5 research outputs found
Contributions to the privacy provisioning for federated identity management platforms
Identity information, personal data and user’s profiles are key assets for organizations
and companies by becoming the use of identity management (IdM) infrastructures a prerequisite
for most companies, since IdM systems allow them to perform their business
transactions by sharing information and customizing services for several purposes in more
efficient and effective ways.
Due to the importance of the identity management paradigm, a lot of work has been done
so far resulting in a set of standards and specifications. According to them, under the
umbrella of the IdM paradigm a person’s digital identity can be shared, linked and reused
across different domains by allowing users simple session management, etc. In this way,
users’ information is widely collected and distributed to offer new added value services
and to enhance availability. Whereas these new services have a positive impact on users’
life, they also bring privacy problems.
To manage users’ personal data, while protecting their privacy, IdM systems are the ideal
target where to deploy privacy solutions, since they handle users’ attribute exchange.
Nevertheless, current IdM models and specifications do not sufficiently address comprehensive
privacy mechanisms or guidelines, which enable users to better control over the
use, divulging and revocation of their online identities. These are essential aspects, specially
in sensitive environments where incorrect and unsecured management of user’s data
may lead to attacks, privacy breaches, identity misuse or frauds.
Nowadays there are several approaches to IdM that have benefits and shortcomings, from
the privacy perspective.
In this thesis, the main goal is contributing to the privacy provisioning for federated
identity management platforms. And for this purpose, we propose a generic architecture
that extends current federation IdM systems. We have mainly focused our contributions
on health care environments, given their particularly sensitive nature. The two main
pillars of the proposed architecture, are the introduction of a selective privacy-enhanced
user profile management model and flexibility in revocation consent by incorporating an
event-based hybrid IdM approach, which enables to replace time constraints and explicit
revocation by activating and deactivating authorization rights according to events. The
combination of both models enables to deal with both online and offline scenarios, as well
as to empower the user role, by letting her to bring together identity information from
different sources.
Regarding user’s consent revocation, we propose an implicit revocation consent mechanism
based on events, that empowers a new concept, the sleepyhead credentials, which
is issued only once and would be used any time. Moreover, we integrate this concept
in IdM systems supporting a delegation protocol and we contribute with the definition
of mathematical model to determine event arrivals to the IdM system and how they are
managed to the corresponding entities, as well as its integration with the most widely
deployed specification, i.e., Security Assertion Markup Language (SAML).
In regard to user profile management, we define a privacy-awareness user profile management
model to provide efficient selective information disclosure. With this contribution a
service provider would be able to accesses the specific personal information without being
able to inspect any other details and keeping user control of her data by controlling
who can access. The structure that we consider for the user profile storage is based on
extensions of Merkle trees allowing for hash combining that would minimize the need of
individual verification of elements along a path. An algorithm for sorting the tree as we
envision frequently accessed attributes to be closer to the root (minimizing the access’
time) is also provided.
Formal validation of the above mentioned ideas has been carried out through simulations
and the development of prototypes. Besides, dissemination activities were performed in
projects, journals and conferences.Programa Oficial de Doctorado en IngenierĂa TelemáticaPresidente: MarĂa Celeste Campo Vázquez.- Secretario: MarĂa Francisca Hinarejos Campos.- Vocal: Ă“scar Esparza MartĂ
A framework for identity and privacy management on mobile devices
More and more online services require user identification. This increases time to fill out extensive
forms and results in large amounts of login and identification data to remember. At the same time
the number of users that need access to those service while roaming is equally increasing.
However, unfortunately many users are not aware that there is a high risk of loosing privacy when
disclosing information about oneself’s identity in an unregulated way. To counteract this and
to help users in managing and maintaining related identity data, so-called Identity Management
Systems have been developed. While available solutions are mainly built for fixed environments,
dependencies to central storages and processing units make them unsuitable for application into
mobile environments. Thus, a more flexible solution is necessary that supports roaming users with
privacy-sensitive handling of identification processes in online transactions.
On this background, the project goal was an extension of the Identity Management System concept
with mobility aspect. A framework for identity and privacy management on mobile devices, consisting
of a procedural method, privacy and security protocols and a user tool has been specified to
give users full control over their identity data in flexible and privacy-friendly ways. Thereby, the
method has been defined to describe the overall process sequence. The supporting protocols then
have been specified to provide ways for users and Service Providers to agree on applied data management
practices, enable automated disclosures of identity data and guarantee secure and anonymous
transmissions. Finally the tool has been defined to present an application to be installed on mobile
phones that integrates the method and the protocols into a user-centered system architecture.
Based on an engineering paradigm in combination with the first part of a six-step development
strategy, this project covers the background research, requirements and specifications and design
and development. This means that the final rollout of the proposed framework solution needs to
be handed over to programmers in a possible project continuation. Those are then responsible for
subsequent coding, testing and deployment.
After requirements and specifications had been derived, the framework has been successfully developed.
While the user tool is responsible for all procedures on the mobile phone, a particular network
infrastructure design allows secure transmissions by maintaining user anonymity. The solution is
developed and the deployment prepared to such detail that programmers can directly start coding
and testing.
As a conclusion, this project revealed several interesting and new aspects in the combined areas of
identity, privacy and mobility. The solution fully meets all defined functional and non-functional
requirements. As an application on mobile phones, the proposed framework allows privacy-sensitive
handling of identity data in online transactions. Together with mechanisms for data management
and maintenance before and after disclosure, it increases user flexibility, simplifies online identification
and decreases processing time
VeryIDX -A Digital Identity Management System for Pervasive Computing Environments
Abstract. The problem of identity theft, that is, the act of impersonating others identities by presenting stolen identifiers or proofs of identities, has been receiving increasing attention because of its high financial and social costs. In this paper we address such problem by proposing an approach to manage user identity attributes by assuring their privacy-preserving usage. The approach is based on the concept of privacy preserving multi-factor authentication achieved by a new cryptographic primitive which uses aggregate signatures on commitments that are then used for aggregate zero-knowledge proof of knowledge (ZKPK) protocols. We present the implementation of such approach on Nokia NFC cellular phones and report performance evaluation results
VeryIDX - A Digital Identity Management System for Pervasive Computing Environments
The problem of identity theft, that is, the act of impersonating others’ identities by presenting stolen identifiers or proofs of identities, has been receiving increasing attention because of its high financial and social costs. In this paper we address such problem by proposing an approach to manage user identity attributes by assuring their privacy-preserving usage. The approach is based on the concept of privacy preserving multi-factor authentication achieved by a new cryptographic primitive which uses aggregate signatures on commitments that are then used for aggregate zero-knowledge proof of knowledge (ZKPK) protocols. We present the implementation of such approach on Nokia NFC cellular phones and report performance evaluation results