View
214
Download
0
Category
Tags:
Preview:
Citation preview
Dating Portal showcase
Copyright © 2007 Credentica Inc. All Rights Reserved.
February 15th - 16th, 2007
2Copyright © 2007 Credentica Inc. All Rights Reserved.
Dating portal showcase
• The dating portal is an peer-to-peer infopage• Services are other Users
• Portal certifies information about Users, but doesn’t learn Users’ activities
• An Identity Token is used to authenticate to the dating portal and to hold certified private and public information
• An ID Container is used to hold the ID Token and non-certified private and public information
• A User can ask another User to disclose private information fields (certified and non-certified)
3Copyright © 2007 Credentica Inc. All Rights Reserved.
Dating portal showcase overview
PortalTokenIssuer
UserAccounts
Alice (White Rabbit)
ID Container
Bob (CoolB)
ID Container
The dating portal allows
Users to exchange
information in a private manner
At enrollment, each User receives
anonymously an ID Token issued by the
Portal containing certified information
Later, Users register to the dating portal by presenting the ID
Token and by choosing a User ID
From this point on, registered User browse for other
browser to exchange private information. Portal facilitates the exchanges but does not learn Users’ real
identities nor the exhanged
information
4Copyright © 2007 Credentica Inc. All Rights Reserved.
Background Check
Enrollment
PortalTokenIssuer
UserAccounts
Alice
ID Container
Bob (CoolB)
ID Container
Alice visits the dating portal to
enroll
Enrollment
Please fill the following fields
Name: ___________________
DOB: ___________________
Address: ___________________
Billing info
Credit Card No: _____________
Alice completes and submits the
form that contains
personal and billing
information
Alice browser’s retrieves an
applet to perform client
side computations
The applet creates an ID Container and the Portal issues an ID Token containing
certified information (some public, some
private). The ID Token is not yet usable
The Portal performs a background
check on Alice and, once
completed, sends her a
welcome email
Alice
data
OK?
Yes
5Copyright © 2007 Credentica Inc. All Rights Reserved.
Bob (CoolB)
ID Container
Alice
ID Container
PortalTokenIssuer
UserAccounts
Registration
(White Rabbit)To register, Alice
visits the registration link
in the email
Registration
Non-certified information
• Private: ________________
• Public: ________________
Login info
• User ID: ________________
• Password: ________________
Alice provides non-certified private
and public information and
chooses a User ID (e.g. White Rabbit)
and password
The ID Token is activated and
associated with White Rabbit’s
account
At this point, the Portal recognize
White Rabbit, knows it’s a paying customer, but does not know that this is Alice, and any of
her private information
(certified or not)
6Copyright © 2007 Credentica Inc. All Rights Reserved.
Bob (CoolB)
ID Container
Alice
ID Container
PortalTokenIssuer
UserAccounts
Single Sign-On vs. Roaming access
(White Rabbit)
Alice as the option to enable the SSO
feature (“Remember me”). In this case, the ID Container remains on Alice’s system, and future logins
are transparent to Alice
User ID: ______________
Password:______________
Sign In
Expedite Sign In
White Rabbit
If not, the ID Container is
deleted from the system. Alice
needs to enter her User ID and password to
retrieve it at every login
White Rabbit
****************
White Rabbit Welcome White Rabbit
In the registration, the applet derives an encryption key from the password
and sends an encrypted copy of the ID Container to
the Portal
7Copyright © 2007 Credentica Inc. All Rights Reserved.
Bob (CoolB)
ID Container
Alice (White Rabbit)
ID Container
PortalTokenIssuer
UserAccounts
Private information disclosure
Bob browses the Portal for other Users
Welcome CoolB
User search result:
_____________________________
White Rabbit (request private info)
• City: Montreal
• Hobbies: tennis, reading
FunnyGirl (request private info)
• City: Toronto
• Hobbies: shopping
Bob requests info disclosure from
White Rabbit. The requests is
encrypted for White Rabbit and stored by
the Portal
Disc
Request
Next time Alice visits the Portal, she accepts
the info disclosure
Welcome White Rabbit
One new message from CoolB
• Disclose private info?
Yes / No
Private info
White Rabbit?
Users’ public information fields (certified and non-
certified) are displayed
Public certified info is obtained
from White Rabbit’s ID Token (info provided by
the Portal)
Public non-certified info is obtained from
Portal’s database
Logged in Users can browse for other Users and requests private
information disclosure (or
respond to them)
8Copyright © 2007 Credentica Inc. All Rights Reserved.
Bob (CoolB)
ID Container
Alice (White Rabbit)
ID Container
PortalTokenIssuer
UserAccounts
Private information disclosure
Welcome CoolB
White Rabbit
• City: Montreal
• Hobbies: tennis, reading
• Age: 28
• Phone number: 514-555-1234
Next time Bob visits the
Portal, he retrieves
White Rabbit’s
encrypted disclosure
Private info
Welcome CoolB
New message from White Rabbit
Bob validates the disclosed
data
Private certified info is obtained
from White Rabbit’s
disclosure (in the ID Token)
Public certified info is obtained
from White Rabbit’s ID Token
Public non-certified info is obtained from
Portal’s databasePrivate non-
certified info is obtained from White Rabbit’s
disclosure
Recommended