D11.1: Collection of Topics and Clusters of Mobility and Identity – Towards a Taxonomy of Mobility and Identity

Title: PROTOTYPE

One example of a state-of-the-art privacy-respecting application is developed by T-Mobile in cooperation with University of Frankfurt as part of the PRIME project. For T-Mobile, the prototype leads to new insights into how privacy enhanced identity management can be introduced into a mobile commerce (m-commerce) scenario without restricting the business models. An idea on how privacy enhancing services can be deployed within a telecommunication environment, especially as a standardised IDM management system, can leverage new and efficient business models in such a scenario.

In this setting, several challenges and opportunities for privacy enhancing technologies appear - the system should:

• Control the flow of dynamic personal information, such as location or service usage 

• Determine who has received personal information for which purpose 

• Delegate handling of context-based personal information 

• Hide specifics of service usage from mobile operator 

• Anonymise user towards service provider 

• Provide a unique interface for all supported services 

• Have a substantial initial installed user base for profitable, privacy-friendly LBSs 

The prototype demonstrates how the user is given extended control of his personal information, but is still able to use a real mobile m-commerce application using features of the PRIME suite, including communication, authentication, authorisation, policy management, data track and automatic handling of personal information.

Figure : Prototype Version 1 - Architecture Overview

A first prototype version has already been finished: a mobile pharmacy search using Wireless Application Protocol (WAP). The usage of this widely deployed protocol enables T-Mobile to reach a maximum footprint for upcoming privacy-enhanced products. 

In this scenario (cp. ) we have three different parties beside the mobile subscriber. The mobile operator offers the communication infrastructure, locates the user and takes care of the billing process. The location intermediary cleanly separates the spheres of mobile operator and service provider, which in our case, is the provider of pharmacy locations. The LBS application service provider maintains a database with pharmacies and their respective locations. When a user requests information about the closest pharmacy to his position, his location is retrieved and the pharmacy database is queried. Then a list with the closest few pharmacies is returned to the user.

A next version of the prototype will be a push service, and deploy the PRIME user side on a mobile phone to reach even stronger privacy guarantees. In addition to (anonymous) PRIME credentials, the (anonymous) PRIME communication channels and dynamic personal information facilities will be employed to provide for a solid protection of users’ privacy.