One of the hardest security problems to solve is mapping real-world people and organisations onto computer systems. This is both a psychological and technical problem. It actually has interesting analogies with real life social situations.
Imagine meeting a group of people for the first time. Typically the first step is an introduction: my name is xxx But what if you didn give your real name? Would it matter? In general, apart from the confusion when two people refer to you with two different names, the name you offer to people doesn actually have much relevance. Your new friends will build up a picture of your character and associate that with you – your identity is actually independent of the relationship.
This is mirrored in the virtual world. All computers are more-or-less the same. It is just that they are run by different companies with whom you build your relationship. Take the CD I bought from www.cdshop.com. I first buy from a web-site on the recommendation of a friend. I continue with subsequent purchases because I have developed a trust relationship with that site: the last four CDs I ordered arrived in working order, and I got charged the amount I expected. Would it have really mattered if the site was called www.shopforcds.com?
That which we call a rose…
Trust in this situation is more of a human psychology issue than it is a technical problem. When the Internet became popular, some domain names started selling for extraordinarily large sums of money. There were two issues here: simplicity and recognition. Real-world companies had existing recognition – I have shopped at Street CDs for years, so shouldn I already have some trust in a web-site called www.highstreetcds.com?
The mistake I have made is one of authentication. How do I know that www.highstreetcds.com has anything to do with the real-world equivalent? In fact it is the same problem as meeting a new group of people for the first time: my name is www.highstreetcds.com />
Everyone needs a friend.
Just as in real life, the problem can be solved by an introduction by a trusted third party. My friend recommendation is of the form: like you to meet www.highstreetcds.com As with the recommendation of www.cdshop.com, I can base my trust of www.highstreetcds.com based on the recommendation of a friend.
So, how do we replace our friend in the virtual world? The first step is to establish the concept of Identity. An identity is a virtual equivalent of your name, designed to be as unique as possible. So, obvious identities to choose would be:
Next, how do we check that you are the correct owner of the identity? Well, that where we need an introduction from a friend, a Trusted Third Party. In the virtual world, you too can be www.cdshop.com, but only if someone I trust says that you are.
In Citrix Access Essentials, this is what an certificate does for you in its SSL support. You can type any address you like into the certificate request box in the Access task. Yes, even www.citrix.com or www.amazon.com. But (and it a rather big but), no-one will believe you until you get a Third Party to validate (usually known as signing your X509 certificate, using their X509 certificate.
In practice, this usually involves going to a Third Party company who offer an X509 Certificate signing service, and requesting that they the X509 certificate that contains your identity. At this point, I trust my friend to refuse to sign an X509 certificate that identifies you as or />
Who do I trust to tell me who to trust?
That is the prize question. From a technological standpoint, you can trust who you like, simply by installing or uninstalling the Trusted Third Party X509 certificate. Most Operating Systems come with well-known Trusted Third Party certificates pre-installed.
In the real-world, you are ultimately back to the my name is xxx. I want to be your friend. You can trust me to tell you who to trust.