StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Updated Liberty Identity Assurance Framework - Essay Example

Cite this document
Summary
The essay "Updated Liberty Identity Assurance Framework" discusses the implementation of a new set of products and services, Liberty Identity Assurance Framework (LIAF). The vision of the Liberty Alliance is to enable a networked world in which individuals and businesses can more easily conduct transactions…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.6% of users find it useful
Updated Liberty Identity Assurance Framework
Read Text Preview

Extract of sample "Updated Liberty Identity Assurance Framework"

Up d Liberty Identity Assurance Framework (IAF) The vision of the Liberty Alliance is to enable a networked world in which individuals and businesses can more easily conduct transactions while protecting the privacy and security of vital identity information. To accomplish its vision, the Liberty Alliance will establish an open standard for federated network identity through open technical specifications that will support a broad range of identity-based products and services. The Service and Credential Assessment Criteria section in the Liberty Identity Assurance Framework (LIAF) will establish baseline criteria for general organizational conformity, identity proofing services, credential strength, and credential management services against which all CSPs will be evaluated. The LIAF will also establish Credential Assessment Profiles (CAPs) for each level of assurance that will be published and updated as needed to account for technological advances and preferred practice and policy updates. Managing risk in electronic transactions requires authentication and identity information management processes that provide an appropriate level of assurance of identity. Each level describes a different degree of certainty in the identity of the claimant, because different levels of risk are associated with different electronic transactions. For authentication purposes, the claimant is required to prove that he or she controls the token, through a secure authentication protocol. The claimant must also unlock the token first using a biometric or password, and use the password to establish 2-factor authentication in a secure authentication protocol. Whenever Long-term shared authentication secrets used, they are revealed only to the verifiers and claimant operated directly by the CSP (Credentials Service Provider), although temporary or session shared secrets may be disclosed to independent verifiers by the Credentials Service Provider. Approved cryptographic techniques are used for all operations. Assertions issued about claimants as a result of a successful authentication are either cryptographically authenticated by relying parties, or are obtained directly from a trusted party via a secure authentication protocol. (Updated Liberty Identity Assurance Framework (IAF) Based upon Public Review. Retrieved from http://xml.coverpages.org/LibertyIdentityAssuranceFramework-2008.html) Level 4 is based on proof of possession of a key through a cryptographic protocol. This Level is like to Level 3 but allows only hard cryptographic tokens, in the form of a physical token that cannot be copied readily. There is requirement of strong cryptographic authentication of every party involved in Level 4, including all sensitive transfer of data between the parties. Here, either symmetric key technology or public key technology can be used, and authentication requires that the claimant prove through a secure authentication protocol that he or she controls the token. The protocol threats including: eavesdropper, replay, on-line guessing, verifier impersonation and man-in-the-middle attacks are prevented. Long-term shared authentication secrets, if used, are never revealed to any party except the claimant and verifiers operated directly by the Credentials Service Provider (CSP), however session (temporary) shared secrets may be provided to independent verifiers by the CSP. Strong Approved cryptographic techniques are used for all operations. All sensitive data transfers are cryptographically authenticated using keys bound to the authentication process. Liberty Alliance formed the Identity Assurance Expert Group (IAEG) to foster adoption of identity trust services. Utilizing initial contributions from the e-Authentication Partnership (EAP) and the US E-Authentication Federation, the IAEGs objective is to create a framework of baseline policies, business rules, and commercial terms against which identity trust services can be assessed and evaluated. The goal is to facilitate trusted identity federation to promote uniformity and interoperability amongst identity service providers. (Updated Liberty Identity Assurance Framework (IAF) Based upon Public Review. Retrieved from http://xml.coverpages.org/LibertyIdentityAssuranceFramework-2008.html) The basic deliverable of the IAEG is the Liberty Identity Assurance Framework (LIAF). The framework constitutes business rules, assurance levels, service assessment criterion, and accreditation and certification model. Signatories to these business rules agree that these rules govern the use and validation of Liberty Alliance IAEG certified credentials, the certification of such credentials and the accreditation of those who assess issuers of such credentials. These business rules are intended to cover use of credentials for purposes of authentication and not specifically for the application of a legal signature, which may be subject to other rules depending upon the parties and transactions involved. The IAEG will employ a phased approach to establishing business rules and assessment criteria for identity trust service providers, starting with credential service providers, then rolling out to include federations. The term Liberty Web Services comprises the Identity Web Services Framework (ID-WSF) and the Identity Service Interface Specifications (ID-SIS) that take advantage of that framework. Together, these two pieces enable identity-based services – web services associated with the identity attributes of individual users. ID-WSF builds on many existing standards for networking and distributed computing, and adds specialized capabilities for handling identity-related information and tasks and for ensuring privacy and security. Following are some of the identity based application features that developer can incorporate. • Authentication – The provider of a service might need to know who is requesting services in order to control access or provide personalized features. Thus, service requesters typically need to be authenticated, and messages sent between the parties need to be verified as coming from the claimed senders. Authentication depends on the notion of identity: Who is accessing my service, and who is this message from? • Message protection – All web service endpoints, including both the providers of identity-based services and the services that use them in turn, need to know that messages they send cannot be intercepted by a malicious entity and then either modified or cached and then replayed. • Privacy protection – Unless special care is taken, identifiers used to label you in web service calls can allow your actions and true identity to be inappropriately correlated and exposed • Policy – Service providers may have particular requirements that apply to service requesters. These requirements, which can be quite varied, can be grouped in the general category of policy • Data access and management – Multiple applications might define similar operations. For example, a “query” message could equally apply to the insurance system and the corporate address book system within a single organization. ID-WSF offers a standard interface that can then be used and extended by application systems. • Social identity – It is useful to describe and manage your relationships with other people –such as friends, family, and colleagues – through your respective online identities. • Transport protocols – Web services are made available over networks, and services are frequently offered over the Internet using the HTTP protocol and carried in a standard SOAP message. ID-WSF provides a binding of application messages to SOAP that may be carried over HTTP. Electronic authentication (E-authentication) is the process of establishing confidence in user identities electronically presented to an information system. E-authentication presents a technical challenge when this process involves the remote authentication of individual people over a network, for the purpose of electronic government and commerce. This recommendation provides technical guidance to agencies to allow an individual person to remotely authenticate his/her identity to a Federal IT system. With these methods, the individual to be authenticated proves that he or she knows or possesses some secret information. The main objective of the Liberty Alliance is to enable a networked world in which individuals and businesses can more easily conduct transactions while protecting the privacy and security of vital identity information and managing cost and minimizing complexities of the transaction and the whole process. Conclusion The issue of identity is indeed, a multi-faceted problem. Attempting to compress the various aspects of digital identity alone into a few principles will probably cause oversimplification and omission errors. However, it might be useful to abstract from the complex problems that are inherent in identity, so as to be able to address and classify the issues with digital identity. It is also possible to introduce some simple parameters which can help in the classification of the various applications domains and identity systems aspects. Digital identity involves a collection of accounts, and in the future most accounts will probably come to adopt a shared identity, because identities are not managed in a holistic sense, but are managed on the basis of a relationship with an organization. Also, different identity systems possess different characteristics, and some of these characteristics affect the working of the system, while others are of relatively small importance. Identity systems are typically used for certain types of applications, based on their particular aspect. For example, in Web applications (e.g. wikis and blogs) identity systems would typically have a limited number of attributes (most times, just an e-mail address), and quite a high degree of user control. Whereas large systems like the Liberty Alliance have contained attribute information and a great variety of user control, but usage makes sense only on a fairly global scale. References Neuman, C., and T. Ts’o, Kerberos: “An Authentication Service for Computer Networks”, IEEE Communications, 32.9, 1994 NIST Special Publication, Intrusion Detection Systems (IDS), November 2001: 800-31 C. E. Shannon, “Prediction and Entropy of Printed English”, Bell System Technical Journal, 30.1, (1951): 50-64 Information technology - Code of practice for information security management, ISO/IEC 17799:2000, first edition, 2000-12-01 Updated Liberty Identity Assurance Framework (IAF) Based upon Public Review. XML Daily Newslink. Thursday, 14 February 2008 (Retrieved from http://xml.coverpages.org/LibertyIdentityAssuranceFramework-2008.html) Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Updated Liberty Identity Assurance Framework Essay Example | Topics and Well Written Essays - 1250 words, n.d.)
Updated Liberty Identity Assurance Framework Essay Example | Topics and Well Written Essays - 1250 words. https://studentshare.org/information-technology/1546278-front-end-web
(Updated Liberty Identity Assurance Framework Essay Example | Topics and Well Written Essays - 1250 Words)
Updated Liberty Identity Assurance Framework Essay Example | Topics and Well Written Essays - 1250 Words. https://studentshare.org/information-technology/1546278-front-end-web.
“Updated Liberty Identity Assurance Framework Essay Example | Topics and Well Written Essays - 1250 Words”. https://studentshare.org/information-technology/1546278-front-end-web.
  • Cited: 0 times

CHECK THESE SAMPLES OF Updated Liberty Identity Assurance Framework

Is a Comprehensive Legal Framework a Prerequisite for Budget Transparency

The paper "Is a Comprehensive Legal framework a Prerequisite for Budget Transparency?...   Alt James et al (2006) suggest that government transparency has been an integral part of the reformation of public sector enterprises as it is imperative to have a transparent and accountable government framework that could convince the citizens and media, financial markets that government strategies and procedures are the most effective or the most appropriate so that the actions and resulting outcomes could also be supported by the public transparency that could help in gaining support in nearly all government agenda....
20 Pages (5000 words) Essay

Article 45 of the Charter of Fundamental Rights of the European Union

To predict the trend of continuation of these rights, historical background and legal framework in this regards have to be reviewed.... This trend continued with the adoption of the Directive 2004/38 and will continue further now that the Lisbon Treaty is in force.... ?? Assess the validity of the above statement....
19 Pages (4750 words) Essay

The Budget Laws of Sweden and South Africa

Modifications in the legal framework that have changed the role of the state and the budget processes involved or supporting it could be highlighted yet these modifications seem to have been strongest in countries that rely on laws and decrees to introduce changes The emphasis is on performance-oriented budgeting and fiscal transparency and considering that the legal framework does help in shifting emphases to the process of budgeting and methodology, the central role of the legal aspect could be well documented and examined....
23 Pages (5750 words) Research Paper

A Role and Activity Based Access Control Model

hellip; The author states that the new access management system has been proposed that will integrate all the federated access management systems on a single platform so that a single identity can provide access to all accounts.... Digital identity is referred to the digital depiction of the personal information of an individual that might involve his login details or other personal details [4].... identity management systems have witnessed remarkable changes that have improved the process of identification to a great extent....
8 Pages (2000 words) Research Paper

Surveillance Technology: Paradox in Private Security

Surveillance technique may contain qualities that potentially violate the core principals of privacy rights, but in return, there is an assumption that it has the ability to build national security assurance.... Privacy, in this discussion, evolves on the liberty of executing activities with little restrictions....
8 Pages (2000 words) Research Paper

The Experiences of Healthcare Workers

Culture is popularly defined as a set of behavioral values, norms, and meanings that facilitate a certain view of the world by members of a particular society, giving that society their identity.... The author of the following paper under the title 'The Experiences of Healthcare Workers' presents the world which has recorded one of the outbreaks of the most gruesome disease ever to be seen in the history of human health- the Ebola outbreak in West Africa....
9 Pages (2250 words) Term Paper

Law, Justice of England and Wales Fire Service

"Law, Justice of England and Wales Fire Service" paper examines England and Wales fire service law and how the law operates internationally, and the role of globalization in affecting the legislative and substantive work of fire and rescue service workers.... nbsp; … Globalization exerts immense on the financial condition and the business sector of the fire and rescue service....
10 Pages (2500 words) Case Study

The Role of a Community Worker

As the paper "The Role of a Community Worker" outlines, the responsibilities of social workers to workers are to collaborate with the workers to help in dispersing service; coordinate with workers to initiate potential actions; alliance with the worker to help in judgment and decision-making....
17 Pages (4250 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us