Content uploaded by Radia Perlman
Author content
All content in this area was uploaded by Radia Perlman on Sep 04, 2015
Content may be subject to copyright.
A preview of the PDF is not available
User-centric PKI
Abstract
The goal of supporting Single Sign-On to the Web has proven elusive. A number of solutions have been proposed -- and some have even been deployed -- but the capability remains unavailable to most users and the solutions deployed raise concerns for both convenience and security. In this paper, we enumerate desirable attributes in a scheme for authenticating from an Internet browser to a web site and the authorization that follows. We categorize the currently deployed or advocated approaches, describing their benefits and issues, and we suggest incremental improvements to such schemes. We then outline a design for public-key based authentication particularly suited to what we believe to be the common case: users, acting on their own behalf (as opposed to as an employee of an organization), performing actions on the web such as making a purchase or maintaining an account at a service provider. We contrast the usability/privacy/security properties of our design with other identity management/authentication schemes deployed or being proposed today. Our design is truly user-centric, in the sense that the user acts as his own CA, and as a decision point for authorizing release of user information to web sites, rather than having an Identity Provider be the center of trust.
... The problems pertaining to the use of the password and identified name of user as an ID are due to wrong habits followed by the user. Many researchers become more interested in these topics in the last decade; such as [6], [2], [7] and [8]. ...
... Perlman and Kaufman addressed the ongoing problems related to the use of the user name as an ID as well as the diagram of using the password and the problems generated by using the same password and user name in multi websites [7]. Aspinall in [8] discussed in his study the behaviour of the user pertaining to how to choose or design the security question as sometimes weak question and answer are used, then subsequently easily hacked. ...
This research aims to measure the impact of frequen
t use of emails when creating account at the websit
es
on the privacy and security of the user (a survey s
tudy conducted on a sample of email users' views).
The
sample, 200 people of the Jordanian society, includ
es employees of commercial and communication
companies, banks, university students, employees an
d faculty members as well as computer centers at
universities. All have emails and are able to use
the computer and internet. A questionnaire has bee
n
prepared for this purpose aims to measure the varia
bles of the study. SPSS program was used to analyze
the results. The study revealed the existence of a
statistical significant impact of frequent use of e
mail
account when creating an account at the Internet si
tes on the security and privacy of the user. The st
udy
concluded a number of conclusions and recommendatio
ns.
... In order to use online services and applications, users typically need to create accounts including usernames and passwords. The username-based identity and the related password problems resulting from users' online behaviours have been a focus of research studies for quite some time (Florencio and Herley, 2007; Florêncio et al., 2007; Perlman and Kaufman, 2008; Just and Aspinall, 2009). Florencio et al. (2007) report the results of a large-scale study of password usage habits, where they discuss and analyse the password sharing rates among sites, password usage and strength. ...
... e habits, where they discuss and analyse the password sharing rates among sites, password usage and strength. They also emphasise that it is better to increase the strength of usernames rather than passwords as it is more effective in defending against bulk guessing attacks than attacks that focus on compromising passwords (Florêncio et al., 2007). Perlman and Kaufman (2008) summarise the existing problems of username-based identity and password schemes, including the problems related to the use of the same usernames and passwords in multiple websites. Just and Aspinall (2009) investigate users' behaviours related to how they select or design secret questions and answers when they register accounts. Their r ...
Nowadays, many websites allow or require users to use their e-mail addresses either as identity or for other purposes. Although username-based identity problems resulting from users' behaviours have been a research focus for quite some time, the serious issues of using e-mail address as identity and the associated online behaviours of users have not been well investigated. In this paper, we discuss and analyse security and privacy problems resulting from using e-mail address as identity via well-designed user behaviour survey and by investigating websites' design schemes. Our results illustrate that using e-mail address as identity poses high security and privacy risks. This is mainly because of the multiple usages of e-mail addresses and users' improper online habits. Moreover, we discuss drawbacks of existing solutions for e-mail address as identity and related password problems, and present potential solutions that may be used to secure online identity management systems in future.
... When users create distinct accounts for a different variety of services they often use the same IDs and passwords due to memory limitations and the inconvenience of managing multiple accounts differently. In such cases, there is the problem that an attacker can access the user's other accounts by just acquiring the authentication information of one [2]. Furthermore, if the account obtained is just a portal, the scale of local damage may be small, but severe damage may result when the same user's accounts at sites related to banking and payment, including internet banking and internet shopping malls, amongst others, are also obtained. ...
Portal site is not only providing search engine and e-mail service but also various services
including blog, news, shopping, and others. The fact that average number of daily login for
Korean portal site Naver is reaching 300 million suggests that many people are using portal
sites. One of the most famous social network service, Facebook subscribers to reach 1.2 billion
30 million people at the time of the February 2014. With the increase in number of users
followed by the diversity in types of services provided by portal sites and SNS, the attack is also
increasing. Therefore, the objective of this study lies in analysing whole procedure of password
authentication system of portal sites, SNS and analysing the security threat that may occur
accordingly. Also, the security requirement corresponding to analysed security threat was
extracted and the analysis on implementation of security requirements by portal sites and SNS
was conducted.
User identification is undoubtedly important in cyber world. Traditionally, services use login name and password to verify a user. With the rising services of cloud and ubiquitous computing, it becomes a burden for users to memorize all their login name and password pairs for each service they need. Although the advance of new technologies brings us new authentication channels, the purpose of these technologies are for the service provider to be convinced the claimer is really who he or she claims. Few of them have ever concerned about user's anonymity. In this paper, a novel credential based user-centric identification management based on the federated model is proposed. It satisfies the essential of user-centric and ubiquitous computing. Besides, the method keeps the user-centric consideration about anonymity. It supports all the anonymous, pseudonymous, and veronymous identity for user with single-sign-on.
Today's authentication suffers from unsolved problems in security and usability. Adversaries have multiple attack vectors with which to steal user credentials, including phishing, malware, and attacks on service providers. Current security practices such as password-complexity policies and idle timeouts often compromise usability. We propose our solution, Client-Based Authentication Technology (CBAT), to simultaneously improve security and usability in authentication. The main component of CBAT is our Trusted Identity Manager (TIM), which resides within a hardware-based secure container on the user's system. The TIM asserts the user's authentication to local and remote service providers without releasing the user's credentials. In addition, the TIM non-intrusively monitors the user's physical presence and locks the system if the user leaves. We provide architectural and implementation details of CBAT in hopes of improving current methods of authentication.
The move towards e-government has seen many institutions put special focus on the need for security, especially that of authentication. Single-factor password-based systems have been proven inadequate in safeguarding online financial and e-government service transactions. Industry adoption of Two-Factor Authentication (2FA) has also been piecemeal. To mitigate these deficiencies, the Singapore Government, in 2008, put forth a Call-for-Collaboration (CFC) seeking industry and academic participation in defining a National Authentication Framework (NAF), with the dual aim of providing for a national-level 2FA system and broadening the market for authentication services, and, in so doing, provide the user with a better authentication experience. This thesis will detail, discuss, and compare the various token types and identity frameworks (PKI, SAML, WS-F, OpenID, and Infocard) that make up an authentication system, and make recommendations on the best combination of technologies, protocols, and standards that, when implemented, would not only fulfill the requirements of the CFC, but also position it well for future enhancement.
Single Sign-On (SSO) is a core component in a federated identity management (FIM). Dynamic Single Sign-on (DSSO) is a more
flexible SSO where users can change their service requirements dynamically. However, the security in the current SSO and DSSO
systems remain questionable. As an example, personal credentials could be illegally used to allow illegal users to access
the services. It is indeed a challenging task to achieve strong security in SSO and DSSO. In this paper, we propose a generic
construction of DSSO with strong security. We propose the formal definitions and security models for SSO and DSSO, which enable
one to achieve the security of SSO and DSSO with the underlying (standard) security assumptions. We also provide a formal
security proof on our generic DSSO scheme.
Classical cryptographic protocols based on use-rchosen keys allow an attacker to mount password-guessing attacks. We introduce a novel combination of asymmetric (public-key) and symmetric (secret-key) cvptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network. These protocols are secure against active attacks, and have the property that the password is protected against off-line "dictionary" attacks. There are a number of other useful applications as well, including secure public telephones.
This specification defines the syntax and semantics for XML-encoded assertions about authentication, attributes, and authorization, and for the protocols that convey this information. Status: This is a second Committee Draft approved by the Security Services Technical Committee on 21 September 2004.
The SAML V2.0 Assertions and Protocols specification defines the syntax and semantics for XML-encoded assertions about authentication, attributes, and authorization, and for the protocols that convey this information. This document, known as an "errata composite", combines corrections to reported errata with the original specification text. By design, the corrections are limited to clarifications of ambiguous or conflicting specification text. This document shows deletions from the original specification as struck-through text, and additions as colored underlined text. The "[Enn]" designations embedded in the text refer to particular errata and their dispositions.
HTTP/1.0", includes the specification for a Basic Access Authentication scheme. This scheme is not considered to be a secure method of user authentication (unless used in conjunction with some external secure system such as SSL (5)), as the user name and password are passed over the network as cleartext. This document also provides the specification for HTTP's authentication framework, the original Basic authentication scheme and a scheme based on cryptographic hashes, referred to as "Digest Access Authentication". It is therefore also intended to serve as a replacement for RFC 2069 (6). Some optional elements specified by RFC 2069 have been removed from this specification due to problems found since its publication; other new elements have been added for compatibility, those new elements have been made optional, but are strongly recommended.
This document gives an overview and specification of Version 5 of theprotocol for the Kerberos network authentication system. Version 4,described elsewhere [1,2], is presently in production use at MIT'sProject Athena, and at other Internet sites.OverviewProject Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos,Moira, and Zephyr are trademarks of the Massachusetts Institute ofTechnology (MIT). No commercial use of these trademarks may be madewithout prior written permission of MIT....
A new simple password exponential key exchange method (SPEKE) is described. It belongs to an exclusive class of methods which provide authentication and key establishment over an insecure channel using only a small password, without risk of offline dictionary attack. SPEKE and the closely-related Diffie-Hellman Encrypted Key Exchange (DH-EKE) are examined in light of both known and new attacks, along with sufficient preventive constraints. Although SPEKE and DH-EKE are similar, the constraints are different. The class of strong password-only methods is compared to other authentication schemes. Benefits, limitations, and tradeoffs between efficiency and security are discussed. These methods are important for several uses, including replacement of obsolete systems, and building hybrid two-factor systems where independent password-only and key-based methods can survive a single event of either key theft or password compromise.
The Fifth Annual Educause Current Issues Survey ranked "security and identity management" near the top of the list of critical IT challenges on campus today. Recognition of the crucial importance of securing networked resources led Internet2 to establish its Middleware Initiative (I2MI) in 1999. While Internet2 was founded to develop and deploy advanced network technologies and applications, it was clear from the start that high-speed networks would simply provide a quicker path to abuse unless improved methods of managing and controlling access to resources were developed and deployed along with those networks. I2MI has brought together campus middleware architects to work on fundamental issues in authentication, authorization, and directory services to make secure inter-institutional services possible and practical. The most innovative I2MI effort to date is the Shibboleth Project. Its primary product, the Shibboleth System (often called just Shibboleth), provides an effective solution for secure multi-organizational access to Web resources. In this article, the authors describe how it works, its key features, and how it is designed to meet the needs of the higher education and research communities and their partners. (Contains 2 endnotes.)