Many enterprises rely on identity and access management (I&AM) systems for their core business functioning. By selectively giving online access to internal resources to authorized users, enterprises can cut costs and improve productivity. Conventional I&AM systems enable them to extend their networks to enterprise representatives and to enterprise-provisioned external parties (such as contractors, business partners, and suppliers). Federated I&AM systems enable enterprises to extend access to users whose identities are managed and authenticated by other organizational domains.
As an enterprise lets in more and more authorized users from increasingly diverse populations, its security needs go up dramatically. Current enterprise I&AM systems provide no answer to many of the new challenges. U-Prove has been designed to address the following emerging requirements:
- Non-intrusive federation: By relying on the identity services of an external provider, the enterprise (1) subjects itself to impersonation attacks by insiders of the identity provider (including hackers and viruses), (2) looses its autonomy over access control decisions to the identity provider, and (3) enables the identity provider to monitor which users request access at what time. The U-prove technology enables the elimination of these unwanted powers of identity providers in federated settings.
- Fine-grained access: Coarse-grained access control allows authorized users to do more with resources than they need to. U-Prove enables enterprises to securely issue privileges and entitlements to authorized users in the form of protected "access tokens" that allow them to make arbitrarily fine-grained access control decisions. Users can store these tokens in long-lived form and selectively disclose only the minimal information needed to gain access.
- Secure access tokens: For many kinds of resources it may be necessary to protect access tokens against misuse by their own authorized users. U-Prove can protect access tokens against cloning, lending, pooling, discarding, and any other unauthorized uses, with unprecedented security. In addition, any number of access tokens can be bound at issuing time to a previously issued low-cost tamper-resistant user device (such as a Trusted Computing chip or a smart card).
- Offline access: For mobile resources, geographically distributed resources, and peer-to-peer file applications (such as instant messaging and file sharing) it may be burdensome to involve a central identity server for every access. U-Prove enables enterprises to securely give access on the basis of long-lived identity and attribute information that authorized resource users pull out of directory servers on an as-needed basis.
- User-authenticated audit trails: An increasing number of auditing regulations address growing security and privacy concerns, in response to accounting scandals, identity theft, and increased outsourcing. U-Prove enables administrators and auditors to collect user-authenticated transcripts that cryptographically prove every access request. Transcripts can prove not only which resources have been accessed but also what actions have been performed on them. At the same time, enterprises can hide sensitive information (such as the identities of resource users) from third-party auditors by censoring the transcripts prior to forwarding them.