human identity - a security perspective
DESCRIPTION
Human identity - a security perspective. Thomas Kriegelstein. Security - Goals. Secrecy No disclosure of the document Integrity Discovery of changes to the document Accountability Knowledge/Proof of the document‘s origin require cryptographic mechanisms to achieve them. Availability - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/1.jpg)
Human identity - a security perspective
Thomas Kriegelstein
![Page 2: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/2.jpg)
TU Dresden
Security - Goals
SecrecyNo disclosure of the document
IntegrityDiscovery of changes to the document
AccountabilityKnowledge/Proof of the document‘s origin
require cryptographic mechanisms to achieve them.
Availability requires organisational mechanisms to achieve it.
![Page 3: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/3.jpg)
TU Dresden
Security – Mechanisms
Encryption/Decryption Integrity protection/testing Signature generation/verification
They require a secret. The secret lies in keys not algorithms. They require cryptographic keys .
![Page 4: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/4.jpg)
TU Dresden
Implications of Anonymity
Anonymity is the state of being not identifiable within a set of subjects, the anonymity set.
All elements are different. All use different cryptographic keys.
Use of keys for accountability impossible.
![Page 5: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/5.jpg)
TU Dresden
Implications of Pseudonymity
Pseudonymity is the use of pseudonyms as IDs.
User accounts, e-mail addresses are considered pseudonyms. Ongoing usage of pseudonyms provides/increases linkability.
Pseudonyms within computer security utilize authentication to prevent usage by strangers.
![Page 6: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/6.jpg)
TU Dresden
Usage of Pseudonyms I
Type of the pseudonym is determined by pseudonym‘s reuse:
transactionpseudonym
rolerelationshippseudonym
rolepseudonym
relationshippseudonym
personalpseudonym
anonymity
linkability
![Page 7: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/7.jpg)
TU Dresden
Usage of Pseudonyms II
Linkability can not decrease. Linkability should be small beforehand of pseudonym‘s reuse.
Anonymity is required. Management should not increase linkability:
Of pseudonyms.Of actions.
![Page 8: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/8.jpg)
TU Dresden
Implications on Identity
Mapping from pseudonym to human being is needed. Can be achieved by:
What he knows.What he possesses.What he is. What is known about him.
No use of such a mapping without trust to it, unless usage is enforced.
![Page 9: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/9.jpg)
TU Dresden
The Big Picture
Trus
tee User
1
User2
ID2
ID1
Me others
others
Me
P4 P3
P1
P2
System boundary
![Page 10: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/10.jpg)
TU Dresden
Conclusions
Trustworthy use of different pseudonyms requires anonymity. Linkability of pseudonyms can‘t be guaranteed. Linkability of actions can‘t be reduced. Management should not increase linkability.
Within computer security there are goals to achieve, pseudonyms to use and policies to enforce, but there is no identity apart from equality of bit strings or linkability of pseudonyms.
![Page 11: Human identity - a security perspective](https://reader030.vdocuments.us/reader030/viewer/2022032709/568131f1550346895d985002/html5/thumbnails/11.jpg)
TU Dresden
Conditional Anonymity Revocation
User2 User1Trustee JudgeAction/P4
ensureDetectable P4/P2
Link P4/P3
P4 linked
P4 linked/P4
Action performed/P2
detect P4/P1
detect P4/Judge
P4 is ID1