LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

LWN.net Weekly Edition for June 6, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Trusted internet identity and privacy

Trusted internet identity and privacy

Posted Jan 13, 2011 13:44 UTC (Thu) by ortalo (subscriber, #4654)
In reply to: Trusted internet identity and privacy by bud
Parent article: Trusted internet identity

Personnally, I would say "of course".

Of course we need several independent "identities" for different usages of computers. In fact, by the way, I would rather say that we use different independent sets of access rights with different security constraints on them, than true different identities (even virtual ones).
We need those because we do not deal identically with our identification toward friends, colleagues, public services, banks, children and family, merchants (different kinds of them), opposite-sex friends, police, democratic governments, other governments, parents, etc. And we do not want our computer(s) either to operate identically in all those usage contexts, especially by using the classical single whole-system-wide user ID authenticated once at connection-time and created once upon a time by a generic 'admin'.

But I would even say that we also need more than "simply" several "named" sets of rights (or identity if you want). We also need identities shared by several people (think to document validation in most companies, big or small, families identification). We need to be able to copy some of them or split them (think to real door keys you share with your family or children). We need to be able to destroy them easily in some cases (and conflicting opinions may have to be arbitrated ;-). In other cases, on the contrary, we need third parties (possibly even a government) to guarantee their persistence and level of trust at the highest possible level.

Note by the way that I have sayed "named" sets of rights. Not "authenticated". In some cases, we do not even need these names to be authenticated - we do no need trust in someone else identity. We just want to identify them. (Well, with some level of trust maybe, but nothing that cannot be done well enough even without a true authentication procedure, especially a password.)

So, for me, saying we need several IDs (or certificates) is just the first step. It's nice because it has allowed us to understand that we need to reach another level. But not yet enough to build the stair needed to go there.

What I think is needed now are new distributed authorization and authentication servers, with an extended set of new functionalities: several different authentications, several authorization schemes, etc.
After all, Kerberos is rooted into 30 years-old work - and never really adressed the authorization aspect. Maybe that area deserves a specification update.

What's annoying is that nobody seems interested in seriously helping even only the specification phase. (Many people are interested in security as a domain, but most fewer are interested in doing actual security work.)

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds