Alternatives to oAuth for DECE - WikiLeaks · PDF fileCurrent Issues • login() exposes...
Transcript of Alternatives to oAuth for DECE - WikiLeaks · PDF fileCurrent Issues • login() exposes...
Alternatives to oAuth for DECE
Peter DavisResearch Fellow
Neustar, Inc
1
Current Application
• AuthN:
• login();
• Delegation:
• oauth token
• Durable but unmanaged
• Conveyed in REST API headers
2
Current Issues
• login() exposes credentials to theft
• uname/pw storage causes account sync issues
• oauth suited for unknown to unknown interactions (thus extra step)
• Not intended for authN (requires composition with other protocols)
• Limited Extensibility options
• No distributed delegation model
3
Orientation to SAML• Token format
• Extensible
• REST and SOAP profiles
• 10 years of maturity
• Potential integration with MS InfoCard
• Broad open source and mature commercial software in place
• 8 initial profiles (and counting)
4
SAML Oauth ComparisonOauth 1.0a SAML2
REST profiles yes yes
# of profiles 1 10+
token format name/value w/sig XML w/XML dsig
authentication no (WRAP) yes
authN contexts no yes
Proxy Profiles no yes
attribute conveyance requires extension native
delegation yes yes
native usage for DECE no yes
sub-delegation no yes
suitable for intermediaries no yes
subject ID encryption no yes
prvt key propagation req’d yes no
5
Oauth Flows
6
SAML Flows
7
Opaque Identifiers
AliceCoordinator
Node A
Node B
Alice123
awhite
alicew
xyz
qrs
• Prevents collusion between nodes
• Conveyed by Coordinator Token response (accountID and UserID)
• Question: Persistence of identifiers
8
Roadmap for future (P1-3)
• Token provisioning
• Trusted module
• Linear Programming
9
Device Token
• Bearer Token model
• Assertion Token provisioning into device
• (D|d)evice presentation to Relying Parties
• Potential for DRM incorporation
• Enables holder-of-key models potentially
10
Coordinator Cache Policy
• Leverage HTTP cache negotiation
• require (eg MUST)
• If-Modified-Since
• Last-Modified
• Expires
• What is acceptable local cache policy (if coordinator unavailable)
11
Appendix
12
Applying SAML to DECE
• AuthN bindings and profiles
• Delegation (bearer) token use
• Comparable flows for oauth and SAML
• Trusted Module (device-lead delegation)
13
SAML Evolution
2002 2003 2005
14
Present-day Uses
• Enterprise
• Federal and eGovernment
• Consumer Banking
15
Conclusions
16
Questions
17
Ecosystem Model
18