Published: April 10, 2006 - 2:05pm
This is the typical communication engagement protocol humans use when initiating some form of non-trivial conversation where several exchanges are required. In America, people are are very good at this but, in Europe for example, people only reluctantly exchange names until they are sure that they WANT to continue a conversation. In the past, I've worked with colleagues for several days before I even found out their names! But I digress ...
If all you want to do is ask the time, then you generally don't even need to go this far - you just need to establish that all parties understand the same language. This might need a few attempts to establish the language everyone is happy to use ("Hi", "Hola", "Bonjour", "Dydd da", ...), but you generally don't need to know WHO it is that you're speaking with.
On the other hand, if you need to talk to someone in private, each party needs to establish not only a common language, but must also establish sufficient trust in the identities of the other parties. But how do you establish that someone is who they claim to be? There are many ways of doing this, but they can generally be classified into one of two main types of proof mechanism:
- Shared Information: This is a very simple, but powerful mechanism that can be used in order to establish certain level of trust in someone's claims to their identity. There are essentially two forms of this mechanism which can be used separately or combined depending on the scenario:
- Shared Facts: Enables me to prove to you that I belong to a group that you are also a member of. For example, you might ask me a series of questions such as "describe to me your reporting chain all the way up to Bill", "What is the name of the share from which we can download Vista daily builds?", etc. If I answer several such questions correctly, you might be convinced that I am an employee of Microsoft.
- Shared Secrets: You might also ask me several questions that only you and I will know the answers to. For example, "Show me your secret handshake", "When did you last email me?", "Which of these three stores did you last use your credit card at?". Once I have successfully answered enough questions, you can feel relatively sure that I am who I claim to be. However, this mechanism alone does not necessarily establish that I am a member of the same group as you (unless you ask me what my last review score was).
- Mutual Trust: if you ask to show you some form of proof of my identity, and I show you my credit card, drivers' license, passport, employer's badge, letter from mortgage company, etc., then you might feel more confident in my identity claim than if my employer and my bank say I am Richard Turner too.
Which of the above is the best or most effective mechanism? It depends on your needs and scenarios. However, when combined, these mechanisms provide a powerful way to help you accurately ascertain someone's identity. It is this combination of proofs that we use today to prove our identity both in the real world and online.
In addition to the mechanisms above, combining different form-factors during authentication often results in significantly enhanced confidence. For example, verbalizing your first and last names are "soft" claims. Providing a drivers' license provides a form of hard token containing a set of claims (name, DOB, eye color, etc). Adding a hard-token (something you have) to your soft-token (something you know) is commonly referred to as second-factor authentication and is mandated in many sensitive, financial, or high-security environments, but is not foolproof:
"But James, how are you going to escape from the underwater rocket silo?"
"Well Moneypenny, I'll jusht type in thish code [something he knows] that I got from Blofeld using Q's truth serum!"
"Oh James ... but how are you going to get past the retina scanner?"
"Eye eye!" 007 pulls an eyeball from a bag of ice in his pocket [something he has].
Bleep ... "Shuper. Tell M that I'm on my way home Moneypenny"
"Oh James ..."
(Apologies to Ian Fleming)
So, how does all this come together in a (more) real-world scenario?
Consider what I have to do to get onto a plane: I login to my travel website using my username (SF) and password (SS) and book a ticket. I pay for the ticket, sufficiently proving my identity to my credit-card company (SF & SS) and giving the airline company some confidence that I am who I claim to be (MT). Next, I obtain my ticket from the eTicket machines at the airport requiring proof of ownership of the necessary credit-card (SF & SS & MT). Then, I present the ticket (MT) and my drivers' license (MT) at the pre-security ticket check - the pre-screeners trust that the ticketing company and the drivers' license authority have done their jobs. The security screeners ensure that I'm not carrying anything too dangerous and ... finally ... I get to the gate and re-re-re-present my ticket before boarding (SF & MT). I'll leave you to draw the map of how the trusts chain from one relying party (booking company, ticketing agency, carrier) to another!
Once two or more people have established a language for information exchange and have identified themselves sufficiently accurately for the other parties, many new scenarios emerge, not least of which is "now I know we can converse and that I am happy that you are who you claim to be, how do I know I can trust you with the information we need to exchange?" This is where the rating models found at sites like EBay and Amazon's "was this review useful to you" rating systems help. This might let me believe that a single entity submitted these movie and book reviews and I appreciate your thoughts, but I'm not going to trust you to baby-sit my kids! Trust models have limited value until we can accurately, repeatedly and reliably ascertain the identity of each party and we then attach various levels of trust to those identities.
Accurately identifying the parties with which we interact forms the root from which we grow an entire ecosystem of confidence, trust and strong relationships. Without the ability to accurately identify the parties involved in a given relationship, we see a lack of trust, information leakage and theft, fraud and many other consequences. Does this sound familiar? It should - this is where the Internet is today.
In the next post in this series, we'll discuss the identity related problems currently facing the Internet and a potential solution.
Bookmark/Search this post with:
| | | | | | | |
Data Protection for Enterprise Remote Offices Data protection is a complex workflow including backup, offsite storage, archiving and recovery. Discover a "best practices" strategy for both corporate and remote office data protection.
Data Disaster Recovery For Small to Medium Businesses Discover the growing awareness within SMB community that business data is at risk and how online backup and recovery can protect your valuable server data from disaster.
Everything is Negotiable, and Everything is a Negotiation Everything is negotiable; some people just do not realize it. Discover the 15 principles of successful negotiations and learn what it takes to become a master negotiator in management situations.