Date post: | 05-Jan-2016 |
Category: |
Documents |
Upload: | trevor-joseph |
View: | 212 times |
Download: | 0 times |
FIDIS & PRIMEFIDIS & PRIME
Project ViewsProject Views
SecurIST Inaugural WorkshopSecurIST Inaugural WorkshopBrussels, 2005-01-18Brussels, 2005-01-18Kai RannenbergGoethe University Frankfurtwww.fidis.net
2
FIDIS Future of Identity in the Information
Society (www.fidis.net)
PRIME Privacy and Identity Management for
Europe (www.prime-project.eu.org)
3
Identity ManagementIdentity Managementin the Information Societyin the Information Society IT puts more HighTech on ID cards
Biometrics to bind them closer to a human being Chips to add services (such as a PKI)
Profiles may make the „traditional“ ID concept obsolete People are represented not by numbers or ID keys any more
but by data sets. Identities become “a fuzzy thing”.
New IDs and ID management systems are coming up Mobile communication (GSM) has introduced a globally
interoperable „ID token“: the Subscriber Identity Module eBay lets people trade using Pseudonyms.
Europe (the EU) consider joint IDs and ID management systems
European countries have different traditions on identity card use.
Compatibility of ID systems is not trivial. …
4
Joint Research Joint Research Topics/ActivitiesTopics/Activities
„Identity of Identity“ State of things, taxonomy
Profiling Interoperability of IDs and ID
management systems Forensic Implications De-Identification The HighTechID Mobility and Identity
5
Database IMSDatabase IMS
App
licat
ion
Mai
n Fu
nctio
nalit
y
Type
of I
D
Use
fuln
ess
Eas
e of
Use
Mal
func
tion
Und
erst
andi
ng
Sec
urity
Priv
acy
Dig
ital E
vide
nce
Trus
twor
thin
ess
Cos
t for
Use
rB
usin
ess
Mod
el
Microsoft Passport SSO centralised 4 4 2 1.5 1.5 0 1 0 Paid by partner sitesLiberty Alliance SSO federated 4 2+X X 1.5+X 1.5+X 0 2+X 0 Paid by partner sitesYodlee SSO centralised 4 3.5 4 3.5 2 0 1 0 Presentation / PromotionMozilla Navigator Form Filler federated (client) 4 4.5 4 2 3 0 3 0 Open SourceDigitalme Form Filler centralised 4 3.5 2 2.5 3 1 1 0 Presentation / PromotionCookieCooker Form Filler federated (client) 4.5 2 3 2 3.5 1 2 15 € Paid by userOutlook Express Mail Identities federated (client) 3.5 4.5 5 1.5 3 1 3 0 Part of MS Windows
6
First Results of IMS ComparisonFirst Results of IMS Comparison
Main goal: usefulness Deficiencies concerning privacy and security
functionality, and if realised: usability problems
Digital evidence is not addressed (lack of liability / no non-repudiation), no support for law enforcement
Identity theft is not prevented Little functionality, limited purposes No general solutions, no standards Trustworthy computer systems and infrastructure are
still missing no trustworthy and secure IMS possible Business models:
Service and software mostly free for users
Today’s IMS: Playground for users & service providers
www.prime-project.eu.org
Page 7
PRIME Vision
In the Information Society, users can act and interact in a safe and secure way while retaining control of their private sphere.
www.prime-project.eu.org
Page 8
PRIME Solution Approaches
• User focused identity management– Anonymous Credentials & Strong
Pseudonyms– Obligation Management– New trust concepts (Trusted
Computing, Assurance)– Attribute based access control– Support for Location Based
Services and other application scenarios
9
Challenges and potential for FP 7 1/2
User policy-driven (determined) and privacy friendly access control
• Users are put in a trade-off Privacy vs. Gimmicks
• … and make them “feel” the results of their actions quickly. Graceful integration
• Interoperability of heterogeneous systems• Standardisation within a developing field• Respect for separations of domains that had been
natural before A secure identity carrier beyond the chip card or
SIM: TPM phones or PDAs? Careful evaluation of biometric patterns and
mechanisms
10
Challenges and potential for FP 7 2/2
Security and Protection• in applications• along the value chain• considering the views of the
respective stakeholders (Multilateral Security)
Take care of the “If the data is used for providing the service, we want them too”-Paradigm/Challenge/