D11.1: Collection of Topics and Clusters of Mobility and Identity – Towards a Taxonomy of Mobility and Identity

Title: GLOSSARY

This section contains the general glossary and the definition of the terminology used in this document. All terms can also be found in the general FIDIS Wiki on Identity Management at: http://internal.fidis.net/fidis_wiki.0.html. 

3G (or 3-G):

3G is short for third-generation mobile telephone technology. The services associated with 3G provide the ability to transfer both voice data (a telephone call) and non-voice data (such as downloading information, exchanging email, and instant messaging). Originally, 3G was supposed to be a single, unified, worldwide standard, but in practice, the 3G world has been split into four different fractions: UMTS (W-CDMA), CDMA 2000, TD-SCDMA, Wideband CDMA  

4G (or 4-G): 

Fourth Generation (4G) networks focus on mobile communication and are seen to be successors of the Third Generation (3G) wireless access technologies that are in use today. 4G networks are sometimes referred to as “3G and beyond” networks, too. Besides new radio based wireless access technologies with higher bandwidths and more sophisticated Quality of Service functionalities, 4G Networks are planned to provide pervasive computing concepts for the user. Pervasive networks will be the basis for pervasive computing where the environment of the user consists of a wide range of dedicated and communicating devices collaborating to provide services that adapt to the current situation of the user.  

Essentially, 4G networks will integrate a wide range of different wireless technologies, including existing 3G networks (e.g. UMTS or WiMAX) as well as novel 4G wireless communication, in order to provide continuous coverage in all situations by relying on different access technologies. This explicitly includes short range radio, to be used for the communication between local devices and mesh-networking approaches, as well as long range communication for broadband linkup to the Internet. 

Anonymous Credentials:

In the widest sense, a credential is a piece of information attesting to the truth of certain stated facts. Credentials are used in the process of authentication, and in this context are based on the following technologies: Biometrics, digital certificates, smart cards, passwords etc. By using anonymous credentials, organisations know the users only by pseudonyms. Different pseudonyms of the same user cannot be linked. Yet, an organisation can issue a credential to a pseudonym, and the corresponding user can prove possession of this credential to another organisation (who knows her by a different pseudonym), without revealing anything more than the fact that she owns such a credential.

Application Layer:

The application layer is the seventh level of the seven-layer OSI model. It interfaces directly to and performs common application services for the application processes; it also issues requests to the presentation layer.

The common application layer services provide semantic conversion between associated application processes. Examples of common application services of general interest include the virtual file, virtual terminal, and job transfer and manipulation protocols.

Biometrics:

Biometrics is the application of mathematical and statistical methods to the study of biology.

Human characteristics which are useful in biometrics are 1. Physical aspects as fingerprints, hands scans, eye patterns, ear patterns, facial features and DNA and 2. Behavioural characteristics like signatures, voice and keystroke dynamics (information derived from Hes R. et al. At face Value on biometrical identification and privacy. Achtergrondstudies and verkenningen 15 Registratiekamer The Hague, 1999, pp.19-24.)

Biometrics is referred to as a number of methods to authenticate persons using physical features (such as fingerprints) or behaviour (such as voice recognition).

CCTV:

Closed Circuit Television. 

Cell:

Cells are base stations to cover a geographic area. (Information derived from PC Magazine (http://www.pcmag.com/encyclopedia_term/0,2542,t=cellphone&i=39505,00.asp). 

In a cellular mobile phone network, a cell is referred to as a base station to cover a certain geographic area.

Cell-phone:

Cellular telephone. The first ubiquitous wireless telephone. Originally analogue, all new cellular systems are digital, which has enabled the cell-phone to turn into a smart phone that has access to the Internet. Digital cell-phone systems are also offered in the PCS band, which is radio spectrum that was auctioned off by the U.S. government in the mid-1990s. Introduced in the mid 1980s, cell-phone sales exploded worldwide in the 1990s as a consequence of the success of the GSM standard.

Certification Authority (CA):

A certification authority (CA) is an entity which issues digital certificates (credentials) for use by other parties. Users trust a CA that it certifies statements about their users with respect to their certification policy. So, a CA is an example for a Trusted Third Party (TTP).

Credentials:

In the widest sense, a credential is a piece of information attesting to the truth of certain stated facts. Credentials are used in the process of authentication. In this context are based on the following technologies: Biometrics, digital certificates, smart cards, passwords etc.

Data Protection Directive:

Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, O.J. L281, 23.11.1995, p. 0031-0050. 

Data Retention Directive:

Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending directive 2002/58/EC, O.J. L105, pp.54-63 

Digital Divide:

The digital divide in contemporary societies is based on the broader disconnections of certain groups from IT hardware and the growing use of automated surveillance and information systems to digitally red-line their life chances within automated regimes of service provision (Jupp, 2001). (From Graham and Wood Digitizing surveillance: categorization, space, inequality. Critical Social Policy (2003), Vol. 23, nr. 2,

Digital identity:

Digital identity denotes all those subject-related data that can be stored and interlinked by a technology-based application. The subsets of the digital identity are digital partial identities (= partial digital identities) which represent the subject in a specific context. A digital identity is, in a mobile network context, cooperatively provided by the mobile network operator and the mobile subscriber. It is constituted by idem identity and ipse identity aspects.

Digital identity according to Saärenpaä: “a message which is received about a person through digital information either as such or in combination with other information of that person (characteristics, habits)” (Saärenpaä The constitutional state and digital identity, Paper available on the website of the 2002 World Congress for Informatics and Law II Spain September 23rd–27th).

Data Protection Authorities (DPA):

Data Protection Authorities or else Supervisory authorities for the protection of data are one or more public authorities in each Member State that are responsible for monitoring the application within its territory of the provisions adopted by the Member States pursuant to the Data Protection Directive. These Authorities shall act with complete independence in exercising the functions entrusted to them. Every Authority shall have investigative powers, effective powers of intervention as well as the power to engage in legal proceedings, where the national provisions adopted pursuant to the Data Protection Directive have been violated or to bring these violations to the attention of the judicial authorities. (Art. 28 Data Protection Directive)

ePrivacy Directive:

Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), O.J. L201, 31.07.2002, p. 0037-0047 

Geoslavery:

‘the dangers of continuous real time control through extensive use of locational data’ (Dobson JE , Fisher, P.F., ‘Geoslavery’, IEEE Technology and Society Magazine, Vol. 22, issue 1, 2003, 47 - 52). 

Global System for Mobile Communications (GSM):

GSM (Global System for Mobile Communications) is the most popular standard for mobile phones in the world. GSM phones are used by over a billion people across more than 200 countries. The ubiquity of the GSM standard makes international roaming very common with “roaming agreements” between mobile phone operators. GSM differs significantly from its predecessors in that both signalling and speech channels are digital, which means that it is seen as a second generation (2G) mobile phone system. This fact has also meant that data communication was built into the system from very early on. GSM is an open standard which is developed by the 3rd Generation Partnership Project (3GPP).

GSM:

See Global System for Mobile Communications 

Horizontal social mobility:

‘transition of an individual or social object from one social group to another situated on the same level’, while vertical social mobility’ (Sorokin P; Social and Cultural Mobility 1959)

Idem identity:

Type of identity that establishes sameness, specifying an individual as ‘the same person’. This type of identity presumes a third person perspective, indicates objectification and categorisation. However, it also concerns the continuity (samenness) of the first person perspective.  Paul Ricoeur, Oneself as another, Chicago: Chicago University Press 1992. See deliverable 7.4, section 3.4.2.2 for further references.

Identifiability:

Identifiability is the possibility of being individualised within a set of subjects, the identifiability set (PRIME-project, D14.1.a)

Identifiable person:

Identified person is a person the identity of which has been corroborated (based on the definition of ‘identified entity’, MODINIS-Project).

Identified person:

An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity (Art. 2 (a) Data Protection Directive)

Identity management:

“The operations performed to support the lifecycle of the digital identity”. (Roussos et al. 2003)

Idiosyncrasies:

A peculiarity of physical or mental constitution or temperament. Also a characteristic belonging to, and distinguishing, an individual; characteristic susceptibility; idiocrasy; eccentricity. 

iManager:

iManager is an identity manager for a mobile user in order to support him to communicate securely, to manage his partial identities, and consequently to protect his privacy. iManager has been developed at the University of Freiburg (Prof. Müller), Germany. It is a client side identity manager, which means that it is part of the user’s mobile device, and can be classified as a type 3 IMS (cp. FIDIS deliverables 3.1 & D3.3).

Information and Communication Technology (ICT):

ICT is a technical term circumscribing networking infrastructure, systems and applications facilitating communication (voice and data) and processing of information (including collection, storage and transport).

Ipse Identity:

The ipse identity is the sense of self of a human person. It presumes a first person perspective and resists complete determination. Ipse identity is not categorical or static but underdetermined and dynamic. The continuous reconstruction of the sense of self builds on the relational constitution of the self. According to Ricoeur the sense of self has a narrative structure: it consists of the autobiography we tacitly or explicitly reconstruct of our own life, fitting actions and other events into a coherent story that we recognise as our own life’s story. Paul Ricoeur, Oneself as another, Chicago: Chicago University Press 1992. See deliverable 7.4, section 3.4.2.2 for further references.

Legitimately:

In compliance with the existing European legal framework. 

Linear 4G vision versus Concurrent (WLAN) 4G vision (cp. 4-G):

The linear scenario for 4G refers to ‘an extrapolation from current trends towards increasing the bandwidth delivered by mobile communications and envisages the widespread availability of 4G mobile communications some time around 2010. This scenario projects forward the view of mobile communications as having evolved through a series of successive generations, a view that it is implicit in the term “fourth generation”.’ (Rodriguez Casal, C., Burgelman, J.C., Carart, G., IPTS Project report. “The Future of Mobile Communications in the EU: Assessing the potential of 4G”, 2004, p.11).

The Concurrent 4G Vision refers to ‘the possibly disruptive impact of the emergence of public wireless local area network (WLAN) access. To a limited extent WLAN access is already available today, and plans are afoot to deploy large numbers of so-called “hot-spots” offering semi-mobile Internet access. This approach enables a high bandwidth service to be offered at relatively low cost in specific locations where usage is likely to be concentrated’ (Rodriguez Casal, C., Burgelman, J.C., Carart, G., IPTS Project report. “The Future of Mobile Communications in the EU: Assessing the potential of 4G”, 2004, p.11).

Linkability:

Linkability describes the extent to which a given data set allows one to establish identity between two or more pseudonyms. It is an important measure for privacy enhancing technology because it is a measure of the degree of loss of anonymity in a context.

Linkability is defined for 2 or more pseudonyms in relation to a data set and an anonymity set. It is a measure of how much the data allows one to establish identity between two or more items in the context. The quantity increases the smaller the group of pseudonyms that are identified with a particular pseudonym (or group of pseudonyms) in a particular context. For example if it is known that a pseudonym contained in a cookie corresponds to a social security number in a database then maximal linkability has occurred in this context.

Location:

A particular place in physical space. 

Location-based service (LBS) - general:

Location-based services (LBS) are services, provided in a mobile network to the subscriber’s mobile device, based on their current geographical location. This position can be known by user entry or a by other locational systems, such as GPS receiver. Most often the term implies the use of a radiolocation function built into the cell network or handset that uses triangulation between the known geographic coordinates of the base stations through which the communication takes place.

Location-based service (LBS) - legal:

The European Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) does not make use of the term ‘Location Based Services’. However, article 2(g) of the Directive defines the term ‘value added service’ as ‘any service which requires the processing of traffic data or location data other than traffic data beyond what is necessary for the transmission of a communication or the billing thereof’. We could say that a Location Based Service is a value added service which processes location data other than traffic data for purposes other than what is necessary for the transmission of a communication or the billing thereof.

Location information:

The physical or logical location of the materials being described. 

MAC Address:

In computer networking a Media Access Control address (MAC address) is a unique identifier attached to most forms of networking equipment. 

Mix Network:

A mix network guarantees an effective form of anonymisation on the Internet and consists of several mix nodes. A mix is a proxy computer within a mix network that collects the encoded messages sent by the various users of a communications network. Subsequently, it changes the codes of these messages and their order for the transmission to next mix in line. There, this procedure takes place anew. The last mix of the route finally identifies the actual receiver and delivers the encoded message to them. A mix network works reliably even when only one mix is working reliably.

Mobile identity:

An idem identity type, based on a message or a set of (linked) messages derived from mobile computing devices, constituting claims about the mobility, the location or other characteristics which are assumed to represent a data subject.

A mobile identity in the wide sense is a partial identity which is connected to the mobility of the subject itself, including location data. The mobile identity may be addressable by the mobile ID. Typical settings for mobile identities comprise the use of mobile phones, the use of mobile tokens which store identity data, or the use of RFIDs (Radio Frequency IDs). Furthermore the mobility of a subject may be observed by others including the deployment of tracking mechanisms with respect to biometric properties, e.g., by a comprehensive video surveillance. This additionally may be understood as a mobile identity (FIDIS deliverable D3.3).

Mobile identity management (m-IDM):

Mobile identity management is a special case of identity management where location data is taken into account. It comprises both the perspective of the subject whose partial identities are concerned, e.g., offering mechanisms to decide when and what location data is used and transmitted to whom and the perspective of the mobile identity (management) provider who operates the system and may process the subject’s data. (FIDIS deliverable D3.3).  

Mobility:

Mobility is the ability and willingness to move or change. (wikipedia) 

Omniperception:

‘Omniperception is the aspiration to have knowledge over all people’ (Lyon D., Surveillance society. Monitoring everyday life, 2001, pp.124).

P3P

See Platform for Privacy Preferences Project. 

Platform for Privacy Preferences Project: 

P3P has been developed by the World Wide Web Consortium (W3C) and is an industry standard designed to help users gain more control over the disclosure and use of their personal information on Internet sites they visit.

Partial Identity:

Each identity of a subject can comprise many partial identities of which each represents the subject in a specific context or role. Partial identities are subsets of attributes of a complete identity. On a technical level, these attributes are data. 

Privacy Enhanced Technologies (PET):

‘The concept of Privacy Enhancing Technologies (PETs) aims at organising/engineering the design of information and communication systems and technologies with a view to minimising the collection and use of personal data and hindering any unlawful forms of processing by, for instance, making it technically impossible for unauthorised persons to access personal data, so as to prevent the possible destruction, alteration or disclosure of these data. The practical implementation of this concept requires organisational as well as technical solutions.’ (information derived from the technical workshop on Privacy-Enhancing Technologies 4 July 2003, http://europa.eu.int/comm/justice_home/fsj/privacy/docs/lawreport/pet/200304-pet-outcome_en.pdf)

Public Key Infrastructure (PKI):

PKI (Public Key Infrastructure): The architecture, organisation, techniques, practices, and procedures that collectively support the implementation and operation of a certificate-based public key cryptographic system. The main ability of a PKI is to administer certificates and public-private key pairs, including the ability to issue, maintain, and revoke public key certificates.

Reachability Management: 

Computer and communication technology should be able to give callees more options to decide whether a call was welcome, and to protect themselves from unwelcome calls. It should also give callers more options to show the importance and urgency of their calls. Additional features allowed users to specify security features for their calls. 

Reachability management offers callees the possibility to specify the circumstances, under which they are willing to receive a call. This specification, together with the information callers provide during the call request, is the basis for the decision whether the callee is immediately notified of the call, e.g. whether the telephone bell rings. Reachability management was sometimes described as a “Secretary for those who cannot afford a real one”. 

Right to privacy:

‘The freedom from unreasonable constraints on the construction of one’s own identity’. (Agre and Rotenberg, Technology and Privacy. The New Landscape, Cambrigde MIT press, 2001).  

SIM:

See Subscriber Identity Module. 

Smartphone:

Mobile phone equipped with a runtime environment and / or operating system that allows for installation and running of additional applications. Many of today’s smartphones include the functionality of a PDA.

Social mobility:

Changes in the socio economical status (SES). Social mobility can be the result of ‘(1) structural changes in the working population, new positions become available or some positions experience a lack of people (there can be a demographical cause) or (2) efforts of individuals, to generate a certain position (e.g. educational level – importance of status gaining processes)’ (J. Vincke. Classical Introduction in Sociology, 1998 – translation from Dutch. Original title; Klassieke inleiding in de sociologie). 

Spyware:

The term spyware refers to a broad category of malicious software designed to intercept or take partial control of a computer’s operation without the informed consent of that machine’s owner or legitimate user. While the term taken literally suggests software that surreptitiously monitors the user, it has come to refer more broadly to software that subverts the computer’s operation for the benefit of a third party.

Subscriber Identity Module: 

A subscriber identity module (SIM) is a smart card securely storing the key identifying a mobile subscriber. SIMs are most widely used in GSM systems, but a compatible module is also used for UMTS UEs (USIM) and IDEN phones. The card also contains storage space for text messages and a phone book. (FIDIS deliverable D3.3).

TCP/IP reference model:

The TCP/IP reference model is the set of communication protocols that implement the protocol stack on which the Internet runs. It is named after the two most important protocols: Transmission Control Protocol (TCP) and Internet Protocol (IP). TCP is a reliable, connection-oriented protocol for exchanging data packets between applications. IP is a data-oriented protocol used for communicating data across a packet-switched internetwork.

Trusted Third Party (TTP):

A trusted third party (TTP) is an entity which facilitates interactions between two parties who both trust the third party; they use this trust to secure their own interactions. TTPs are common in cryptographic protocols, for example, a certificate authority (CA).

Vertical Social Mobility: 

‘transitions of people from one social stratum to one higher or lower in the social scale’ (Sorokin P., Social and Cultural Mobility,1959)

Virtual Private Network: 

This describes technical solutions providing for confidential end-to-end communication or data transfer using non trusted or publicly available network infrastructure such as the internet or mobile communication networks. For this purpose usually the confidential data is encrypted. The encrypted end-to-end communication also is referred to as VPN tunnel. The figure below shows an example of a VPN, connecting two private networks over the Internet.

VPN:

See Virtual Private Network. 

VPN tunnel:

See Virtual Private Network. 

Wearables:

Computer technology, being suitable for wear or able to be worn. Commonly, wearable computers are usually either integrated into the user’s clothing or can be attached to the body through some other means, like a wristband. They may also be integrated into everyday objects that are constantly worn on the body, like a wrist watch or a hands-free cell phone. A wearable computers differs from a PDAs, which are designed for hand-held use, although the distinction can sometimes be a blurry.

X.509:

X.509 is an ITU-T standard for public key infrastructure (PKI). X.509 specifies, amongst other things, standard formats for public key certificates and a certification path validation algorithm.