Information Technology Reference
In-Depth Information
to this, commercial identity management systems offered by well-known vendors
such as
Hitachi ID Identity Manager
[13],
NetIQ's Identity Manager Standard 4
Edition
[14],
Microsoft's Enterprise Identity Synchronization Architecture
[15] and
McAfee Cloud Identity Manager
[16] among many others also provide documents
describing recommended features for federated identity management systems and
define guidelines for evaluation. Similarly, NIST [17] offers well-established aspects
that could be used to evaluate the functionality of a system.These aspects include
Correctness and Effectiveness
,
Leading versus Lagging Indicators
,
Organizational
Security Objectives
,
Qualitative and Quantitative Properties
and
Measurement of
Large versus the Small
[17]. However, since our solution is more focused towards
providing the required functionality, so we follow the
Correctness and Effectiveness
Properties
aspect for the evaluation of our system.
In order to ensure the protection of identity credentials over the communication
channel we must offer confidentiality. However, the existing SCIM protocol only
focuses on the basic functionality and does not provide any security mechanism
at all. Consequently, the data exchanged among the various CSPs was in plaintext
form, which is vulnerable to many attacks including eavesdropping, identity theft
and fraud. Therefore, we have enhanced SCIM protocol to include encryption mech-
anism which ensures protection of identity credentials even if they are disclosed or
accessible to the adversaries.
5.1
Protocol Evaluation Using Scyther
Scyther is a well-known tool that is used for the formal analysis of security proto-
cols under the perfect cryptography assumption, it verifies that all the cryptographic
functions used in the system are perfect, for-instance it may validate that the at-
tacker learns nothing from an encrypted message until and unless he has the decryp-
tion key. Therefore, we have used Scyther to confirm the effectiveness of enhanced
SCIM protocol. Scyther has verified the claims of our protocol, like secrecy of iden-
tity credentials (in request and response) and the persistence of server aliveness
is ensured during the identity exchange processes. It has verified that the security
enhancement in SCIM protocol ensures protection against the intruder even if the
network is completely or partially under his control. Scyther lists various predefined
claim types such as
NiSynch, WeakAgree, Alive, NiAgree, Empty, Reachable
and
Se-
cret
[18]. However, we have used only four of them (Secret (for confidentiality),
Alive, WeakAgree and NiSynch) as per our requirement. The script of Scyther, stat-
ing steps of our protocol in the form of claims along with the verification results are
presented in Listing 5 and Figure 5 respectively.
Correctness and Effectiveness Properties:
Correctness property aims to ensure that
the required mechanisms are properly implemented; however, effectiveness ascer-
tains how well the various system components tie together and work in synergy [17].
Generally, functionality assessments using correctness and effectiveness are essen-
tially performed through direct evaluation of actual system components. In the same
Search WWH ::
Custom Search