Network Identity


Identity is fundamental to the other components of security. Identity can be thought of as a collection of attributes that collectively represent a person or object uniquely. A significant amount of effort has been expended on technologies that store, validate, or verify identity.

Identity is important to many aspects of distributed computing. For the most part, it simply isn't possible to ignore the personal side of users. Users have preferences and rights, and their own credit card numbers thereby having the capacity to enter into personal agreements with other users or organizations.

Although quite a bit of the Internet is "anonymous," more and more of it requires some knowledge of the user to provide customizable services, or to provide an environment that is secure.

Note

Because identity is so personal, it is the subject of considerable interest and debate. As you will learn later, privacy and anonymity are as important a security consideration as being able to identify a user.


In today's Internet, users must establish identities for each of the systems they interact with in a personal and often secure way. At the least, the identities consist of a user ID and a password, which is used to authenticate the user. Rather than having identities on each system that a user interacts with, a network identity can represent a user across an entire domain. The same identity will be useful to all the systems in the network.

Because of the dynamic nature of peer-to-peer systems, using identities is a particularly interesting problem. If identity is associated with the right to access a resource, it becomes necessary for every peer to understand how to validate an identity, and to associate it with the services a peer provides. Network identities can help reduce the burden a peer faces in managing and using identities or validating them. It's also possible to perform authorization at the network level, so that peers do not have to maintain lists of rights. You'll see how this can happen later in the chapter.

Several other challenges exist in connection with identity. For example, the attributes that are selected to represent something must be unique within the domain searching for "Bubba Smith" in the state of Texas using Infospace.com yields 11 individuals. Without additional information, it's difficult to know which is the one you're looking for. On the other hand, the information that composes an identity should not be too revealing. Also, an identity is not a person or an object it only represents one. It's possible to possess or create an identity that is not your own. In the rest of the chapter, we will learn how identity is used, managed, and protected.



JavaT P2P Unleashed
JavaT P2P Unleashed
ISBN: N/A
EAN: N/A
Year: 2002
Pages: 209

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net