Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.3: Study on Mobile Identity Management
Categorised Survey on traditional and privacy-enhancing Identity Management Mechanisms which are relevant for Mobile Identity Management
The following categories and mechanisms are derived, among others, in Identity Management Systems (IMS): Identification and Comparison Study1. The categorisation is a commented listing of categories of special importance and special requirements for Mobile Identity Management Systems.
Functionality: Identity Administration
Communication-independent handling and representation of identities: Possibility to choose between different profiles / data schemes; Creating, updating, deleting identity and identity information
Pseudonyms with specific properties: Using pseudonyms for privacy enhancing by averting linkability
Credentials: Credentials are convertible certifications for authorisations which a user has obtained by use of a pseudonym. These credentials can be transferred to his other pseudonyms without being transferred to other users’ pseudonyms. Although an authorisation is bound to an individual and can be reliably used in many contexts, its use does not lead to data trails or unwanted disclosure of personal data. As long as the individual does not misuse the credential, anonymity is guaranteed.
Becoming increasingly important, as mobile devices are acting as interfaces for ambient computing and are substituting different cards (e.g. credit cards, health cards etc.)
Examples: proof of majority / driving licence
Identity recovery
Functionality: Notice
History Management: Possibility to log transaction for reconstructing and analysing data flow
Example: Illustrating what the communication partner knows from previous transactions
Context detection: which partial identity was used in which transactional context
Functionality: Control
Rule Handling
Special mobile devices e.g. RFIDs are designed to have no rule handling for the person carrying the device and are therefore discussed as potentially privacy violating. Rule handling becomes especially important when mobility together with location based data is involved.
Support user to choose the right profile / preferences etc.
Anonymity as base-rule for privacy enhancing
Essential on the lower layers to enable Identity Management
Anonymity is also seen as mechanism for security, especially confidentiality
Security (the following aspects of Security are taken from1 the IT-Baseline Protection Manual and the British Standards (ISO/EIC 17799))
Confidentiality (e.g. anonymity, secrecy)
Techniques to enable anonymity have to be developed for the use of mobile devices and location based data used with location based services
Integrity (including non repudiation)
Availability
Privacy
Privacy control functionality (consent, objection, disclosure, correction, deletion and addition of privacy information)
Example: The privacy control functionality has to include location data give user the possibility to control the flow of location data himself
Data minimisation: Storing and processing only data which is really necessary
Standards (e.g. P3P), seals (e.g. Datenschutz-Gütesiegel beim ULD SH) and penalties
Interoperability and Gateways
Compliance to existing standards
Standards are special for mobile devices
Interfaces
Interfaces are special for Mobile Devices
Trustworthiness
Segregation of power, separating knowledge, integrating independent parties
Using Open Source
Trusted seals of approval
Law Enforcement / Liability
Digital evidence
Example: Proof of transactions etc.
Digital signatures
Data retention
Comment: this is in contrary to privacy
Usability
Comfortable and informative user interfaces
Interfaces for mobile devices have to be developed for the special need of different displays etc. (touch screen, speech, etc.)
Training and education
Reduction of system’s complexity
Raising awareness
Affordability
Power of market: Create MIMS that are competitive and are able to reach a remarkable penetration of market
Using open source building blocks
Subsidies for development, use, operation, etc.
As outstanding mechanisms for the handling or the representation of identities, the different types of pseudonyms and credentials play a particular role. By use of these mechanisms, the core concept of the “user-controlled, technology-based Identity Management” can be realised technologically also for Mobile Identity Management.
5 / 36 |