Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication
“In computing, a protocol is a convention or standard that controls or enables the connection, communication, and data transfer between two computing endpoints. In its simplest form, a protocol can be defined as the rules governing the syntax, semantics, and synchronization of communication. Protocols may be implemented by hardware, software, or a combination of the two. At the lowest level, a protocol defines the behavior of a hardware connection.”
(Wikipedia: Protocol (computing) 2007)
Protocols determine how communication works. As communication is a basic activity for all kinds of transactions, interactions or other information exchange, it is the most basic foundation of Information Society. There are protocols on the social level as well as on the technical level where several sublevels can be identified. This deliverable deals with protocols on the technical level, i.e., how machines communicate with each other. The scope here is specifically limited to identity aspects of protocols - this means the analysis of privacy and identifiability issues, in particular threats to privacy and possibilities to circumvent or prevent them.
When discussing protocols, there is a need to distinguish between their specification and implementation. Although these should be one and the same, in practice implementations do not always properly adhere to what is laid down in the specifications – this may be done accidentally, but in some cases deviations from the specifications are intended, e.g., when implementing light-weight versions of the full specification or when contradictions are discovered in the documents which cannot be met. Here we restrict ourselves mainly to the analysis on the specification level.
This deliverable cannot serve as a comprehensive compendium or even tutorial of all potentially relevant protocols – indeed many specifications comprise more pages than appear here. Instead, a variety of protocols are tackled which represent typical applications or procedures in the networking world. These protocols are analysed with respect to their privacy relevance: Protocols for networking are evaluated according to their behaviour concerning personal data and linkability; protocols for privacy-aware communication are scrutinised with respect to their privacy achievements.
This deliverable is organised as follows:
Chapter 2 focuses on state-of-the-art protocols in various networking areas. It gives an overview of general facts concerning protocols and analyses privacy aspects in a structured way as introduced.
This analysis is supplemented by the elaboration of privacy-aware protocols in Chapter which firstly depicts the functions of anonymising services, continues with protocols in the area of user-centric identity management, and finally describes different kinds of policy languages which also can be regarded as protocol-related.
Chapter gives a brief outlook on a selection of Next Generation Internet protocols and their privacy features and threats. Similar to Chapter , the focus is put on basic networking protocols rather than specific privacy-aware protocol proposals. Further it poses the question of involvement of privacy experts in the design process of protocols and their specification.
The overall summary of the deliverable is presented in Chapter .
For interested readers, the references are recommended for further reading. The list of abbreviations in the appendix will help with the technical terminology typical to the protocol area.
This deliverable aims to give an overview of the identity-related aspects of protocols on different technical layers, regardless if they are commonly used today or interesting newly proposed approaches. A focus is put on the protocols and mechanisms of privacy-aware communication which can prevent some of the privacy threats of widely distributed protocols or application settings.
schulte | 3 / 30 |