[cryptography] Client certificate crypto with a twist
Jeff.Hodges at KingsMountain.com
Thu Oct 11 12:27:58 EDT 2012
A recent paper relevant to the federated identity aspect of the thread...
Economic tussles in federated identity management Susan Landau, Tyler Moore
Federated identity management (FIM) enables a user to authenticate once and
access privileged information across disparate domains. FIM’s proponents, who
see the technology as providing security and ease of use, include governments
and leaders in the IT industry. Indeed, a cornerstone of the current U.S.
government’s efforts to secure cyberspace is its “National Strategy for Trusted
Identities in Cyberspace” (U.S. Department of Commerce, 2011). Yet adoption of
federated identity management systems has been slow.
From disputes over liability assignment for authentication failures to concerns
over privacy, there have been many explanations for the slow uptake of federated
identity management systems. We believe the problem is embedded in stakeholder
incentives. We present an economic perspective of stakeholder incentives that
sheds light on why some applications have embraced FIM while others have
struggled. To do so, we begin by briefly analyzing seven use cases of successful
and unsuccessful FIM deployments. From this we identify four critical tussles
that may arise between stakeholders when engineering a FIM system. We show how
the successful deployments have resolved the tussles, whereas the unsuccessful
deployments have not. We conclude by drawing insights on the prospects of future
More information about the cryptography