Subject The Most Important Attribute
From David Chadwick <d.w.chadwick@xxxxxxxxxx>
Date Wed, 06 Jul 2011 12:06:17 +0100

"Money makes the world go round". Clearly money is vital to all human beings. Wars are started over it, people loose their houses or starve to death due to insufficient quantities of it. The whole world goes into recession because of it.

Imagine there was an attribute that could be asserted that would allow your money to be removed from you. Surely this attribute would have the highest protection and need the highest assurance of all attributes if it were to be used electronically.

If your university issued this attribute, then surely it would not let it out of its systems and surely would not release it to any SP. It would simply be too risky. You might loose money as a result.

But such an attribute does exist and we all use it regularly. It is the credit card number that I assert whenever I do online shopping. So lets have a look at some of the properties of this most important attribute, since it might help us in designing an attribute release system for our federation.

1. User consent is paramount. Not only does the user consent in releasing this attribute to the SP, but the user can withdraw his consent after the fact and can end up with the goods from the SP and the money still in his account.

2. The user can self assert it. But the SP does not believe it. Instead the SP checks with the IDP to ensure that the attribute is valid and has not been revoked. So the SP gets a highly trusted assertion from the IDP about the validity of the attribute. The IDP may (with 3D secure) check user consent and user authn at the time of the transaction (though not in the US we are told).

3. There is no privacy protection. The attribute is globally unique, identifies the user uniquely, and the SP can track all the user's transactions, as can the IDP with all the SPs.

I am not saying that such an attribute release mechanism is the correct one to adopt for the academic community, but clearly it works and is in large scale use every day, with billions of dollars being transferred due the transfer of this attribute.

But it may provide pointers at to what practises may work and what may not work




David W. Chadwick, BSc PhD
Professor of Information Systems Security
School of Computing, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick@xxxxxxxxxx
Home Page:
Research Web site:
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5