You are here: Resources > FIDIS Deliverables > HighTechID > D3.3: Study on Mobile Identity Management > 

D3.3: Study on Mobile Identity Management

works  Study on Mobile Identity Management


Conclusion and Outlook


Mobile Identity Management is in its infancy. For example, GSM networks provide with the management of SIM identities a kind of mobile identity management, but they do not realise all requirements for mobile identity management as they are summarised in this study. Unlike the static identity already implemented in current mobile networks, dynamic aspects, like the user’s position or the temporal context, increasingly gain importance for new kinds of mobile applications. Some needs for mobile identity management have been presented by scenarios for authentication of mobile users and billing / payment purposes. Privacy and the protection against identity theft are important decision criteria for services which make use of a mobile identity. It has been shown that cryptographic protocols are not sufficient against identity theft and that tokens which stores biometric data of its user and has its own biometric sensor are actually best suited to link a physical with its digital identity. 

Two new privacy threats for mobile users in contrast to stationary users have been considered in this study. These threats for mobile users are their location information and their personal preferences for the configuration of their mobile device’s user interface. With the help of the Freiburg Privacy Diamond, anonymity mechanisms can be analysed, since it takes the mobility of a user with one mobile device into account. The discussion and comparison of anonymity mechanisms for ad hoc networks with MobileIP have shown that no current proposal for anonymity in ad hoc networks is suitable. One approach is to develop new anonymity mechanisms. Another approach is the use of an anonymous incentive mechanism in order to establish an infrastructure in an ad hoc network and therefore to enable the use of current anonymity mechanisms, e.g. mCrowds.

In addition to privacy, usability of mobile identity management systems is important for the success of mobile identity management, too. Usability influences the correctness of security mechanisms. Since being secure is not a primary goal of a user and user do not want to learn security mechanisms, mobile identity management has to be comprehensible for security laymen. This study has focussed on the design of mobile identity management systems. Vocabulary tests have shown that the privacy terminology is too technical to be readily intelligible for lay English users. In addition, new layouts for configuring the privacy preferences have to be developed, since the small display of mobile devices. 

But there exists approaches for mobile identity management. Besides the anonymity mechanisms Freiburg Location Addressing Scheme and mCrowds, the identity manager iManager empowers a mobile user with his mobile device to manage his identity and to protect his privacy by controlling the disclosure of his personal attributes. Linking a physical identity with its corresponding virtual identity is possible by the AXS ID-Card system.


works  fidis-wp3-del3.3.study_on_mobile_identity_management.final_04.sxw  Outlook
33 / 36