Presentation is loading. Please wait.

Presentation is loading. Please wait.

Anonymous, Liberal, User-Centric Electronic Identity – New Systematic Design of e-ID Infrastructure Libor Neumann ANECT a.s. www.oasis-open.org.

Published byLee Kelley Modified over 8 years ago

Similar presentations

Presentation on theme: "Anonymous, Liberal, User-Centric Electronic Identity – New Systematic Design of e-ID Infrastructure Libor Neumann ANECT a.s. www.oasis-open.org."— Presentation transcript:

1 Anonymous, Liberal, User-Centric Electronic Identity – New Systematic Design of e-ID Infrastructure Libor Neumann ANECT a.s. www.oasis-open.org

2 Motivation n Big ideas, current needs l Single European Information Space l Pan-European e-gov services l E-Government 2.0 n Current challenges l Lack of interoperability l Underestimated privacy threats l Unaccepted complexity by the end-user l Lack of personification n E-ID (authentication) is key enabler

3 New e-ID design n Searching of e-ID solution n Systematic analysis n Design from scratch l System design methodology was used l New way of thinking about e-ID l New principles, new methods n ALUCID ® - Anonymous, Liberal, and User-Centric electronic IDentity

4 Anonymous identity n Anonymous identity – Nonsense? n Real life examples of anonymous identity l Dog and its master l Mother and her baby l Program variable in virtual memory n ALUCID ® separates distinguishing between subjects from naming of subjects (claims) l Identifiers and credentials are very large random (or pseudorandom) numbers with limited validity in time. l Names (claims) can be protected application data

5 Open Standard Interfaces

6 Missing entities n No login names, no passwords. No forgotten password, no phished password, … n No user certificate. No recertification, no extra charges, no names on the network,… n No identity provider. No user communication with an identity provider, no personal information managed by third party, … n No government-issued identity. No “numbering” of citizens, no misuse of state- issued identifiers,… n No biometric data without access control. No cloned biometric data from e-ID use, no remote verification of biometric data origin,...

7 End-user n Extremely simple use – have a PEIG ® (Personal Electronic Identity Gadget) and activate/deactivate it. n User freedoms: l Selecting a product, producer, form, size, features,… l Selecting an activation method l No obligation to use that PEIG l Possibility to use more than one PEIG l Possibility to change his/her mind in future n Direct access to personified services n Service provider takes care of his/her security n Virtually private Internet (“My Internet”) n Universal use of PEIG

8 End-user point of view

9 End-User scenario n The user scenario should be: l The user selects a PEIG ®. It is sold empty. l The user teaches his or her PEIG to recognize him or her when activated. l The user connects the first time to the service provider and uses the activated PEIG. l The user can (but need not) give his or her personal data to the service provider l The user will be able to open his or her personified service directly if he or she activates his or her PEIG. l The same procedure can be used with any other service provider supporting ALUCID ®.

10 Prototype demo

11 Thank you for your attention n Libor.Neumann@anect.com

Download ppt "Anonymous, Liberal, User-Centric Electronic Identity – New Systematic Design of e-ID Infrastructure Libor Neumann ANECT a.s. www.oasis-open.org."

Similar presentations

Location Based Services and Privacy Issues

Location Based Services and Privacy Issues
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.

The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.
Frank Stajano Presented by Patrick Davis 1.  Ubiquitous Computing ◦ Exact concept inception date is unknown ◦ Basically background computing in life.

Frank Stajano Presented by Patrick Davis 1.  Ubiquitous Computing ◦ Exact concept inception date is unknown ◦ Basically background computing in life.
The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.

The Italian Academic Community’s Electronic Voting System Pierluigi Bonetti Lisbon, May 2000.
ETen E-Poll ID – Strasbourg COE meeting 23-24 November, 2006 Slide 1 E-TEN 29332 E-POLL Project Electronic Polling System for Remote Operation Strasbourg.

ETen E-Poll ID – Strasbourg COE meeting November, 2006 Slide 1 E-TEN E-POLL Project Electronic Polling System for Remote Operation Strasbourg.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.
Anonymous, Liberal and User-Centric Electronic Identity Supports Citizen Privacy Protection in e-Government OASIS eGov Workshop - 1 May 2008 Libor Neumann.

Anonymous, Liberal and User-Centric Electronic Identity Supports Citizen Privacy Protection in e-Government OASIS eGov Workshop - 1 May 2008 Libor Neumann.
1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.

1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.
All rights reserved © 2005, Alcatel Risk Awareness in Enterprise IT Processes and Networks  Dr. Stephan Rupp.

All rights reserved © 2005, Alcatel Risk Awareness in Enterprise IT Processes and Networks  Dr. Stephan Rupp.
SMUCSE 5349/7349 Public-Key Infrastructure (PKI).

SMUCSE 5349/7349 Public-Key Infrastructure (PKI).
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Federated Authentication mechanism for mobile services Dasun Weerasinghe, Saritha Arunkumar, M Rajarajan, Veselin Rakocevic Mobile Networks Research Group.

Federated Authentication mechanism for mobile services Dasun Weerasinghe, Saritha Arunkumar, M Rajarajan, Veselin Rakocevic Mobile Networks Research Group.
BioSec Biometrics & Security IST-2002-001766 © 2005 BIOSEC Consortium 1February 2005 BioSec Biometrics & Security Orestes SanchezBioSec Coordinator Telefónica.

BioSec Biometrics & Security IST © 2005 BIOSEC Consortium 1February 2005 BioSec Biometrics & Security Orestes SanchezBioSec Coordinator Telefónica.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
IPhone Security: Understanding the KeyChain Nicholis Bufmack and Ryan Thomas CS 691 Summer 2009.

IPhone Security: Understanding the KeyChain Nicholis Bufmack and Ryan Thomas CS 691 Summer 2009.

Similar presentations

Ads by Google