A Role-Based Approach to Federated Identity

1
A Role-Based Approach to Federated Identity

• Ravi Sandhu
• Chief Scientist
• NSD Security
• www.nsdsecurity.com

Also Professor of Information Security and
Assurance George Mason University
2
Federated Identity

• Cross organization
• Maintain authentication and authorization profile
  and provide single-sign-on across multiple
  applications
• Focuses on letting the good guys in

3
Role-Based Management
Roles
Consumers
Authorization profiles are managed in terms of
roles
Administration is delegated in terms of identity
management roles
Identity Management Roles
4
Securing Identity Profiles

• Authentication and authorization profiles are the
  organizations most sensitive data
• Managing these securely is an organizations most
  important security objective

5
What is Security

• Catastrophic failure is far worse than occasional
  failure
• Good enough security
• Is all we can achieve
• Tolerates occasional failure
• Does not tolerate catastrophic failure

6
Security is Only One Objective
7
Security Appliances

• Dedicated (but COTS) hardware
• Hardened OS
• Managed by restricted protocols (no root access)
• Highly available, scalable and secure

8
Authentication Ladder
Two-factor (with optional PKI)
Password plus USB token or variant
Roaming PKI
Weak Password Systems, Catastrophic Dictionary
attacks
Password Usability PKI Security
Zero Footprint Hardened Password
No change for users No change for issuer No
password file (PKI hardened)
9
2-Key RSA vs. 3-Key RSA

• Old PKI
• Keys
• Alice Public e
• Alice Private d
• Alice Cert C
• Signing
• a) S Sign (M,d)
• Send S, C to Bob
• Bob
• Gets e from C
• Does Verify(S,e) M?

• Practical PKI
• Keys
• Alice Public e
• Alice password d1
• Alice Cert C
• Alice appliance key d2
• Signing
• Alice logs on to appliance using strong
  authentication and creates secure channel
• Spartial Sign(M,d2)
• S Sign(Spartial,d1)
• Send S, C to Bob
• Bob
• Gets e from C
• Does Verify(S,e) M?

10
Single Sign On

• Cookie-based
• Zero footprint on client
• Lightweight footprint on servers
• Certificate-based
• Lightweight footprint on client
• Zero or lightweight footprint on servers

11
SSO and Authentication

• Authentication
• Single factor
• Two factor factor
• Single sign on
• Cookie based
• Certificate based

12
Security Identity Appliance Roles

• Appliance management roles
• Consumer management roles
• Consumer roles

13
Appliance Management Roles

• Supermanager
• Not your usual root user
• Security manager
• System manager

Supermanager
Can-create but Cannot do
14
Consumer Management Roles

• Consumer management roles manage consumer roles
• Built in roles
• Super-csr
• Create-csr
• Modify-csr
• Read-only-csr

15
Consumer Management Roles
Super-csr
Can-create but Cannot do
Consumer
16
Consumer Management Roles
Consumer1
userid
user personal profile
org1 roles
org2 roles
..
17
Identity Management Processes

• Provisioning
• Enrollment
• Registration
• Revocation
• Rights Management
• Role and attribute assignment by Identity
  Management roles
• Role revocation by Identity Management roles
• Consumer self-administration
• Password change
• Password reset
• Profile update (such as address, phone number,
  etc.)
• Revocation

18
OneHealthPort
Relying Party1
Trading Partner1
OneHealthPort
Relying Party2
Trading Partner2
Relying Party-n
Trading Partner-k
19
The technology behind OneHealthPort