U-Prove Technology Overview V1.1 February 2011
Microsoft Corporation Page 4
1 Introduction
Organizations are increasingly looking to securely identify individuals who access their services, both on the
Internet and offline. More and more they also seek to learn other identity-related information about individuals
that is held by other organizations. These authentication and data sharing imperatives are driven by cost and
efficiency considerations, by new business models that leverage personal information, and by the explosive
rise of phishing, identity theft, and other security threats.
Conventional mechanisms for user authentication and data sharing, such as plastic cards and paper
certificates, are costly, vulnerable to counterfeiting, and problematic for online use. As a result there is a
rapidly growing interest in mechanisms that can be implemented in software or hardware, can run over
electronic networks, and can be relied on by many organizations. SAML and WS-Federation protocols, PKI, eID
cards and (other) approaches to single sign-on and federated identity are examples of increasingly popular
mechanisms to achieve these objectives. The demand for such mechanisms is particularly urgent in enterprise
identity and access management, critical information infrastructure protection, government online service
delivery, e-commerce, electronic health record management, and social networking.
The transition to digital mechanisms for secure authentication and verifiable data sharing is potentially also
highly beneficial to individuals. It is, however, not without peril to the personal security, privacy, autonomy, and
civil liberties of individuals. As more and more identity-related information is shared with and between
organizations, individuals lose all control over the extent to which organizations can monitor and profile their
actions, impersonate them, and prevent them from transacting autonomously. The threats originate not just
from malicious personnel and other insiders but also from hackers and computer malware that manage to gain
insider status. The problem is exacerbated by incredible ease with which digital information can be collated,
shared, and leaked.
Similarly, parties relying on authentication and other identity-related statements may have concerns for
reasons of their own (whether competitive, security-related, or other). It is one thing to trust an organization
with being an authoritative source for certain identity-related information; it is an entirely different thing to have
to also trust that same organization with being highly available, not impersonating the relying party’s clients,
and not spying on those clients (i.e., who is accessing what service at which relying party at what particular
time). Relying parties may also be concerned with the ability of issuing organizations (and hackers and
malware) to deny individuals access to their services. These risks become more severe when individuals are
tethered to issuing organizations in the sense that they must retrieve a new statement whenever they visit a
relying party.
评论0
最新资源