Mark Allman, Christian Kreibich, Vern Paxson, Robin Sommer, Nicholas Weaver. The Strengths of Weaker Identities: Opportunistic Personas. USENIX Workshop on Hot Topics in Security (HotSec), August 2007.
PDF | Slides

Abstract:

Cryptographic security mechanisms often assume that keys or certificates are strongly tied to a party's identity. This requirement can in practice impose a high bar on making effective use of the cryptographic protections, because securing the coupling between credentials and actual identity can prove to be an arduous process. We frame a more relaxed form of identity, termed opportunistic personas, that works by (i) generating cryptographic credentials on an as-needed basis, (ii) associating credentials not with a user per se but instead as a link to past behavior by the same actor, as a means to inform future interactions, and (iii) managing these credentials implicitly in an opportunistic fashion. Using three real-world examples, we illustrate the benefits this unorthodox approach to identity management can yield.

BibTeX:

@inproceedings{AKP+07,
    author    =        "Mark Allman and Christian Kreibich and Vern Paxson and Robin Sommer and Nicholas Weaver",
    title     =        "{The Strengths of Weaker Identities: Opportunistic Personas}",
    booktitle =        "USENIX Workshop on Hot Topics in Security (HotSec)",
    year      =        2007,
    mont      =        aug,
}