Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.3: Study on Mobile Identity Management
 |
Study on Mobile Identity Management SCENARIO – UBIQUITOUS COMPUTING |
 |
Scenario – Ubiquitous Computing
So far, discussion has been limited to mobile technologies that are currently in circulation, in essence where issues of security and privacy within the identity context are already of paramount importance. In order to fully explore the importance of mobile identity management in this section we shall extrapolate existing technologies and consider a further scenario in which emerging technologies are prevalent.
Ambient Intelligence environments
The emergence of both the Internet and wireless network technology and with them the possibilities of distributed computing (i.e. using several computing devices that are not necessarily located in the same geographic location, for a specific task) has had a profound effect on our way of life. Building on these advancements, Ubiquitous Computing (Weiser, 1991) is the next wave of technology, a paradigm shift from our current relationship with technology, whereby many thousands of wireless computing devices are distributed in the environment in everyday objects around us.
Ubiquitous Communication will allow robust, ad hoc networks to be formed by this broad range of mobile and static devices, forming a ubiquitous system of large-scale distributed networks of interconnected computing devices. By adding intelligent user interfaces and integrating sensing devices, it is possible to identify and model user’s activities, preferences and behaviours, forming individualised profiles. These key aspects are all required to achieve the idealised Ambient Intelligence (AmI) Environment (figure 2-6), a concept which has been formalised by the European ISTAG.
Figure 2‑6: The key components of the AmI scenario
The aim of the AmI environment is to provide a context aware system, using unobtrusive computing devices, that will improve the quality of people’s lives by acknowledging their needs, requirements and preferences and thus acting in some way on their behalf. To achieve this, the ‘intelligent’ environment needs to build up a profile of each individual and be able to subsequently link that profile with the correct individual. In essence, the environment has become the interface to the distributed and invisible AmI. In a world where computing is truly ubiquitous, the environment will monitor direct interaction of people with objects. Profiles will seamlessly follow the individual with whom they are linked.
The main concern from the technological viewpoint with this future scenario is the very real problem of power. There needs to be a method by which embedded computing devices are powered when required, but without the user ever needing to know that they are there. A proposed solution to this is the use of Radio Frequency IDentifiers (RFID) which are powered wirelessly and externally by the device which attempts to read it. The first clear step towards the Ubiquitous Computing scenario is the use of RFID tags in supermarket product packaging. RFID tags are unique identifiers which allow an individual item (not just type of product) to be wirelessly detected. In this way they are more useful to the supermarket than product barcodes, since the tags cannot only identify the product (and thus the price at the till), but which batch it actually came from and other data regarding its history that may have been logged. Ultimately, the aim is to tag every item sold, including food, clothes, electronic goods and medicine (FDA, 2004); with an Internet database that holds a record of every item. Current trial applications have gone one step further with the tagging of people for tracking purposes. In 1998, research at the University of Reading, UK enabled the Cybernetics building to track and build personal profiles of people with surgically implanted RFID tags, one of the earliest AmI environment applications.
Required mechanisms for Mobile Identity Management Systems
Given this potential scenario, in this context, it is useful to access the potential requirements of mobile identity management systems. Consider the scene in figure 2-7:
Figure 2-7: Possible future AmI space (Beslay et. al, 2005)
In this scene at a coffee bar, individuals are identified by means of either their PDA devices, or by implanted RFID tags. Personal profiles are mobile, such that people from outside of the local area can still have the same level of personalised service. When the individual enters the bar, they are identified and a personalised menu displayed to them.
This highlights some specific areas; firstly system architectures are needed to support portable wireless devices connected to and forming ad hoc fixed or wide area networks with distributed intelligence. However, from the mechanisms listed in section 2.1, the following are important for this scenario:
Function Identity-Administration
Communication-independent handling and representation of identities: Possibility to choose between different profiles if not correctly assigned by the AmI
Function Control
Rule-Handling performed by pre-editing the profile if inadequately assigned by the AmI
Privacy
The user must have ultimate control over which information is disclosed and to whom and the information utilised only by authorised devices. Notably, RFID tags have no method by which their access can be controlled and are thus potentially privacy violating
Security
The AmI environment must provide efficient and reliable mechanisms to ensure data protection during both transfer and storage
Interoperability and Gateway
The Identity information (i.e. personal profile) needs to be portable and understandable by any device, thus the first area of concern is that of seamless interoperability
| |
   |
|
| 10 / 36 |
