You are here: Resources > FIDIS Deliverables > HighTechID > D3.3: Study on Mobile Identity Management > 

D3.3: Study on Mobile Identity Management

The Need for Mobile Identity Management  Study on Mobile Identity Management
 Scenario of the use of Mobile Identity Management Systems


Categorised Survey on traditional and privacy-enhancing Identity Management Mechanisms which are relevant for Mobile Identity Management

The following categories and mechanisms are derived, among others, in Identity Management Systems (IMS): Identification and Comparison Study1. The categorisation is a commented listing of categories of special importance and special requirements for Mobile Identity Management Systems.

  1. Functionality: Identity Administration 

    1. Communication-independent handling and representation of identities: Possibility to choose between different profiles / data schemes; Creating, updating, deleting identity and identity information 

    2. Pseudonyms with specific properties: Using pseudonyms for privacy enhancing by averting linkability 

    3. Credentials: Credentials are convertible certifications for authorisations which a user has obtained by use of a pseudonym. These credentials can be transferred to his other pseudonyms without being transferred to other users’ pseudonyms. Although an authorisation is bound to an individual and can be reliably used in many contexts, its use does not lead to data trails or unwanted disclosure of personal data. As long as the individual does not misuse the credential, anonymity is guaranteed. 

      1. Becoming increasingly important, as mobile devices are acting as interfaces for ambient computing and are substituting different cards (e.g. credit cards, health cards etc.) 

      2. Examples: proof of majority / driving licence 

    4. Identity recovery 


  1. Functionality: Notice 

    1. History Management: Possibility to log transaction for reconstructing and analysing data flow 

      1. Example: Illustrating what the communication partner knows from previous transactions 

    2. Context detection: which partial identity was used in which transactional context 


  1. Functionality: Control  

    1. Rule Handling 

      1. Special mobile devices e.g. RFIDs are designed to have no rule handling for the person carrying the device and are therefore discussed as potentially privacy violating. Rule handling becomes especially important when mobility together with location based data is involved. 

      2. Support user to choose the right profile / preferences etc. 

    2. Anonymity as base-rule for privacy enhancing 

      1. Essential on the lower layers to enable Identity Management 

      2. Anonymity is also seen as mechanism for security, especially confidentiality 


  1. Security (the following aspects of Security are taken from1 the IT-Baseline Protection Manual and the British Standards (ISO/EIC 17799))

    1. Confidentiality (e.g. anonymity, secrecy) 

      1. Techniques to enable anonymity have to be developed for the use of mobile devices and location based data used with location based services 

    2. Integrity (including non repudiation) 

    3. Availability 


  1. Privacy 

    1. Privacy control functionality (consent, objection, disclosure, correction, deletion and addition of privacy information) 

      1. Example: The privacy control functionality has to include location data give user the possibility to control the flow of location data himself

    2. Data minimisation: Storing and processing only data which is really necessary 

    3. Standards (e.g. P3P), seals (e.g. Datenschutz-Gütesiegel beim ULD SH) and penalties 


  1. Interoperability and Gateways 

    1. Compliance to existing standards 

      1. Standards are special for mobile devices 

    2. Interfaces 

      1. Interfaces are special for Mobile Devices 


  1. Trustworthiness 

    1. Segregation of power, separating knowledge, integrating independent parties 

    2. Using Open Source 

    3. Trusted seals of approval 


  1. Law Enforcement / Liability 

    1. Digital evidence 

      1. Example: Proof of transactions etc. 

    2. Digital signatures 

    3. Data retention 

      1. Comment: this is in contrary to privacy 


  1. Usability 

    1. Comfortable and informative user interfaces 

      1. Interfaces for mobile devices have to be developed for the special need of different displays etc. (touch screen, speech, etc.) 

    2. Training and education 

    3. Reduction of system’s complexity 

    4. Raising awareness 


  1. Affordability 

    1. Power of market: Create MIMS that are competitive and are able to reach a remarkable penetration of market  

    2. Using open source building blocks 

    3. Subsidies for development, use, operation, etc. 


As outstanding mechanisms for the handling or the representation of identities, the different types of pseudonyms and credentials play a particular role. By use of these mechanisms, the core concept of the “user-controlled, technology-based Identity Management” can be realised technologically also for Mobile Identity Management. 


The Need for Mobile Identity Management  fidis-wp3-del3.3.study_on_mobile_identity_management.final_04.sxw  Scenario of the use of Mobile Identity Management Systems
5 / 36