UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Toward Mending Two Nation-Scale Brokered Identification Systems.

Brandão, LTAN; Christin, N; Danezis, G; (2015) Toward Mending Two Nation-Scale Brokered Identification Systems. Proceedings on Privacy Enhancing Technologies , 2015 (2) pp. 135-155. 10.1515/popets-2015-0022. Green open access

[thumbnail of popets-2015-0022.pdf]
Preview
Text
popets-2015-0022.pdf
Available under License : See the attached licence file.

Download (680kB)

Abstract

Available online public/governmental services requiring authentication by citizens have considerably expanded in recent years. This has hindered the usability and security associated with credential management by users and service providers. To address the problem, some countries have proposed nation-scale identification/authentication systems that intend to greatly reduce the burden of credential management, while seemingly offering desirable privacy benefits. In this paper we analyze two such systems: the Federal Cloud Credential Exchange (FCCX) in the United States and GOV.UK Verify in the United Kingdom, which altogether aim at serving more than a hundred million citizens. Both systems propose a brokered identification architecture, where an online central hub mediates user authentications between identity providers and service providers. We show that both FCCX and GOV.UK Verify suffer from serious privacy and security shortcomings, fail to comply with privacy-preserving guidelines they are meant to follow, and may actually degrade user privacy. Notably, the hub can link interactions of the same user across different service providers and has visibility over private identifiable information of citizens. In case of malicious compromise it is also able to undetectably impersonate users. Within the structural design constraints placed on these nation-scale brokered identification systems, we propose feasible technical solutions to the privacy and security issues we identified. We conclude with a strong recommendation that FCCX and GOV.UK Verify be subject to a more in-depth technical and public review, based on a defined and comprehensive threat model, and adopt adequate structural adjustments.

Type: Article
Title: Toward Mending Two Nation-Scale Brokered Identification Systems.
Open access status: An open access version is available from UCL Discovery
DOI: 10.1515/popets-2015-0022
Publisher version: http://dx.doi.org/10.1515/popets-2015-0022
Language: English
Additional information: © Luís T. A. N. Brandão et al.. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License. (CC BY-NC-ND 3.0)
Keywords: NSTIC, IDAP, identification, authentication, surveillance, privacy enhancing technologies, secure two-party computation
UCL classification: UCL
UCL > Provost and Vice Provost Offices
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/1469541
Downloads since deposit
90Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item