Trusted Third Parties
Much was said at the Catalyst Conference about Trust. For example, trust between
enterprises is a prerequisite to establishing federated exchange of Identity
Information. Internet users must trust enterprises to protect private information.
Enterprises authenticate user credentials before a user is trusted to access
to online resources. Indeed, a trusting relationship between parties is the
foundation of any online interaction.
A Trusted Third
Party (TTP) is an interesting example of establishing trust relationships.
Dick Hardt of Sxip
Identity pointed out that our drivers licenses largely work as Identity
credentials because a trusted third party – the Motor Vehicle Division – has verified the authenticity of a person’s identity
and has issued on official, widely-accepted token of that authenticity, the
license itself. People trust a drivers license identity
authentication because people trust that the Motor Vehicle Division did its
job well. Interestingly enough, the MVD relies on another trusted TTP, the government
department which issues birth certificates, to establish citizenship and birthdates.
This model is evident in the Sxip
Identity model, where a Home Site is a TTP which can vouch for a person’s
credentials to a Member Site on the Internet. The Home Site receives validations
about user Identity from additional TTPs (e.g. government department for birth
data, university for transcript data).
I asked Dick what type of organization could be a Home Site TTP in this model.
He suggested that because banks already have relationships
of trust with their customers, they might be ideal candidates for maintaining
Home Sites. It is quite natural to think of depositing one’s Identity into a
virtual safe deposit box at a bank. The depositor could then selectively authorize
copies of Identity information from his or her safe deposit box to be sent other
Internet sites for authentication and authorization purposes.
Brook Schoenfield of Cisco proposed at the Catalyst Conference an infrastructure
for automated trust establishment between enterprises, using a TTP to vouch
for enterprise credentials, modeled after the credit card infrastructure.
It stands to reason in our inherently un-trustworthy world, that TTPs are essential
to establish trust-based relationships. However, while acknowledging that TTPs
are valuable, Nick Szabo states
that TTPs are security holes: "The invocation or assumption in a security
protocol design of a "trusted third party" (TTP) or a "trusted
computing base" (TCB) controlled by a third party constitutes the introduction
of a security hole into that design. The security hole will then need to be
plugged by other means."
A credit card company, acting as a TTP in a seller/buyer transaction, plugs
the security hole of credit card fraud by essentially indemnifying buyers against
fraud. For example, a Visa representative called to inform me that a person
had purchased $1800 worth of pharmaceuticals on my credit card number for shipment
to a Nigerian address. They backed out the charges and changed my card number
when I confirmed the fraud. A hole was detected; the hole was plugged. Such
actions lead to a widespread feeling of trust between credit card holders issuers.
I presume that TTPs of the sort proposed by Dick Hardt and Brook Schoenfield
will emerge when there is commercial impetus for companies to act as TTPs and
the TTPs can demonstrate sufficient good will and hole-plugging actions to maintain
and grow their status as entities worth of trust.
In closing, may I Trust that you will send me your comments? 🙂
Tag: Identity