Browser-based identity federation

Browserbasierte Identitätsföderation etabliert eine Dreiparteienauthentifikation mit einem Standard-Webbrowser als Client. Ein Standard-Webbrowser ist nicht unmittelbar in der Lage, die vorherrschende Methode des sicheren Sitzungsschlüsselaustausches für Identitätsföderation einzusetzen. Stattdessen verwendet ein Webbrowser einen bereits etablierten server-authentifizierten Kanal, um den Berechtigungsnachweis einer dritten Partei zu übertragen. Mit diesen zwei Schritten wird ein beidseitig authentifizierter Kanal aufgebaut. Diese Arbeit führt detaillierte Protokollanalysen von Föderationsstandards durch, welche eine Reihe potentieller Sicherheitslücken bei einem realistischen Angreifermodell aufzeigen. Sie zeigt den ersten rigorosen Sicherheitsbeweis für standardisierte Identitätsföderation mit einem formalen Browsermodell. Im Prinzip garantiert Channel Authenticity einen sicheren Kanal zwischen dem identifizierten Benutzer und einem akzeptierenden Dienstleister.This thesis considers secure authentication by browser-based identity federation. This special class of identity federation only uses a standard web browser as client and therefore provides a zero-footprint authentication. Instead of a traditional key exchange and subsequent channel establishment, this protocol class bootstraps a server-authenticated secure channel with a third-party credential to obtain mutual authentication. The results of our investigation include vulnerabilities and novel security mechanisms, which have improved SAML and WS-Federation as major standards. We will present the first formal model for browser-based protocols built upon the Reactive Simulatability framework, and establish channel authenticity as new security goal for this area. Through our formal model of the standardized WS-Federation Passive Requestor Profile, we achieve the first rigorous security proof for browser-based identity federation

Proving a WS-Federation Passive Requestor profile

Currently, influential industrial players are in the process of realizing identity federation, in particular the authentication of browser users across administrative domains. WS-Federation is a joint protocol framework for Web Services clients and browser clients. While browser-based federation protocols, including Microsoft Passport, OASIS SAML, and Liberty besides WS-Federation, are already widely deployed, their security is still unproven and has been challenged by several analyses. One reason is a lack of cryptographically precise protocol definitions, which impedes explicit design for security as well as proofs. Another reason is that the security properties depend on the browser and even on the browser user. We rigorously formalize a strict instantiation of the current WS-Federation Passive Requestor Interop profile and make explicit assumptions for its general use. On this basis, we prove that the protocol provides authenticity and secure channel establishment in a realistic trust scenario. This constitutes the first positive security result for a browser-based identity federation protocol

Browser Model for Security Analysis of Browser-Based Protocols

Currently, many industrial initiatives focus on web-based applications. In this context an important requirement is that the user should only rely on a standard web browser. Hence the underlying security services also rely solely on a browser for interaction with the user. Browser-based identity federation is a prominent example of such a protocol. Unfortunately, very little is still known about the security of browser-based protocols, and they seem at least as error-prone as standard security protocols. In particular, standard web browsers have limited cryptographic capabilities and thus new protocols are used. Furthermore, these protocols require certain care by the user in person, which must be modeled. In addition, browsers, unlike normal protocol principals, cannot be assumed to do nothing but execute the given security protocol. In this paper, we lay the theoretical basis for the rigorous analysis and security proofs of browser-based security protocols. We formally model web browsers, secure browser channels, and the security-relevant browsing behavior of a user as automata. As a first rigorous security proof of a browser-based protocol we prove the security of password-based user authentication in our model. This is not only the most common stand-alone type of browser authentication, but also a fundamental building block for more complex protocols like identity federation