Identity Management in Federated Telecommunication Systems

Identity Management in Federated Telecommunication Systems Christian Hauser Institute of Communication Networks and Computer Engineering University of Stuttgart christian.hauser@ikr.uni-stuttgart.de 07/07/2006 IKR Universität Stuttgart

Outline Background I: Daidalos Background II: Changing World of Operators Requirements by the Network Requirements by Group Support Conclusions The Daidalos Consortium Page 2

Daidalos at a Glance Consortium Telco Operators Industry, SME Research labs, academia The Daidalos Consortium Page 3

Daidalos at a Glance Surroundings 2G 3G Release 5 and beyond IPv6-based network with mobility, QoS and AAA, SOA, Web Services IPv4 IPv6 Daidalos 2000 2010 The Daidalos Consortium Page 4

Customer Operator 3 rd Party Daidalos at a Glance Platform Access Router 2.5/3G IPv6 Internet DVB-H Service Providers / Third Party Administrative domain 1 Admin. domain 2 Daidalos II II Platform 1 DII Platform 2 Pervasive Service Service Provisioning Federation / SLA Support PSS1 Support SPS1 Mobile Router Moving Network adhoc adhoc WLAN/ WMAN DSL/ Cable/ Ethernet Gateway PSTN The Daidalos Consortium Page 5

Daidalos Environment Tradition Operator driven tradition in telecommunications Intelligence in the network, no E2E paradigm Revenue by (usage based) selling of communications High importance of scalability, availability, commercialization Strong monitoring Strong need for accountability Few operators Horizontal federation Operator provides for both, network and services Walled-Garden business model Contract-based cooperation and trust between equal peers Competition in cooperation Strong legal requirements (from voice calls) The Daidalos Consortium Page 6

Daidalos Environment Disruption Connectivity becomes commodity Shrinking costs and ARPU for bit-pipe search for new revenues Convergence with Internet and Broadcast worlds Shrinking barriers (technological, financial, ) for network and service provision Specialized micro-operators enter the field more competitors Less trust in small operators Full mesh of contracts not feasible Increased variety of networked services growing importance of vertical federation No provider provides for full range of services More open business models joint service provision ( service composition ) Focus business on core competence Network provision and operation Contractual ownership of users Identity management The Daidalos Consortium Page 7

Daidalos Focus in Identity Work Two flavors of Identity Management Integration of different subscriptions Goals Example Relation Usability for user and services Single Sign-On for different sites Many-to-one link identities Separation of user profile into different compartments Goals Example Relation Privacy by restricting view on user attributes several virtual identities (VIDs) per user VID 1: {pseudonym1, location} VID 2: {pseudonym2, credit card number} One-to-many unlink identities Network support needed for overall compartmentalization Usability support needed Full integration of broadcast/multicast (Triple Play) Networks and services Groups as entities like single users link unlink The Daidalos Consortium Page 8

Daidalos Focus in Identity Work Two flavors of Identity Management Integration of different subscriptions Goals Example Relation Usability for user and services Single Sign-On for different sites Many-to-one link identities Separation of user profile into different compartments Goals Example Relation Privacy by restricting view on user attributes several virtual identities (VIDs) per user VID 1: {pseudonym1, location} VID 2: {pseudonym2, credit card number} One-to-many unlink identities Network support needed for overall compartmentalization Usability support needed Full integration of broadcast/multicast (Triple Play) Networks and services Groups as entities like single users link unlink The Daidalos Consortium Page 9

Network Support for VIDs Location Credit Card No IP-Address Pseudonym1 Location IP-Address Pseudonym2 Credit Card No IP-Address Service 1 Service 2 Goal Problem Approach Communication network must not introduce attributes for linking VIDs Anonymization not wanted by operators» Contradicts monitoring and accountability» Restricts communication to overlay network above IP Cross layer optimization not possible» Functions in network ( revenue generation) limited» Introduces overhead Adapt network protocols to support VIDs The Daidalos Consortium Page 10

Network Support for VIDs Location Credit Card No IP-Address Pseudonym1 Location IP-Address Pseudonym2 Credit Card No IP-Address Service 1 Service 2 Goal Communication network must not introduce attributes for linking VIDs Problem Anonymization not wanted by operators» Contradicts monitoring and accountability» Restricts communication to overlay network above IP Cross layer optimization not possible» Functions in network ( revenue generation) limited» Introduces overhead Approach Adapt network protocols to support VIDs Standardization also for network protocols The Daidalos Consortium Page 11

Broadcast Integration Broadcast environment Broadcast contents TV services Radios services Push services Telecom contents Call services Interactive services Personalised services Broadcast networks One to many Telecom environment Telecom networks One to one Broadcast usage Telecom usage INTEGRATION Multimedia contents A/V/D contents Push services Interactive services Personalised services DAIDALOS environment Heterogeneous networks IPv6 WLAN MBMS DVB UMTS New usage After voice/data convergence a new integration of different worlds The Daidalos Consortium Page 12

Broadcast Integration Broadcast environment Broadcast contents TV services Radios services Push services Telecom contents Call services Interactive services Personalised services Broadcast networks One to many Telecom environment Telecom networks One to one Broadcast usage Telecom usage INTEGRATION Multimedia contents A/V/D contents Push services Interactive services Personalised services DAIDALOS environment Heterogeneous networks IPv6 WLAN MBMS DVB UMTS New usage After voice/data convergence a new integration of different worlds Standardization also for group identities The Daidalos Consortium Page 13

Mobility/Security Requirements Mobility of terminals, users, sessions, services Terminal as endpoint is no longer suitable Locator changes in mobile environments Performance of reconfiguration after move (Req) Addressing of (virtual) identities (Req) Dynamic address resolution (Req) Fast handover mechanisms Authentication/Authorization and Encryption (Req) Consumers need to prove authorization (Req) Identifier to bind packet flows to IPSec SA The Daidalos Consortium Page 14

Operational Requirements Accountability For charging, for tracking down misbehaving users/providers, for monitoring and SLA compliance checking, (Req) Identifier for packet flows and service usage (Req) Identity escrow possibilities QoS Network elements must know how to treat packet (Req) Scalability/Performance The Daidalos Consortium Page 15 Identifier for (aggregated) flow» On layers 2 and 3 ( limitations of encryption possibilities) Wireless link remains slow and a scarce resource One state per VID in enabler explosion of state Distribution of state (e.g., user attributes) (Req) Minimize interaction with user device (Req) Scalable enablers (Req) Distributed systems (consistency, discovery, trust, )

Pervasiveness Requirements Context-aware user profile Location, situation, network connectivity, More and dynamic attributes in user profile (Req) (Req) Personalization Scalability for many attributes in user profile Support of dynamic attributes in user profile System should be tailored for user Learning capabilities to improve personalization Based on processing of user interaction More interactions screened better personalization (Req) Track usage across all VIDs The Daidalos Consortium Page 16

Federation Requirements Number of providers will grow cooperation Horizontal Vertical same functionality, extended service area complementing functionality, same service area Providers must name the user and exchange context (Req) (Req) Organizational streamlining, e.g., regulation Technical standardization: Structure, semantics, interaction/protocol flow One single standard unlikely (Req) Mapping functions/interworking in general Providers do not disclose everything Legal/regulative restrictions Business secrets (Req) Operation with incomplete data Service composition in infrastructure (Req) (Req) Delegation principles VID scenario VID2 VID1 Service composer VID4 VID3 The Daidalos Consortium Page 17

Group Requirements No longer only single users as entities Multihoming blurs boundaries (single users vs. groups) Ex: Several IP-Addresses per entity already for multihoming Goal: Generic mechanisms to also handle groups Expected challenges Technical primitives Semantic issues Organizational issues Ex: Multiple IP-addresses per entity, group signatures, group key mgmt. Ex: What is context of a group? Ex: Conflicting policies (AuthN/AuthZ, personalization), Who signs for a group (dependent on purpose of group)? (Req) Standards must support groups The Daidalos Consortium Page 18

Conclusions An operator s perspective on identity management Focus: Privacy protection by splitting profile into VIDs ID Mgmt. is more than exchange of identity information Additional requirements to be solved/standardized VIDs need support in network/service infrastructure (Full) anonymous communication not wanted by operators Analysis of nearly each protocol/function and often adaptation Group support Users need usability support for VID selection Focus of Daidalos identity work Pragmatic solutions: Perfect protection not feasible No/weak protection against traffic/usage pattern analysis etc. Conflicting requirements too strong in operator environment (scalability, performance, usability, ) Carefully chosen attacker model necessary The Daidalos Consortium Page 19

Main Aspects for Standardization Exchange of identity information: Structure/semantics/ protocol flow/regulative framework/discovery/trust Large number of identity profile attributes High dynamics of identity profile attributes Service composition with VIDs VID orchestration Delegation of authorization to services acting on behalf of user Group support in standards Network/service usage: Accountability, monitoring Scalability/performance Architecture of enabling services themselves Communication overhead (especially on wireless link) Analysis of communication/service platforms about VID linking information and possibly (re)standardization Addresses, flow identifiers, Here, evaluation standards could help The Daidalos Consortium Page 20