity to an identity. Each entity will have an identity that is used as the handle for that entity. Additionally, there may be multiple identities used to identify any specific entity. These identities may be specific to a client in that each client may have its own identity for a given entity. This is one way to maintain anonymity or transparency of identity. When an identity is bound to an entity, that binding is in some way shared to all clients that will use that identity to reference the specific entity it is bound to. Of great importance to security is the binding of multiple items to a single identity. One identity may be associated with a collection of entities in many ways. First, a given identity can resolve to an entity P age |2

User Identities

Michael Corsello

Design Paper

CSci 283 Computer Security

which is itself an identity of another form, such as a user name serving as an identity for a user account which is an entity also bound to a password identity. The pairing of both identity tokens of the username and password can resolve to the specific user account which itself is an identity used throughout a system.

Uniqueness For a system to provide a reliable mechanism for resolving an identity to an entity, that identity must be unique. The uniqueness of an identity is based upon a scope, and does not generally need to be universally unique. For example, multiple people may share the same name but as long as everyone in the room has a unique name all people can be referenced by their name unambiguously within the scope of that room. The concept of scope is based upon the universe of discourse discussed previously. Each scope has a set of identities logically contained within it. Those identities logically bind to the physical entities desired. An example of this is the URL concept on the internet. Each web site is universally unique (the www.mydomain.com portion), which defines the scope of the identity contained within the remainder of the url (the actual resource identifier after the “/”). So, for the url: http://www.mydomain.com/work/dogs/buster.html The scope of the identity is www.mydomain.com, and the unique identity is work/dogs/buster.html. It is a requirement that the identity of work/dogs/buster.html cannot resolve to more than one entity within this scope. However, another scope may also use this identical identity for a specific resource.

Entities The entities that must be identified within a computer system are subjects and include everything that may be referenced including users, files, folders, permissions, roles, devices, connections and so on. The

P age |3

User Identities

Michael Corsello

Design Paper

CSci 283 Computer Security

concept of an entity in a computer system is naturally divided into scopes by the intent of the requestor. It is natural in most areas of computer systems to “know” that a request for a file is distinct from a request for a device. Therefore, the request itself (based upon the API serving the request) has a natural scope. In this manner, the identity of each class of entity can be distinct based upon the API owning the dictionary of bindings.

Identity Patterns Each controlling server (or API) that deals with resolving identity may use its own identity pattern. For a url, the pattern is a set of nested scopes separated by the “/” character overall represented as a textual string. For the identity of a hardware device, it may be represented as a 32-bit unsigned integer for the device appended to an 8-bit unsigned bus identifier. These patterns of identity are distinct based upon the needs of the identity resolution process. In the case of the device identity within a system, there is little need to authenticate or provide other security related identity protocols; the identity is purely a handle for reference. In the case of user accounts, the identity of the account is merely a handle, but the account as an entity must be secured by some secondary identity (such as a username/password) that is bound to the account itself. This secondary identity is used for the authentication process to provide a verification of the identity.

Law of Identity Logically speaking, the law of identity is defined by

or that the identity A is identical to itself. This

is known as a tautology in discrete mathematics in that the identity is always true. This forms the basis of the authentication process in which an identity A is compared to an identity claim A’. The identity claim is compared to the identity, if the claim matches the identity, then the law of identity holds that the claim is equivalent to the identity and the claimant therefore possesses the identity.

P age |4

User Identities

Michael Corsello

Design Paper

CSci 283 Computer Security

Unfortunately, this does not equate to the meaning of the identity in that the claimant only knows and can reproduce the identity, and may or may not actual be the entity the identity represents. When the identity is that of a user (say an username and password), the identity credential will authenticate that the claimant produced an identity token that matches a known identity token thereby authenticating the claimant only as having the knowledge of the token. This means that is Eve knows Bob’s identity credential token (username and password), and then Eve can act as though she is Bob. The identity of Eve will therefore be Bob and therefore Eve has stolen Bob’s identity (identity theft).

Identification and Privacy There is a fundamental difference between identity and identification in a computer system and the concept of identification in the real world. In terms of what a person thinks of as identification for a human being, that would usually be a personal profile in a computer system. The personal aspects of a human being including items such as a name, addresses, phone numbers, education, race, credit card accounts, etc. are not part of a computer identity or identification. It is important that these concepts be separated and instead this form of information be treated directly as a data entity isolated from, but related to an identity entity treated as an independent entity. In this manner, the identification of a person is restricted to the portion of information required to authenticate a user. All the additional data points are represented as data entities that are then affiliated back to that user. Each of the attributes of this personally identifiable information (PII) can then be separately maintained and secured as data unidentifiable to the actual person they pertain to. This is the basic premise of anonymity and privacy. Many of the emerging identity implementations are geared at the basic user identity level and are attempting to address the issues of privacy and anonymity while allowing the binding of identities to PII.

P age |5

User Identities

Michael Corsello

Design Paper

CSci 283 Computer Security

Identity Management The overall process and practice of generating identities and maintaining the associations of identities to entities while maintaining the proper scope relations is collectively known as identity management. Within a computer system, the identity management process may be quite simple. If the computer is self-contained (not networked) then all identity information is local to that machine and is managed by the OS and related software installed on that machine. Once networking is enabled and used for identity distribution, the identity management process becomes much more complex.

Basic Identity Entities There are some basic entities, which are treated as subjects of identity that all users will interact with within a computer system. These include files and folders, users, groups or roles, permissions and computers. When networking, all of these items may be managed by a central identity repository such as an X.500 or lightweight directory access protocol (LDAP) server. In an LDAP system, each type of entity has an identity type, which has predefined identity attributes contained within the LDAP schema. The primary set of identity types are maintained by the Internet Corporation for Assigned Names and Numbers (ICANN). For each entity, regardless of type, a universally unique identifier is attached as an attribute to uniquely identify that identity record and type. In this manner, the identity itself is an entity in the LDAP directory. By distributing different portions of this identity repository to multiple servers a distributed identity system is created. This distribution raises several issues that are currently hot topics in computer security and identity research. Permission entities are often fixed, predefined entities that exist solely as identifiers. The permission itself is the identifier and is applied to other entities such as users, files and roles. The comparison of the permission on a file to the permission on the user or role is the authorization process.

P age |6

User Identities

Michael Corsello

Design Paper

CSci 283 Computer Security

Roles are the next entity type of note. A role is represented as an identity, generally a name and the role entity itself is generally a collection of permissions and users that are mapped onto that role. The files and directories that represent the data storage units within a computer have identities that are scoped based upon their location in the “directory tree” for a given mounted volume (disk or drive). Each file unit has an identity that is the name of the file itself. In many systems, logical identities (such as a symbolic link) can provide an identity handle to a file that transcends the scope in which the file is “located”. With a link identity, the link provides additional handles to the file entity from other scopes. A user identity is the user entity itself and has secondary identity attributes that constitute an identity credential that references the user identity. The user entity has one or more user identity identities (credential sets) that resolve to the physical user entity. The physical user entity is the identity handle that items such as roles use to associate with permissions and access control mechanisms.

Identity Resolution The act of retrieving the entity that an identity represents is identity resolution. The resolution of an identity is composed of resolving the scope of the identity and “looking up” the matching entity. There are multiple outcome states in the resolution process that can be defined: No scope, the requestor has not been placed into a known scope within which resolution can occur (the server has no resolution context, such as request for a file without specifying the drive) No known entity, the requestor provided an identity that does not match any identity in the current scope Resolved, an entity is returned with a matching identity o

Correct, the entity is the expected entity based upon the identity 

P age |7

Example, my user account is returned based upon my credential

User Identities

Michael Corsello o

Design Paper

CSci 283 Computer Security

Incorrect, the entity is not the expected entity based upon the identity 

Example, someone else’s user account is returned based upon my credential



This may be due to a mis-matched scope, such as a user successfully logs in to an application they do not use. They have been provided access under another users’ account

Proper resolution of identity is both a security and availability issue as improper resolution may provide illegal capabilities to unauthorized users or resources and may result in corruption of information. The identity itself has some responsibility in the resolution process for this very reason. The identity attributes collectively comprise the identity handle. If the identity handle is of too small variability, then not all entities can uniquely resolve from an identity. For example, if the identity is simply an 8-bit value there is a total keyspace of 256 distinct identities possible. If there are more than 256 unique entities, then it is impossible to uniquely identify them given the identity scheme. Further, from a security perspective, if the total keyspace is close to the total number of used identities, then random identity creation will tend to resolve to legitimate entities. This makes attacks successful by virtue of statistics, fewer tries are required to get an answer. This form of guessing game includes brute-force identity attacks and dictionary attacks.

Conclusions Computer identity is a fundamental area of operation and security within computers. The use of references as memory addresses, file names, user credentials or general pointers are all forms of identification and provide different levels of capability and security. In moving to more network based forms of computation such as cloud computing and peer to peer the nature of identity and the models used will need to accommodate broader scopes of use while maintaining security and resistance to ever evolving attacks.

P age |8

User Identities

Michael Corsello

Design Paper

CSci 283 Computer Security

References Bishop, M. (2003). Computer Security. Boston: Addison Wesley. Boyd, D. (2002). Faceted Id/entity: Managing representation in a digital world. Cambridge: Massachusetts Institute of Technology. Wikipedia contributors. (2009, March 10). Digital identity. Retrieved April 11, 2009, from Wikipedia, The Free Encyclopedia: http://en.wikipedia.org/w/index.php?title=Digital_identity&oldid=276262510 Wikipedia contributors. (2009, March 31). Federated identity. Retrieved April 11, 2009, from Wikipedia, The Free Encyclopedia: http://en.wikipedia.org/w/index.php?title=Federated_identity&oldid=280955404 Wikipedia contributors. (2009, March 7). Identity (object-oriented programming). Retrieved April 11, 2009, from Wikipedia, The Free Encyclopedia: http://en.wikipedia.org/w/index.php?title=Identity_(object-oriented_programming)&oldid=275670888 Wikipedia contributors. (2009, April 9). Identity management. Retrieved April 11, 2009, from Wikipedia, The Free Encyclopedia: http://en.wikipedia.org/w/index.php?title=Identity_management&oldid=282714701 Wikipedia contributors. (2009, March 11). Law of identity. Retrieved May 11, 2009, from Wikipedia, The Free Encyclopedia: http://en.wikipedia.org/w/index.php?title=Law_of_identity&oldid=279120024

P age |9

User Identities

Related Documents


More Documents from "Daniel Holloway"

May 2020 94
October 2019 12