Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.1: Overview on IMS
Structuring Identity Management Systems from the Product View
As an example some IMS identified in [ICP03] are categorised according to the proposed structure. The list of systems from the study was updated; a number of products had to be deleted and several ones were added. This list is by no means comprehensive, but gives an impression of the diversity of IMS.
Class 1 IMS
Subclass | Product | Comment |
|
|
|
Standards | Liberty Alliance | See Chapter 5.1 in this document |
| SOAP | See Chapter 5.2 in this document |
| OASIS XDI/XRI | XML-based description for identity information |
| OpenPrivacy | Distributed user profiles |
| vCard | IETF-specified MIME type for business cards |
| HR-XML | XML schemata for transfer of human resources information |
Applications: Cookie Management | CookieCooker | HTTP cookie manager, interacts with JAP |
| CookiePal | HTTP cookie manager |
| HTTP proxy with cookie management features | |
| Mozilla Cookie Manager | Integrated browser feature for cookie management |
Applications: Social Networking | Orkut | Web-based social networking |
| FOAF | XML/RDF crossreferences |
| Friendster | Web-based social networking |
| OpenBC | Web-based social networking for business contacts |
| LOAF | Additional e-mail header to find intersections of e-mail addresses books |
Applications: Partial Identity Management | iManager | See Chapter 5.4 in this document |
| Light-weight Digital Identity | Personal data are managed by a CGI script which checks authorisation |
| Sxip | Partially distributed identity management system |
| DRIM | Privacy enhancing identity management |
Applications: Password Management | Roboform | Password manager and form filler |
| Norton Password Manager | Password manager and form filler |
Technologies: Single Sign-On | CA eTrust | Corporate access management |
| MS Passport | Global Centralised SSO |
| Kerberos | Centralised SSO |
| AssureAccess | SSO for HTTP and Java 2 Platform |
| ClearTrust Federated Identity Manager | SOAP/SAML based SSO
|
| RSA Nexus | Status (availability, prototype etc.) unknown |
| SecureAccess | Enterprise SSO solution |
| PingID | SAML-based |
| Shibboleth | Web single sign-on using XMLSig and SAML |
| Oracle COREid | Part of the Oracle Identity Manager for SSO and web access control |
| CIDAS | Central authentication and authorisation solution offering SSO, management of different levels of authentication and anonymous authentication |
Technologies: Infrastructure, Third Party Services | X.509 CAs | hundreds of independent roots of namespaces |
| X.509 Standard | Standard for public key certificates in X.500 directories |
| KeyNote Standard | Allows delegation of authorisation to other keys |
| SDSI/SPKI Standard | Defines local namespaces which can be chained by public key crypto |
| spamex | Forwards e-mail, hides receiver |
| Anonymising remailer | |
| Anonymising remailer with advanced features | |
| spamgourmet | Forwards e-mail for a user-supplied number of e-mails, hides receiver |
| the identity network | Provides services for federation of identities |
Technologies: Physical Delivery Intermediaries | None |
|
Technologies: Payment Intermediaries | eGold | Not a bank, payment in gold certificates |
| paypal | Money transfers between e-mail addresses |
Table : Class 1 IMS
Class 2 IMS
Subclass | Product | Comment | |
Communication Management / Workgrouping | E-mail encryption software | ||
| Ciphire | E-mail encryption software with e-mail addresses as only ids | |
| Encryption tool and library, implements S/MIME | ||
| Hushmail | Webmail provider with encryption | |
| Cryptomail | Webmail provider with encryption, Open Source | |
Shop Systems / Auction Systems / Reputation Systems | ebay | Online auction, lists reputation of buyer and seller | |
| advogato | Community website, articles are scored by the reputation of the author. | |
| Aura | Open Source library for reputation handling | |
| Slashcode | Community reviewed webpages, e.g., slashdot.org, uses reputation | |
Online Games | The Sims online | Online game | |
| There | Meeting place for avatars |
Table : Class 2 IMS
Class 3 IMS
Subclass | Product | Comment |
Browsers: | Password/cookie manager and form filler included | |
| Dto. | |
| Dto. | |
Chat clients | Supports multiple nicks and optional encryption | |
| Supports multiple nicks |
Table : Class 3 IMS
10 / 31 |