Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.3: Study on Mobile Identity Management
Scenario of the use of Mobile Identity Management Systems
Introduction
In section 2.1, the main mechanisms for Mobile Identity Management Systems (MIMS) are introduced. The following simple scenario will show how essential the first six mechanisms are for the functionality and privacy-compliance of MIMS. The mechanisms and the subcategories used in this scenario are listed at the end of this chapter.
It is difficult to show the mechanisms related to market and user acceptance (mechanisms VII to X (trustworthiness, law enforcement and liability, usability and affordability)) in an intuitive scenario. They are not just specific to MIMS, but important for Identity Management Systems in general. These mechanisms are therefore discussed in the FIDIS study on a “structured overview on prototypes and concepts of identity management systems” (D 3.1). Relevant aspects concerning usability of Identity Management Systems on mobile devices are discussed in chapter 5 of this document.
Starting Point
Alice has a mobile device, which is connected via GPRS / UMTS to a service provider for location based services. Examples for those location based services are local restaurant guides or the service “friend finder”.
The mobile device is equipped with a Mobile Identity Manager System. This software allows Alice to edit, store and select various service specific personal profiles to be used for location based services. Those profiles are understood as Partial Mobile Identities.
In this example, profiles are locally edited, selected and stored; the user of the device is in control of those profiles and their use including history logging. In addition, the Mobile Identity Management System stores all transactions of data from profiles to location based service providers. This functionality can be used to illustrate the flown data and, e.g., to comprehend bills of the service provider with service-requests by the user.
Alice has pre-configured some profiles – e.g. a professional one with her preferences for business lunches and a private one for her personal preferences at weekends and holidays. The professional profile contains, in addition, data about her business contacts, the personal one about her friends.
Figure -1: Overview of the communication process of the restaurant finding service
Scenario 1: Finding a local restaurant for a business lunch
Step 1
Alice selects her professional profile after starting her mobile device.
Step 2
She selects the service “local restaurant finder” to find a nearby restaurant for a business lunch. The service provider gets the pre-selected preferences of Alice concerning the quality (in this case high) and preferred Asian (she likes Asian food and most of her business contacts do as well). The service provider has to know where Alice is located so and asks for the location data.
Step 3
Depending on the technical specification of her mobile device (e.g. GPS-locator integrated) or her preferences (e.g. manual input of her current location) the mobile device gets the location automatically from the GPS locator or the telecommunication provider or Alice has to enter it manually. The MIMS submits this information after acknowledgement to the service provider.
Step 4
The service provider sends a list of restaurants in the requested specification to Alice’s mobile device together with geographic information (e.g. maps) showing how to reach them from her current position.
Scenario 2: Finding a local restaurant for a private lunch
Step 1
Alice selects her private profile after starting her mobile device.
Step 2
She selects the service “local restaurant finder” to find a nearby restaurant for her private lunch. The service provider gets the pre-selected preferences of Alice concerning the costs and the quality (in this case she prefers fast-food due to her lack of time). The service provider has to know where Alice is located so asks for the current location data.
Step 3
The mobile device gets the location automatically from the telecommunication provider. The service provider has to know where Alice is located and asks for the location data.
Step 4
The service provider sends a list of fast-food restaurants to Alice’s mobile device together with geographic information (e.g. maps) showing how to reach them from her current position.
Required mechanisms for Mobile Identity Management Systems
To enable the two scenarios, the Mobile Identity Management has to support the following mechanisms listed in section 2.1:
Function Identity-Administration
Communication-independent handling and representation of identities: Possibility to choose between different profiles
Function Notice
History-Log over the use of the profiles and the flown data in the MIMS
Function Control
Rule-Handling performed by pre-editing the profile and transferring the location data to the service provider
Privacy
Privacy-control and data minimisation can also be handled in the pre-edited profile; the service-provider doesn’t necessarily need to know, who is using the service as long as it is paid; this could e.g. be carried out using pseudonyms being certified by a trusted third party (e.g. a bank).
Security
Confidentiality and integrity of the profiles and the MIMS; availability of the MIMS
Interoperability and Gateway
E.g. necessary to transfer the location data from the telecommunication provider to the service provider
6 / 36 |