Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
An Holistic Approach to Privacy-Enhancements
Developing a holistic privacy framework for RFID is an ambitious task as emphasised in Section . One has to mind the overall system as well as the three main components: RFID tag, RFID reader and backend system. For each of them one has to develop security solutions for the different protection goals like confidentiality, integrity, availability etc. This has to be done with a clear specification of the attacker model a certain mechanism offers protection against. However, technical solutions alone are not sufficient. No matter how good a technical solution is, it will not be implemented unless the solution socially and ethically acceptable, legally compliant and trustworthy.
In this chapter we will discuss legal, social, technical and ethical aspects that influence the design and deployment of privacy-enhancing RFID systems and give an overview of proposed legal, technical and ethical solutions or efforts towards them. The text flow in this chapter does not follow the strict division used in chapter . This is an intentional choice we made in order to try to follow a more holistic approach. In essence, we have taken a development approach, where the first part gives guidelines and discussions to be used in deciding what the European legal Privacy Framework and society require from the system and the system owner. The latter parts provide then suggested technical and non-technical solutions and guidelines to some of the requirements and also hint on how a first simple evaluation of the privacy friendliness of a proposed design could be made.
In a little more detail, the chapter is divided as follows: Section discusses factors that influence technology acceptance of ambient environments and highlight the importance of self control. Section defines the cases, in which there are legal obligations according to the European legal privacy framework, as the data that are processed classify as personal data. In Section summarises the most essential legal privacy requirements that RFID applications have to fulfil. It therefore provides a summary of legal privacy principles for system design that should be used as guidelines when designing new RFID systems. Ethical considerations, principles for designing codes of conduct and public awareness issues in regard to RFID applications are discussed in section . In section , technical approaches to privacy friendliness are discussed and an overview on current technical solutions is presented. Section presents a check list based on the discussions in this chapter that could be used to evaluate the privacy friendliness of different RFID systems or to find privacy shortcomings in the design of the systems. Section presents an overview of Ambient Law which is as work in progress listed at the end of this section and once more highlights the need for transparency. Finally, section concludes this chapter and summarises its main results.
26 / 38 |