Mario Hoffmann (Dipl.-Inform.)
Head of Department “Secure mobile Systems“Fraunhofer Institute for Secure Information Technology
2nd European Identity ConferenceMünchen, 22.-25. Apr 2008
User-centric Identities in Ambient Environments – Just an Illusion?
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
Fraunhofer Gesellschaft = largest European Institution for Research & Development
ICT-Alliance = 17 (56) Fraunhofer Institutes focused on IT
Fraunhofer Institute SIT = Specialised on IT-Security and Data Protection
140 Staff, Budget 8.2 Mill. Euro
2/3 external funding
Germany: Darmstadt, Birlinghoven
Representative office in Tokio, Japan
Fraunhofer Institute forSecure Information Technology – SIT
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
Ambient Intelligence / Embedded Security
VoIP-Security
Biometrics and ID-Cards, PKI
Trusted Computing
RFID Security
Mobile security (B3G, Wimax, Bluetooth)
SOA Security and Web Services
Social Engineering (Phishing, etc.)
Major Research Topics
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
Studies risk analyses, evaluation of technologies and concepts
Tests/Certificates vulnarability analyses, technical pre-auditing
Development concepts, proofs-of-concepts, implementation/integration
Modelling security concepts, optimisation of infrastructures & solutions
Licensingproducts and security tools, customising, second level support
Trainingseminars, coaching, e-learning
Services
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
Motivation
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
Identity Management Roadmap
Identity 1.0 Identity 2.0 Future IdM
Applications
Technologies/Platforms
Today2008
- 5-10 Years + 5-10 Years
● Ambient Environments
● Context based privacy enhanced personalisation
● Future Internet
● (Semi)Autonomous UserSWAgents
● Interoperable IdMMiddleware
● Earmarked dynamic virtual identities
● Social&Business Platforms
● Location Based Services
● Single Sign On
● MSCardspace● Liberty Alliance 2.0● OpenID● Higgins● Sxip● etc.
● ECommerce● OnlineBanking● Game Platforms● Dating Platforms● Intranet
● Pseudonyms● Login/Password● Biometry● Smartcards● Profile Management
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
Rapidly Increasing Amount ofIndividual-related Information
Aggregationof digital
individual-relatedinformation
1990 2000 2010 2020
Pseudonyms& Passwords
Protocol tracks
PersonalisedServices & Web Sites
Location Based Services
Context sensitiveServices & Systems
Ambient IntelligenceUbiquitous Computing
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
User-centricityA question of the perspective
Iden
tity Managem
entControl
yourPrivacy
Intelligent
Environments
In-company
Databases
Personalised
Online-Services
Government &
Administration
Professional
Attackers
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
Examples
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
The 2007 International Privacy Ranking
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
The 2007 International Privacy Ranking
• Übersicht über weltweite Überwachungsgesellschaften
• Seit 1997 veröffentlicht die Londoner Datenschutz-Initiative Privacy International zum Jahreswechsel einen Bericht zum weltweiten Stand der Überwachung und des Datenschutzes
• Siehe auch– http://www.privacyinternational.org/– Spiegel-Online, „Datenschutz –
Deutschland im Abwärtstrend“, 02.01.2008
– Spiegel-Online, „Ausblick 2008 Invasion der Freiheitsfresser“, 28.01.2008
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
The 2007 International Privacy Ranking
• Bemängelt wurden von den Datenschutzwächtern für Deutschland …
– die Einführung biometrischer Daten in Reisedokumenten,
– die Zunahme visueller Überwachung,
– der immer häufigere Zugriff von Behörden auf Bürgerdaten,
– grenzüberschreitendes Tauschen von Daten von Bürgern,
– Telefon- und Kommunikationsüberwachung (hier hält Deutschland EU-weit eine Spitzenposition),
– Mängel beim betrieblichen Datenschutz,
– vor allem aber die Einführung der Vorratsdatenspeicherung
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
User-centric
Identity Management (??)
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
User-centric Identity Management
• Authorities & Administration– Biometrics, Life-long identification numbers, – Surveillance of both public as well as virtual places
• Companies– RBAC, CRM, – Human Ressources
• Personalised Services– Web 2.0– Location Based Services
• Ambient Environments– Context awareness– Behaviour recognition
• Professional Attackers– ID-Theft, Social Identification Numbers, – Accounts, Credit Card Numbers, etc.
Citizen
Employee
Customer
Individuum
Victim
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
User-centric Identity Management
• Authorities & Administration– Biometrics, Life-long identification numbers, – Surveillance of both public as well as virtual places
• Companies– RBAC, CRM, – Human Ressources
• Personalised Services– Web 2.0– Location Based Services
• Ambient Environments– Context awareness– Behaviour recognition
• Professional Attackers– ID-Theft, Social Identification Numbers, – Accounts, Credit Card Numbers, etc.
Citizen
Employee
Customer
Individuum
Victim
Protection of the user'sIntimate Domain &Privacy
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
(Research) Challenges forUser-centric Identity Management
• User Empowerment– User-controlled Identity Management – Informational Self-determination– Transparency
• Support Anonymity & Pseudonymity– Application level– Middleware– Access and Core Networks
• Privacy-enhanced Personalisation– Best Practice– Rise Awareness
• New Development Tools for Ambient Environments– Efficient and flexible Service Creation– Security & Privacy by Design
Citizen
Employee
Customer
Individuum
Victim
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
Summary
• Different perspectives allow different interpretations of the term “user-centric”
– The perspective of the user is decisive!
• Privacy protection needs support from politics and society
• Privacy enhancing technologies enable developers to design privacy preserving applications
• User-centric = Individual Responsibility
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
Further reading (in German)
• Rena Tangens (Hg.) , „Schwarzbuch Datenschutz. Ausgezeichnete Datenkraken der Big Brother Awards“, Edition Nautilus Verlag, 2006, ISBN 978-3894014940
• Marit Hansen, Sebastian Meißner (Hg.), „Verkettung digitaler Identitäten“, Unabhängige Landeszentrum für Datenschutz Schleswig-Holstein, 2007, https://www.datenschutzzentrum.de/projekte/verkettung/
• Peter Schaar, „Das Ende der Privatsphäre – Der Weg in die Überwachungsgesellschaft“, C.Bertelsmann Verlag, München, 2007, ISBN 978-3-570-00993-2
• Sandro Gaycken, Constanze Kurz (Hg.), „1984.exe – Gesellschaftliche, politische und juristische Aspekte moderner Überwachungstechnologien“, Transcript Verlag, Bielefeld, 2008, ISBN 3-89942-766-1
• „Die Datenschleuder, das wissenschaftliche Fachblatt für Datenreisende“, ein Organ des Chaos Computer Clubs, ISSN 0930-1054
“User-centric Identities in Ambient Environments“, Mario Hoffmann
2nd European Identity Conference, 22.-25. Apr 2008
Contact
Mario Hoffmann (Dipl.-Inform.)Head of Department “Secure mobile Systems“
Address Fraunhofer Institute forSecure Information TechnologyRheinstrasse 75
64295 Darmstadt Germany
Tel +49-(0)6151/869-60034Fax +49-(0)6151/869-224e-Mail [email protected]