The Trusted Attribute Aggregation Service (TAAS)

Privacy Protected Identity Management with User Consent, Minimum Dislosure and Unlinkability

George Inman, David Chadwick,

Kristy Siu

The Trusted Attribute Aggregation Service (TAAS) Page 2

What problems does TAAS attempt to solve?

More and more sensitive user information is being held online

•  A single IdP should not be asked to hold all of a user’s data: §  It cannot be authoritative for it all e.g. The university of Kent should not be

the authoritative source for my drivers license §  It presents a single point of failure and a focus for attackers e.g. Certain

large Japanese technology companies

•  We therefore believe that many AA’s with much smaller datasets should be used, however this presents it own set of problems: §  Most SP’s are designed to work with a single IdP. §  Small data sets means that SPs need to access data at many

sources throughout a session.

•  In reality these problems (amongst others) have lead to there being a focus on authentication above authorisation: §  leading to poorly populated attribute sets from IdPs and

•  either weakened security policies •  or the SP being required to store additional user data, credit cards etc.

What is TAAS

•  An Attribute rather than authentication oriented framework for federated services.

•  A system that allows users to link accounts at multiple AAs §  Individual attributes can then be requested as and

when a SP requires them.

•  An SSO system for attribute aggregation. Users are only required to authenticate to a single IdP before choosing attributes from multiple AAs

Page 3 The Trusted Attribute Aggregation Service (TAAS)

Live demos?

•  E-Shopping example:https://issrg-beta.cs.kent.ac.uk/taas/etomes/

•  E-Gov example: https://issrg-beta.cs.kent.ac.uk/taas/borough/

Page 4 The Trusted Attribute Aggregation Service (TAAS)

Did the demos Work?

E-Shopping example

Page 5 The Trusted Attribute Aggregation Service (TAAS)

Site shows it’s attribute Requirements:

Page 6 The Trusted Attribute Aggregation Service (TAAS)

Browser Plugin asks the user for the address of her preferred TAAS:

Page 7 The Trusted Attribute Aggregation Service (TAAS)

TAAS acts as WAYF and asks the user to authenticate:

Page 8 The Trusted Attribute Aggregation Service (TAAS)

User logs in:

Page 9 The Trusted Attribute Aggregation Service (TAAS)

User is asked to chose her attributes:

Page 10 The Trusted Attribute Aggregation Service (TAAS)

User is asked to chose her attributes:

Page 11 The Trusted Attribute Aggregation Service (TAAS)

A user may have many Self Asserted Attributes:

Page 12 The Trusted Attribute Aggregation Service (TAAS)

After All attributes are chosen they can be submitted and saved:

Page 13 The Trusted Attribute Aggregation Service (TAAS)

Success:

Page 14 The Trusted Attribute Aggregation Service (TAAS)

1 click :

Page 15 The Trusted Attribute Aggregation Service (TAAS)

Previously chosen attributes are remembered (1 click aggregation)

Page 16 The Trusted Attribute Aggregation Service (TAAS)

E-Gov example

Page 17 The Trusted Attribute Aggregation Service (TAAS)

Site shows it’s attribute Requirements:

Page 18 The Trusted Attribute Aggregation Service (TAAS)

Browser Plugin asks the user for the address of her preferred TAAS:

Page 19 The Trusted Attribute Aggregation Service (TAAS)

TAAS acts as WAYF and asks the user to authenticate:

Page 20 The Trusted Attribute Aggregation Service (TAAS)

User logs in:

Page 21 The Trusted Attribute Aggregation Service (TAAS)

User is asked to chose her attributes:

Page 22 The Trusted Attribute Aggregation Service (TAAS)

Note Self Asserted Attributes are not allowed by the SP:

Page 23 The Trusted Attribute Aggregation Service (TAAS)

User choses and submits the page:

Page 24 The Trusted Attribute Aggregation Service (TAAS)

Site confirms the user’s attributes

Page 25 The Trusted Attribute Aggregation Service (TAAS)

Architecture Overview

Page 26 The Trusted Attribute Aggregation Service (TAAS)

Architecture Overview 1. The User attempts to access a resource at an SP.

2. The SP requests authentication and attribute data from the user. 2(a). The Browser detects that TAAS authorisation is requested and invokes the Browser Module to determine the TAAS service to use. 3. Once the user has choosen a TAAS, it is invoked by the Browser Module. 4. The TAAS finds no saved cookie and forwards the user to an IdP for authentication. 5. Authentication Occurs 5(a). Example Login Screen. 6. The IdP returns an Authentication assertion. This assertion contains no attributes and is valid throughout the federation.

7. The TAAS queries the user to select the attribute cards he wishes to use to respond to the SP's request by displaying the card selection screen (7(a)).

8/10/12. The selected card accounts (including the authenticating IdP) are queried for attributes. 9/11/13. Each IdP determines if it trusts the TAAS and authenticating IdP and returns attributes appropriately if it does (according to its local policy). 14/15. The TAAS collects the returned assertions and returns them via the user’s browser to the SP’s authorisation page

Page 27 The Trusted Attribute Aggregation Service (TAAS)

Summary of Features •  Uses Standard SAML V2.0 protocols for transferring claims/attributes

•  Prevents phishing attacks since the user choses where to go for claims

•  SP shows its attribute policy to user’s prior to aggregation so the user knows what is required.

•  TAAS redisplays SP’s policy with choices for each attribute so users can selects each attribute one by one

•  User choses and consents to all attribute releases

•  Minimum dislosure of user attributes and unlinkablity (unless user choses linkable attributes)

•  User can self assert attributes if the SP’s policy allows it

•  Simplifies user experience down to 1 click attribute selection and user would never have to enter credit card numbers

•  Privacy protects the user, TAAS never sees any IdP claim values and does not know who the user is. SP is never given a persistent user identifier by any IdP

Page 28 The Trusted Attribute Aggregation Service (TAAS)

Questions?

Email : g.inman@kent.ac.uk Website : http://sec.cs.kent.ac.uk/demos/taas.html

Page 29 The Trusted Attribute Aggregation Service (TAAS)