June 2009


In an earlier post on SLO I promised to get back with more information about the usage of single logout, as Feide adds more and more services to the SLO service.  The graph below shows the ratio of Single Log Out (SLO) to Single Sign On (SSO) for the Feide production Moria4 site.  It is interesting to note that the SLO to SSO ratio is increasing (the initial fluttering is due to pre-production testing), and there is a marked jump at the same time as several reliable service providers were added.  A peak at the underlying data indicates that several services have logout ratios above 50%, among these are library databases and exam registration.  SLO to SSO ratio

Even if all services implement SLO, not all services have a good location for the SLO button.  In practice this leads to not all users having access to logout.  Most users still close the browser to log out from a service, or does not log out.  For those who do not log out, the session timeout functions as their logout.  Session timeout in Feide takes several hours, which is a long time compared to BankID where the session lifetime is minutes.

The Moria4 site above went into production April 29, and several major service providers were added in late May.  The overall SSO traffic is shown below.

Single Sign On for Moria4

More information about the technical implementation is available in Andreas’ presentation on SLO from TNC2009

Several IT-people in higher education has recommended KeePass for keeping track of keys and credentials. KeePass is a free open source password manager. You can put all your passwords in one database, which is locked with one master key or a key file.

They claim to be very happy about the way that wallet works. Of course this carries the usual risks you get when you put all your eggs in the same basket

  • nice target for hacking attempts
  • if you lose one key, you lose all keys
  • software is only secure as long as it is patched
  • remembering the single key that will unlock all keys

On the other hand, in addition to the benefits of an open source transparent solution you also get the usual benefits from putting all your eggs in the same basket

  • being able to find your keys
  • awareness of having a basket
  • easier to secure the one key to bind them all
  • you are more likely to discover if there has been an incident with your keys

Key wallets of this kind, including KeePass and PasswordSafe, seem to be better implemented than the password wallets found in browsers.

Trying to wrap my head around the concepts introduced by Kim Cameron, Kai Rannenberg and Reinhard Posch in Proposal for a Common Identity Framework

Kim Cameron is blogging about definitions for a common identity framework, explaining the concepts behind the paper.

Their definition for user centric is interesting

User-centric: Structured so as to allow users to conceptualize, enumerate and control their relationships with other parties, including the flow of information.

The work in Feide on consent, consent management and revamping user interfaces falls nicely into this definition. When the goal is to give users control over their relationship and give them tools to conceptualize the existing relations, we ended up with the federation Innsyn. I do not fully understand what is implied by “enumerate relationships”, but assume that this is similar to the consent management. It is interesting to note that user centric solutions can be achieved both on the client and server side of the traditional server-client model for services, but in order to do server side user centric solutions, the user must be given tools on the server side.

Another interesting concept in the paper is that not all assertions are true (but all Cretans are liars?)

It is key to the document that claims are assertions by one subject about another subject that are “in doubt”. This is a fundamental notion since it leads to an understanding that one of the basic services of a multi-party model must be ”Claims Approval”. The simple assumption by systems that assertions are true – in other words the failure to factor out “approval” as a separate service – has lead to conflation and insularity in earlier systems.

Being able to sort out assertions into claims and credentials may help us think clearer about the security needs. In psycology we learn that children will know the difference between true and false at the age of three-four, but in this case the security community has taken a few more years to sort out the issue. I wonder what that says about the maturity of our understanding?

The main Norwegian provider of online phone search, Eniro,  published birth dates for all phone owners.  Unless you have a secret phone, your birth date is now online and available.  Eniro claims to have done this in order to make it easier to distinguish search results.

Searching for Ingrid Melve

Searching for Ingrid Melve

One example is the search result from my name, as shown in the picture.  I suppose the birth date is displayed in the same box with the Send flowers-button for ease of use, that is nice.  Less nice are the ads, since I suppose that the advertisements suggest good presents for me: Bigger boobs, heat exchanger, flat screen TV, teeth bleaching, Sony Playstation 3.   I much prefer the PS3 of those suggestions, as I find the other suggestions gross and rude and too personal.

I do not see how knowing the birth date helps me distinguish between search results.  Knowing the birth year might help, since I could map what I know about the person to the search result.  Knowing what date the person is born gives me no new information.  Know birth dates for family and friends is nice, but that is all about maintaining social relations.  Searching for phone numbers is not my preferred social relation investment.  In this case the service seems displaced in the social fabric.

Reactions have been surprisingly strong, probably because this is perceived as rudeness incorporated.  The Data Protection Agency have the phone ringing off the hook, but according to the current rules publishing birth dates is within the regulations.  Once again the difference between legally right and morally right is displayed in public.

One of the more interesting reads recently was Internet Governance by Bygrave and Bing.  The articles cover the fabric of Internet infrastructure, not excluding code and engineers.  The interplay of policy and code (as instantiated in real live protocols and applications) is analyzed and discussed.  Although the book is written as a text book for legal student, it is readable for those of us interested in the social fabric of the Internet, the policy mechanisms and formation process of Internet.

It does not hurt that the opening chapter on Internet history is written by professor Jon Bing, an author I enjoyed ever since his childrens books in my youth .  The other authors also analyze and discuss and interpret, not just make claims or cite endless facts, as so many authors writing about governance and/or Internet tends to do.  Giving food for thought is good.

A draft of federation protocols for Wave, the hot-of-hottest new collaboration tool from Google is presented in the draft General Verifiable Federation by Lea Kissner and Ben Laurie.  More white-papers are available from the Google Wave innards site.  Google Wave is announced as open source, and is  based on the principle of federation.

Wave itself is an example of what happens if the user experience is put in the driving site, and looks exciting!  The proof of the email system (and the instant message system, and document sharing, and photo sharing, and collaborative work, and sharing information) is the eating of the pudding, and I am looking forward to tasting the pudding.

Quote from the Wave presentation

Federation that was hard. So we are building this thing with live concurrent editing and chatting and instant messaging and pictures and all that stuff.  And then we throw federation into the mix, which vastly complicates things.  It would be so much easier, frankly, from an engineering point of view if we could just keep this proprietary and we control all the servers and we control all the update schedules and so on.  But we think it is worth the effort. We hope you can help us with this.  We think the world is better place if everyone can build wave systems with it.

The share abilities of federation technology is in focus.  As it should be.

The innards of wave technology remains to be auguried by resident high technologists.  But it looks cool.