In the context of identity management, a major research topic is the establishment of trust relationships between multiple identifier domains. Conventional approaches such as cross certification, spanning certificate authorities or mirroring of user databases result in substantial technical overhead. A possible approach is the usage of already existing architectures such as the infrastructure provided by trusted computing technology.
The goal of this thesis is the development of a concept that allows a user from a certain identifier domain to access a service at a service provider belonging to a foreign identifier domain by using a ticket issued by an identity provider located in the primary identifier domain. To decide whether the foreign ticket can be accepted, the service provider first of all has to verify that the identity provider is authorized to issue tickets for the particular identifier domain. Moreover, the service provider has to validate the identity provider’s configuration and system status at the moment of the ticket issuing in order to decide whether the identity provider’s decision can be trusted.
In the thesis, the realization of these requirements by using trusted computing technology is analyzed. For the authorization of the identity provider, the process of issuing attestation identifier credentials by the privacy-CA has to be adapted. If the identity provider is authorized to issue trusted tickets, the privacy-CA includes a certain key usage attribute in the certificate. In order to create the trusted tickets, SAML assertions are used to transport the status information from the identity provider to the foreign service provider. The flexible SAML framework allows the integration of the identity provider’s status information signed with the attestation identifier key in the attributes of the assertion. For the creation of information describing the platform’s current configuration and system status, the trusted computing technology offers the necessary attestation mechanisms.
The developed concept and the reference implementation show that it is possible to use the trusted computing architecture for the establishment of trust relationships across multiple identifier domains in the context of identity management.