Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy-Enhancing Identity Management – An Overview – Marit Hansen Independent Centre for Privacy Protection Schleswig-Holstein,

Published byMorgan Morrison Modified over 8 years ago

Similar presentations

Presentation on theme: "Privacy-Enhancing Identity Management – An Overview – Marit Hansen Independent Centre for Privacy Protection Schleswig-Holstein,"— Presentation transcript:

1 Privacy-Enhancing Identity Management – An Overview – Marit Hansen marit.hansen@datenschutzzentrum.de Independent Centre for Privacy Protection Schleswig-Holstein, Germany Dresden – March 30, 2004

2 Privacy-Enhancing Identity Management – An Overview2 Overview Introduction:  Terminology Privacy-Enhancing Identity Management Systems:  Motivation, Principles, Methods – Core Concept: Pseudonyms – Third Party Services Status of Identity Management Systems:  Types, Examples, Findings Conclusion

3 Privacy-Enhancing Identity Management – An Overview3 Partial Identities of Alice Identities Management

4 Individual Identity vs. Organisation Identity Definition of Terms wrt “Identity” Physical Identity vs. Digital Identity vs. Virtual Identity

5 Definition of Identity Management in PRIME Identity Management is managing of own partial identities according to specific situations and contexts: a) choice and development of partial identities b) role making and role taking

6 IMA + Infrastructure = IMS IMA = Identity Management Application IMS = Identity Management System IMS

7 Privacy-Enhancing Identity Management – An Overview7 Overview Introduction:  Terminology Privacy-Enhancing Identity Management Systems:  Motivation, Principles, Methods – Core Concept: Pseudonyms – Third Party Services Status of Identity Management Systems:  Types, Examples, Findings Conclusion

8 Privacy-Enhancing Identity Management – An Overview8 Privacy-Enhancing Identity Management: Motivation Solves two major problems in the Internet: –Lack of anonymity –Lack of authenticity Main aim: –Enforcing right to informational self-determination –i.e. the user can control the flow of his/her personal data... –... or at least is aware of it Right to informational self-determination: to know what other parties know about oneself

9 Privacy-Enhancing Identity Management – An Overview9 Privacy-Enhancing Identity Management: Principles & Methods Principles for Privacy-Enhancing Technologies (PET) –Data minimisation –Transparency –System integration: built-in privacy protection / privacy by design –User empowering: do-it-yourself privacy protection –Multilateral security: minimal trust required Methods: –Tailored (un-)linkability (pseudonyms, convertible credentials) –Default setting: as much anonymity as possible or as desired –History and context interpretation –Privacy support for the user: Good usability for choice of pseudonyms Privacy control functionality for access, correction, deletion, objection...

10 Privacy-Enhancing Identity Management – An Overview10 Pseudonym Domains (PD): “Unlinkage” of Partial Identities Task of IMS: Providing linkage for authorised parties while preventing unauthorised linkability

11 Privacy-Enhancing Identity Management – An Overview11 Scenario “E-Commerce”

12 Privacy-Enhancing Identity Management – An Overview12 Scenario “Multi-Purpose Identity Management Controlled by the User” Core element: pseudonyms

13 Pseudonym = identifier [technical point of view] Pseudonymity does not say anything about the degree of anonymity (= “who is able to reveal its holder”); it covers the whole range between unique identification and anonymity: Various Properties of Pseudonyms Better: Identification

14 Linkability through Re-Use of Pseudonyms Privacy-oriented default setting in an IMA: –for one-time use: transaction pseudonym –for establishing a relationship: role-relationship pseudonym Requirement: User-controlled (re-) use of pseudonyms

15 Privacy-Enhancing Identity Management – An Overview15 Overview Introduction:  Terminology Privacy-Enhancing Identity Management Systems:  Motivation, Principles, Methods – Core Concept: Pseudonyms – Third Party Services Status of Identity Management Systems:  Types, Examples, Findings Conclusion

16 Privacy-Enhancing Identity Management – An Overview16 Identity Management and Third Party Support 1/2 Infrastructure security and resilience Certification services: –Possibly supporting various degrees of data minimisation, e.g., by allowing pseudonymous but accountable authentication (incl. convertible credentials). Mediator services, e.g.: –Identity brokers reveal the identity of a pseudonym holder under specific circumstances. –Liability services clear a debt or settle a claim on behalf of the pseudonym holder. –A value broker may perform the exchange of goods without revealing additional personal data.

17 Privacy-Enhancing Identity Management – An Overview17 Identity Management and Third Party Support 2/2 Separation of knowledge: –E.g., unlinkability of the “who (buys)” and the “what (is bought)” in a partially on-line purchase may be achieved by applying separation of knowledge between payment and delivery services. Reference information: –A privacy information service can give input on privacy information data such as security and privacy risks with respect to the IMA deployed, which may influence the behaviour of the system. –The privacy information service could also be offered in a peer-to-peer manner.

18 Privacy-Enhancing Identity Management – An Overview18 Overview Introduction:  Terminology Privacy-Enhancing Identity Management Systems:  Motivation, Principles, Methods – Core Concept: Pseudonyms – Third Party Services Status of Identity Management Systems:  Types, Examples, Findings Conclusion

19 Privacy-Enhancing Identity Management – An Overview19 –For authentication: password and account management single sign-on digital signatures combined with authorisations / credentials –Additionally reachability management –Different pseudonyms –Different sets of personal data bound to pseudonyms, incl. form filling –Additionally reputation management Types of Today’s IMS Access Management Pseudonym Management

20 Example: Federated Identities in Liberty Alliance  Question of Trust Centralised vs. Federated Identity Centralised Identity: Single IMS provider +Easier to maintain +Less effort in user support +Cheaper –Concentrate personal data of people (content and data trails) –Put big responsibilities on the providers –Are attractive targets for attackers –May act as convenient data bases of other interested parties Federated Identity a) User-side identity administration b) Multiple IMS providers +User can be in control (a) +No concentration of personal data (b) +IM solution for SME (a,b) ±Put bigger responsibilities on the user (a) –More effort in user support (a) –Standardisation of protocols/interfaces necessary (b)

21 Privacy-Enhancing Identity Management – An Overview21 Findings of Study “Identity Management Systems (IMS): Identification and Comparison” (JRC Seville) Approx. 100 IMA identified Detailed evaluation for 7 IMA: –Single Sign-On: Microsoft Passport Liberty Alliance (in spec. process, > 150 companies involved) Yodlee –Form Filler: Mozilla Navigator DigitalMe CookieCooker –E-Mail Client: Outlook Express Usage: Big user numbers only when integrated such as Microsoft Passport (200 million accounts, 3.5 billion authentications per month, 91 websites supported)

22 Privacy-Enhancing Identity Management – An Overview22 Findings of IMS Evaluation in IMS Study State-of-the-Art of IMS: –Main goal: usefulness –Deficiencies concerning privacy and security functionality, and if realised: usability problems –Digital evidence is not addressed (lack of liability / no non- repudiation), no support for law enforcement –Identity theft is not prevented –Little functionality, limited purposes –No general solutions, no standards –Trustworthy computer systems and infrastructure are still missing  no trustworthy and secure IMS possible –Business models: Service and software mostly free for users Today’s IMS: Playground for users & service providers

23 Privacy-Enhancing Identity Management – An Overview23 Overview Introduction:  Terminology Privacy-Enhancing Identity Management Systems:  Motivation, Principles, Methods – Core Concept: Pseudonyms – Third Party Services Status of Identity Management Systems:  Types, Examples, Findings Conclusion

24 Privacy-Enhancing Identity Management – An Overview24 Conclusion Privacy-Enhancing Identity Management: Providing linkage for authorised parties (esp. the user) while preventing unauthorised linkability Importance of user’s sovereignty Today’s approaches: not sufficient or even privacy invasive Building blocks for Privacy-Enhancing IMS are readily available  PRIME will demonstrate solutions for Privacy-Enhancing IMS with a focus on usability

25 Privacy-Enhancing Identity Management – An Overview25 Thank you for your attention! Questions?

Download ppt "Privacy-Enhancing Identity Management – An Overview – Marit Hansen Independent Centre for Privacy Protection Schleswig-Holstein,"

Similar presentations

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI 2010. All rights reserved.

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI All rights reserved.
MyGrid Security Issues Simon Miles University of Southampton.

MyGrid Security Issues Simon Miles University of Southampton.
© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.

© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.
Internal Control–Integrated Framework

Internal Control–Integrated Framework
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Privacy and Trust Frameworks/Systems Presented by Zalia Shams Usable Security –

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Privacy and Trust Frameworks/Systems Presented by Zalia Shams Usable Security –
G53SEC 1 Foundations of Computer Security. G53SEC Overview of Today’s Lecture: Definitions Fundamental Dilemma Data vs. Information Principles of Computer.

G53SEC 1 Foundations of Computer Security. G53SEC Overview of Today’s Lecture: Definitions Fundamental Dilemma Data vs. Information Principles of Computer.
Selected bits and pieces from ongoing discussions on privacy Input to WG 3 Dagstuhl, February 8, 2011 Marit Hansen

Selected bits and pieces from ongoing discussions on privacy Input to WG 3 Dagstuhl, February 8, 2011 Marit Hansen
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
Digital Identities for Networks and Convergence Joao Girao, Amardeo Sarma.

Digital Identities for Networks and Convergence Joao Girao, Amardeo Sarma.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Www.mobilevce.com © 2004 Mobile VCE June 2004 Security – Requirements and approaches to securing future mobile services Malcolm K Payne BT.

© 2004 Mobile VCE June 2004 Security – Requirements and approaches to securing future mobile services Malcolm K Payne BT.
Network Identity Kai Kang 27 th October 2004. Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.

Network Identity Kai Kang 27 th October Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.
On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.

On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.
Understanding Active Directory

Understanding Active Directory
FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.

FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.

Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
Cloud Usability Framework

Cloud Usability Framework

Similar presentations

Ads by Google