You are here: Resources > FIDIS Deliverables > HighTechID > D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management > 

D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management

Scenario Description  Title:
REQUIREMENTS ANALYSIS
 Architecture

 

Requirements Analysis

In the following, we list the general requirements for the scenario described above: 

  1. On a local domain level, the identity provider should be able to check the status (e.g. the trustworthiness) of the platform to which a new identity credential has to be granted. This would allow him to authenticate and authorize a new user based on the ability of his platform to preserve the granted identity credential from theft (voluntary handing over can also be considered, but it needs more sophisticated technologies such as support of biometric identification in the device). 

  2. The identity provider should be able to issue a trusted ticket that can be securely validated by service providers in the same domain. The service providers should be able to check if the identity provider is trustworthy, and if it is allowed to grant such credentials in this domain. This requires the credentials themselves to include information reflecting the status of the identity provider’s system at the time when the credential was issued. Typically, such information should be in the form of integrity measurements which could be compared with reference values. 

  3. For cross-domain validation of credentials, the identity provider should be able to issue credentials that would be valid in other identifier domains (i.e trusted by service providers outside their domains). For that, the service providers should be able to check the trustworthiness of the corresponding identity provider outside the domain, and whether this identity provider is allowed to grant credentials that are valid in the service provider’s domain. 

 

Scenario Description  fidis-wp3-del3.9_Study_on_the_Impact_of_Trusted_Computing_on_Identity_and_Identity_Management_v1.1.sxw  Architecture
31 / 38