Digital Identity as a Basis for Internet Security Infrastructure - - PowerPoint PPT Presentation

digital identity as a basis for internet security
SMART_READER_LITE
LIVE PREVIEW

Digital Identity as a Basis for Internet Security Infrastructure - - PowerPoint PPT Presentation

Nov 11, 2023 201 likes •339 views

Digital Identity as a Basis for Internet Security Infrastructure Ing. Radovan Semank Business Global Systems Agenda Introduction Unified User Management Public Key Infrastructure Digital Identity Conclusion Introduction

slide-1
SLIDE 1

Digital Identity as a Basis for Internet Security Infrastructure

  • Ing. Radovan Semančík

Business Global Systems

slide-2
SLIDE 2

Agenda

 Introduction  Unified User Management  Public Key Infrastructure  Digital Identity  Conclusion

slide-3
SLIDE 3

Introduction

 Traditional Internet Security Systems:

 Passwords (ad-hoc)  Kerberos  Commercial: NIS, NIS+, LanMan, SecureID,...

 Authentication/Single Sign-On only  Need to change

 Cross-domain SSO  B2B interactions  Web Services

slide-4
SLIDE 4

Unified User Management

“Directory” Server

slide-5
SLIDE 5

Unified User Management

 Directories (LDAP), Meta-directories, User

provisioning systems, ...

 Good for isolated (enterprise) environment  Mostly LDAP-based solutions

 LDAP does not maintain long-term user session  Limited support for dynamic attributes and

services

 Limited Internet-size scalability  Global directory (“X.500” model) infeasible

slide-6
SLIDE 6

Public Key Infrastructure

 Based on public key cryptography  In common use on the Internet

 X.509, SSL/TLS, IPsec (IKE), S/MIME

 Naming problem

 X.509 originally extension to X.500 – global

directory service assumed

 Privacy problem

 What attributes to include in the certificate?

 Complexity problem

 User-side processing makes deployments difficult

slide-7
SLIDE 7

Digital Identity

 On-line security server model  Based on Security Assertion Markup Language

(SAML) – OASIS Standard

 User profile manager: Identity Provider

Identity Provider Service Provider

Authentication Access SAML User Profile

slide-8
SLIDE 8

Digital Identity on the Internet

 Global Internet environment

 No global ID  No single provider  Privacy

 Pseudonyms (user handles)  User profile split among different identity

providers

 Different trust levels

slide-9
SLIDE 9

Digital Identity on the Internet

Identity Provider Service Provider

Auth. User Profile

Service Provider Identity Provider

User Profile Organization Boundaries

slide-10
SLIDE 10

Conclusion

 Traditional security systems no longer feasible  Unified User Management good in enterprise  Public Key Infrastructure as a support system  Digital Identity services

 Simplified Sign-On  User profiles  Web applications security framework  Web Services security

slide-11
SLIDE 11

Questions?

slide-12
SLIDE 12

B u s i n e s s G l o b a l S y s t e m s , a . s . C o m p l e x n e t w o r k i n g s o l u t i o n s

Thank you ...

  • Ing. Radovan Semančík

Business Global Systems, a.s. Pluhová 2 83248 Bratislava semancik@bgs.sk