You are here: Resources > FIDIS Deliverables > HighTechID > D3.3: Study on Mobile Identity Management > 

D3.3: Study on Mobile Identity Management

Introduction  Study on Mobile Identity Management
 The Need for Mobile Identity Management


Structure and Content

This study is divided into three parts: 

  1. Part 1: The need for mobile identity management 

  2. Part 2: Exemplary security systems for mobile identity management 

  3. Part 3: Conclusion and outlook 

The objective of the first part, which consists of chapters two, three and four, is to illustrate the need for mobile identity management by identifying the requirements for mobile identity management systems. These requirements are derived from interests of mobile users and service providers, focusing in particular on security for all participants and privacy for mobile users. Exemplary scenarios describe the need of mobile user’s identity and requirements for mobile identity management systems. Various mobile devices, such as mobile phones, smart cards and RFIDs as well as service architectures, such as Web Services, are considered. Ten mechanisms meeting the requirements for identity management systems are introduced and commented on with respect to mobile identity and mobile identity management systems. The first scenario on the use of a mobile identity management system using different profiles in different contexts shows the relevancy of those mechanisms especially related to mobility. In the context of mobile phones, the use of mobile identity for authorisation in GSM networks is illustrated together with a revenue model in which mobile users negotiate with service providers the sponsorship of their data transmission costs versus the disclosure of some attributes of their identity. The following scenario illustrates the conjunction of mobile user’s identity in a GSM / UMTS network for authentication and billing purposes with Web Services. Potential privacy issues and possible solutions are outlined. As part of a mobile identity, the usage of RFID tags to bridge the gap between the physical and digital world and the link with the identity of a mobile user with its consequences for his privacy are outlined in the next contribution. The risk of identity theft by an intruder between this link, is topic of the next two contributions. Various mechanisms for linking a digital identity with a person authentication purposes such as single sign-on are discussed. Requirements for mobile identity management systems are derived.

Chapter three considers privacy threats for mobile users in detail. An attacker model for mobile users identifies the possibilities for an attacker to trace and identify a mobile user. Privacy threats for mobile users in ad hoc networks are described by scenarios and by using services for personalising the user interface of a mobile device in WAP based systems

Usability of an identity management system is important for its acceptance by its users, since security is not a user’s primary objective. Therefore, chapter four describes the relationship between usability and security and presents user interface mock-ups for identity management systems. 

The second part of this study aims at approaches for realising these requirements for mobile identity management systems. Chapter five considers anonymity systems as a basis for mobile identity management systems. Two anonymity mechanisms for mobile users are presented: location addressing and mCrowds. Location addressing empowers a mobile user to be anonymous, if his device does not have enough resources for using cryptographic algorithms or if no anonymity infrastructure is available. mCrowds establish an anonymity infrastructure without central servers for mobile users in order to minimise the dissemination of personal information on the mobile Internet. A comparison of anonymity mechanisms for ad hoc networks examines if current proposals and mechanisms for peer-to-peer anonymous communication protocols are suitable for ad hoc networks. Since a lot of anonymity services need an infrastructure, an approach for an anonymous incentive mechanism in order to establish an infrastructure in an ad hoc network is proposed.

A user is able to protect his identity by using partial identities towards his communication partners. As an example for a mobile identity manager, the research prototype iManager is described. An example illustrates the use of partial identities in order to protect the user’s privacy. In order to link a digital identity with a person, a smart card system called AXS ID-Card is later described.

The third part, in chapter six, concludes the outcome of this study and provides an outlook to further research on mobile identity management. A glossary explains the fundamental terms and acronyms which are used in this study. The principal concepts and terms of identity management are explained in the “inventory of topics and clusters” (D 2.1).


Introduction  fidis-wp3-del3.3.study_on_mobile_identity_management.final_04.sxw  The Need for Mobile Identity Management
3 / 36