Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication
Conclusion
In this chapter three main areas of protocols for privacy-aware communication have been described:
Firstly anonymisation services have been tackled, in particular technologies for mixing IP packets and substituting IP addresses. Although theoretical models work quite well, today’s practical implementations do not provide appropriate safeguards against clever and powerful attackers. In addition, currently anonymisation services are not widely distributed; their usage often is inconvenient and increases undesired latency. The protocols and mechanisms of anonymisation services can be used on top of the protocols described in Chapter .
Secondly, user-centric identity management protocols have been introduced, especially concerning anonymous credentials and protocols for web services including single sign-on. This section shows several components which could be used in federated identity management to improve privacy and security. However, a high adoption in particular regarding anonymous credentials is crucial for a privacy assessment of ICT systems, otherwise the data disclosed from other protocol layers plus the additional information in the identity management area can be linked and yield detailed profiles on individuals.
Thirdly, the domain of privacy policies is a vast area which could only briefly be touched on. Protocols for negotiating policies and enforcing them will play a prominent role in the next years. As data minimisation is not an option in many practical cases, policies and policy enforcement have to step in. From today’s perspective it is not clear which languages and protocols will prevail in which areas.
Summarising, this chapter shows work in progress and points to some research questions which will, among other things, affect specification and standardisation of protocols.
schulte | 18 / 30 |