A post about user identity that is thought provoking on user authorisation and security, or just utter bullshit
User identity
Disclaimer: I am no security expert.
Use case
Provide a way for a user to identify himself before remotely accessing a multi-user software that requires to associate the user with her data.
Introduction
There are two forms of user identification.
- Non authorised by the user
- Authorised by the user
Definitions
Non authorised identification is a user saying who he is.
Authorised identification is a user saying who he is and trusting her.
For brevity, non authorised identification will be known simply as identification.
In essence, an authorised identification is a two stage identification. In the first stage the user provides an alias that is known of, usually in the form of a username. In the second stage the user provides proof to his claim, usually in the form of a password.
Imagine sitting behind a large door. A user comes and knocks.
- “Who is this?”
- “This is John” <- Identification
- “Prove it!”
- “Here is my passport” <- Authorised
Identity
The identity of the user is her email. An email is required both for identifying it to its owner and for verifying a new residence. An identity can have many residences.
Residence
Each identity is paired with a residence. A residence vouches for the user identity. Should the residence be removed, the identity can no longer be vouched for.
Characteristics of a residence
A residence has an identifier which needs to adhere to the following principles.
-
Private.
The identifier of a residence is private even to its owner. -
Unique.
A residence identifier needs to be unique from a pool of residences. -
Secure.
The identifier needs to be securely stored.
Creating a new residence.
Assuming the owner of the identity wants to create a new residence from which she can access the software.
The user requests for the new residence to be added. Subsequently, verifies the new residence via email. The new residence can now vouch for the user’s identity.
Delete a residence
The owner should be able to remove a residence. If a residence is deleted, the identity is also permanently removed as a residence.
Mockups
Some mockups as to how it looks in practice.