1. Field of the Invention
The present invention relates to an identity management system for use in facilitating online interactions, and, more particularly, to the combination of a user-portable personal security device and an identity selector adapted for interoperability with the personal security device, where the combination is configured to manage the identity requirements of an authentication process within the context of an online interaction by directing the personal security device to issue a security token using user attributes stored onboard the personal security device.
2. Description of the Related Art
The Internet has dramatically changed the way people communicate and do business around the world. Businesses heavily depend on the Internet to draw in commerce and make information available on demand. Managing bank accounts, paying bills and purchasing goods via the Internet are commonly exercised. As the diverse Internet services are continuously introduced, consequently the identity related problems such as identity theft, fraud, and privacy concerns have rapidly been increased. Moreover, tremendous amounts of personal data collected via the Internet have raised a variety of privacy related concerns.
Numerous identity management systems have been introduced to solve the identity management problems of business domains. Each identity management system has its pros and cons and has been deployed in different contexts. However, most identity management systems were designed mainly from the business' perspective. Users were not considered carefully in the design stage of identity management systems and so this has led to serious identity related problems. In addition, there is the limitation to support interoperability between different identity management systems.
Most identity management systems have focused on identity management issues in an isolated domain, and federation issues between identity management systems in the circles of trust. Interoperability between heterogeneous identity management systems was not considered. The identity industry recognizes that identity management systems are designed without the consideration of user experience. Hence, the non-interoperability between current identity management systems currently restricts the growth of e-commerce activities.
As a result, user-centric identity management has recently received significant attention for handling private and critical identity attributes. The main idea of user-centric identity management is to put the users in control of their identity information. Users are allowed to select their credentials when they respond to an authentication or attribute requester. As users control and manage their identity attributes through the user-centric identity management, the users can have more right and responsibility for their identity information than before.
Currently, there are several identity management systems available such as OpenID, LID, and Sxip, which are URL-based identity managements systems; and Microsoft CardSpace, which is an implementation of Identity Metasystem, supporting a claim-based digital identity management.
Digital identity management consists of several tasks such as maintaining the subsets of user's attributes and using these subsets of attributes to enable secure online interactions between users or between users and systems. Digital identity management enables the addition, utilization, and deletion of identity attributes. Identity management systems can be categorized into three basic models: isolated identity management, centralized identity management, and distributed identity management.
The isolated identity management model has its own identity management domain and its own way of maintaining the identities of users including employees, customers, and partners. The centralized identity management model has a single identity provider that brokers trust to other participating members or service providers in a circle of trust. The distributed identity management model provides a frictionless identity management solution by forming a federation and making authentication a distributed task. Every member agrees to trust user identities vouched for by other members of the federation.
These identity management models are mostly focused on a domain centric approach. In the domain centric approach, identity management systems are designed to be cost effective and scalable from the perspective of the enterprise systems. However, most such identity management systems typically neglect user-friendliness and usability issues. Consequently, this deficit leads users to be regarded as the weakest point of security in digital identity management systems, and leaves systems vulnerable to problems such as identity theft, fraud, and privacy concerns.
One approach to overcoming this weakness involves a user-centric identity management strategy. This approach puts the owner of the identity information into the transaction. Several requirements from the user's perspective need to be accommodated in the design of user-centric identity management systems, as compared to the specifications attending a domain centric approach.
Under domain centric identity management systems, the user's information is collected and managed by the service providers, making it difficult for the users to manage their identity information located at the service provider side. Moreover, monitoring the usage of user's private information is difficult for the user to conduct. Furthermore, the usage of a user's private information by service providers creates privacy concern problems. Therefore, the rights and responsibilities of managing the user's identity information should be given to the users, who are the owners of identity information. As the users have more rights on their own identity information, they can decide what information they want to share, how much information to be disclosed with other trusted service providers, and under what circumstances. Accordingly, enhanced protection of the user's private information is enabled by the user.
Most domain centric identity management systems focus on the user authentication to protect their properties from malicious users. However, the authentication of service providers is equally important for a user to determine the trustworthiness of the service providers. Current browsers provide the padlock icon to give notice to the users for the SSL communication between the users and service providers, but it is not enough for the users to determine the trustworthiness of the service providers, since a malicious server can manipulate the SSL and certificate signals in many browser configurations.
By providing the identity information of service providers clearly to the users in web-based interactions, the users are able to distinguish trusted service providers from malicious service providers. The users can then decide to disclose their information to trusted service providers. Hence, the users can protect their information from phishing attacks and possible frauds.
In the current Internet environments, a user has to create a separate account for each web site the user wishes to access. The user also has to maintain multiple separate accounts, which can be a tedious job. In addition, the users often choose insecure passwords, rarely change their passwords, and use the same password across different accounts. These trends make the password-based authentication systems insecure. Better authentication methods are required to overcome the security problems of the password-based authentication method. Such new methods should be easy for the users to use and manage their digital identities
Additionally, existing identity management systems provide different user experiences and user interfaces that could lead the users to conduct improper interactions with different entities in the Internet environments. Under a user-centric identity management system, the users have to manage their identity information directly, so proper interface and consistent user experience are very important for the users to control their identity information legitimately.
The Identity Metasystem is an interoperable architecture for performing digital identity management. The architecture of Identity Metasystem is defined based on the “Laws of Identity,” which codify a set of fundamental principles to which any universally adopted, sustainable identity architecture must conform.
The Identity Metasystem provides interoperability between existing and future identity systems using Web Services (WS-*) protocols, which are a set of specifications built on the web service platform. Specifically, WS-Trust, an encapsulating protocol, is used for claim transformation. WS-MetadataExchange and WS-SecurityPolicy are used to conduct the format and claim negotiations between participants. Finally, WS-Security is used to secure the message. The Identity Metasystem can transform the claims of one type into the claims of another type. WS-* protocols negotiate the acceptable claim type between two parties to provide interoperability between them. The Identity Metasystem also provides a consistent and straightforward user interface to all the users.
There are three roles within the identity metasystem: Identity Providers, who issue digital identities; Relying Parties, who require identities; and Subjects, who are individuals and other entities about whom claims are made. To build an identity metasystem, the system is required to follow five key components: (1) a way to represent identities using claims; (2) a means for identity providers, relying parties, and subjects to negotiate; (3) an encapsulating protocol to obtain claims and requirements; (4) a means to bridge technology and organizational boundaries using claims transformation; and (5) a consistent user experience across multiple contexts, technologies, and operators.
CardSpace, as a Microsoft™ implementation of the Identity Metasystem, provides the consistent user experience required by the Identity Metasystem. When a user needs to authenticate to a relying party, CardSpace interprets the security policy of the relying party and displays and Identity Selector with a set of information cards which satisfy the requested claims in the relying party's security policy. Once the user selects a card, CardSpace contacts the relevant identity provider and requests a security token. The identity provider generates a signed and encrypted security token which includes the required information and returns it to the Identity Selector. The user then decides whether to release this information to the relying party. If the user approves, then the token is sent to the relying party where the token is processed and the user is authenticated.
User-centric identity management has received attention for handling private and critical identity attributes. It allows users to control their own digital identities. Current user-centric identity management approaches, however, are mainly focused on interoperable architectures between existing identity management systems. Typically, internet users can access the Internet from various places such as home, office, school or public internet cafe. There is a need to address portability of a user's digital identity in the user-centric identity management practices. What is needed is a way for users to be able to export their digital identities and transfer them to various computers in a secure manner.