TaxIdMA: Towards a Taxonomy for Attacks related to Identities

TL;DR

This paper introduces TaxIdMA, a comprehensive taxonomy framework for classifying and understanding attacks targeting digital identities across various identity management systems, aiding in systematic security analysis.

Contribution

The paper presents a novel, extensible taxonomy framework for categorizing identity-related attacks, validated with real-world attack cases to demonstrate its effectiveness.

Findings

Successfully classifies eight real-world attacks

Demonstrates the taxonomy's capability to describe diverse attack vectors

Provides a structured overview for security analysis in identity management

Abstract

Identity management refers to the technology and policies for the identification, authentication, and authorization of users in computer networks. Identity management is therefore fundamental to today's IT ecosystem. At the same time, identity management systems, where digital identities are managed, pose an attractive target for attacks. With the heterogeneity of identity management systems, every type (i.e., models, protocols, implementations) has different requirements, typical problems, and hence attack vectors. In order to provide a systematic and categorized overview, the framework Taxonomy for Identity Management Attacks (TaxIdMA) for attacks related to identities is proposed. The purpose of this framework is to classify existing attacks associated with system identities, identity management systems, and end-user identities as well as the background using an extensible structure from a scientific perspective. The taxonomy is then evaluated with eight real-world attacks resp. vulnerabilities. This analysis shows the capability of the proposed taxonomy framework TaxIdMA in describing and categorizing these attacks.