Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- D1.2: Communication Infrastructure.
- D1.3: Wiki System.
- D8.3: Database on Identity Management Systems and ID Law in the EU.
- D8.5: Report on inter-disciplinary workshops.
- D9.1: A Specification for FIDIS Journal.
- D9.5: 1st FIDIS in-house Journal Issue.
- D15.2: FIDIS International Summer School.
- D15.4: Interdisciplinary FIDIS Doctorial Consortium.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
 |
Title: TYPE 3 IMS ATTRIBUTES |
 |
Type 3 IMS attributes
This section is relevant for all IMS that are either type 3 or include type 3 functionality (e.g. a combination of 1 and 3).
The Type 3 IMS attributes cover various topics:
Functionality
Security Control
Privacy Control
Support
Usability
Trustworthiness
Functionality
Attribute Label | Definition | Values |
IMS category (*) | Description of the purposes the IMS could be used for, and the operational areas such as access management, form filling, reachability management, automatic choice of identity and pseudonym management. Additionally interfaces to other systems or applications, protocols, plug-ins and gateways are listed. | Text |
Representation of identities (*) | Description of mechanisms, which the IMS uses for showing the user his/her different kinds of identities, especially the one he/she is acting in or the most probable identities to choose from. This includes all possible forms of identities, e.g., plain personal data, pseudonyms, credentials and their attributes. | Text |
Handling of identities (*) | Description of the functionality of identity handling, meaning identity administration and choice. Identity administration comprises the definition of own identities and the verification of own or foreign identities. Identity choice consists of all possibilities for the user to choose explicitly his/her identities and decide on the re-use of identities and of everything where the IMS supports the user by seamless use of identities (implicit use) or giving information to help him/her. | Text |
History management (*) | The history management applies to the logging of all transactions of the system. This includes details about what the system is logging and how this log file is represented to the user. In connection with the usability-category it is analysed how comprehensible this representation is and if it is useful. | Text |
Context detection (*) | This functionality describes possibilities to detect the context of the user’s environment and makes suggestions for further activities or executes them autonomously. It has to be described further which contexts the system can detect and how the user can affect them. | Text |
Rule handling (*) | The rule handling affects the automatic decisions of the IMS. The analysis includes which parts of the system uses rules, which are default ones, how the user can influence them and if they can dynamically react in case of changing contexts. | Text |
Identity recovery (*) | This functionality helps to recover an identity after a system crash or a malfunction. This could be useful both for the user in case of using a deleted or destroyed identity again and for the law enforcement in case of prosecution. Identity brokers may play a crucial role for identity recovery. | Text |
Digital evidence (*) | Description if the system helps to preserve evidence for legal proceedings. This could be important for users in case of prosecution of claim as well as for law enforcement and criminal prosecution. The analysis includes how powerful the evidence would be in a legal proceeding that comes along with the difficulty of manipulate the evidence. E.g., digital signatures and digital time stamps could help to increase the value of the evidence. Another relevant issue is whether the user is aware of the digital evidence functionality and may even influence the kind of digital evidence or whether this is a hidden functionality with no possibility to affect it. | Text |
Privacy Control
Attribute Label | Definition | Values |
Privacy control functionality (*) | The user could be supported by privacy control functionality such as information about personal data stored at a server, allowing access to these data, give the means to correct these data, to remove them, or to grant or revoke consent. | Text |
Anonymity control (*) | Can the user choose to be anonymous or not? | Boolean: yes / no + text |
Pseudonym control (*) | Can the user choose a pseudonym with which to operate under or not? | Boolean: yes / no + text |
P3P (*) | Platform for Privacy Preferences (P3P) enhances user control by putting privacy policies where users can find them in a form users can understand and most importantly, enables users to act on what they see. | Boolean: yes / no + text |
CPEX (*) |
| Boolean: yes / no + text |
Others (*) |
| Text |
Self-service
Attribute Label | Definition | Values |
Change password (*) |
| Boolean: yes / no + text |
View profile details (*) | Profiles can be changed without changing an account. Whereas the account details are private, the profile details may be public. | Boolean: yes / no + text |
View account information (*) |
| Boolean: yes / no + text |
Negotiation (*) | Statement whether the system provides mechanisms to negotiate protection goals and configuration of what data may be transmitted under which conditions | Boolean: yes / no + text |
Choice of identity (*) |
| Boolean: yes / no + text |
Support to the user
Attribute Label | Definition | Values |
Identification of social situations (*) | Statement whether the IMS helps the user to identify social situations.
| Boolean: yes / no + text |
Adequate role taking (*) | Statement whether the system helps the user to identify what is expected from him. Role taking is the process by which the individual person becomes linked with their relevant society. | Boolean: yes / no + text |
Adequate role making (*) | Statement whether the system helps the user to identify what he is doing. Evolving notions of how the users themselves expect to act in a given position (role making). | Boolean: yes / no + text |
Usability
The usability aspect describes both the usability of the product and the documentation and external support.
Attribute Label | Definition | Values |
Usefulness (*) | The degree to which a person believes that using a particular system would benefit his or her tasks. The construct of perceived usefulness means a person’s perception of using an information system that benefits him or her in an organisational context. | Rate + text |
Ease to use (*) | The degree to which a person believes that using a particular system would be free of effort. Perceived usefulness and perceived ease of use have influence on the actual use of the IMS. | Rate + text |
Malfunction understanding (*) | The degree of the system ability to present the risk of faulty operation to the user to warn him and help him to avoid it. This could be an additional warning request that the user has to reply or the ability to undo a malfunction after the user understood that he did something wrong. | Rate + text |
Rating (*) | Rating according to rules defined below | Integer |
The following rules are used to determine a rating. The final score is divided by 1.5 in order to normalise scores on a scale of 10.
Usefulness (max. possible: 5 points):
Application benefits usage several times a month: (+1)
Application benefits every day usage: (+1)
Time for first time adjustment is less than time for action without IMS: (+1)
After first time adjustment the action is faster as without IMS: (+1)
After first time adjustment the action is more than twice as fast as without: (+1)
Ease of Use (max. possible: 5 points):
The help function is not needed for standard activities: (+0.5)
The manual is not needed for standard activities: (+0.5)
Help function, manual and support are not needed at all: (+1)
After a period of vocational adjustment the user is able to use the function autonomously: (+1)
It is not necessary to consult external support: (+0.5)
No previous knowledge is needed: (+0.5)
A complete and understandable help function is provided: (+0.5)
A complete and understandable manual is provided: (+0.5)
Malfunction Understanding (max. possible: 5 points):
The user can recognise that an error occurred: (+1)
In case of a malfunction the function presents a complete and understandable description of the error: (+2)
There are suggestions for what to do next: (+1)
The function makes a sensible suggestion about what to do next: (+1)
In the first version of the database there will not be great detail on the third party support. So it is sufficient to have only a general description which kinds of third parties help in which way in managing identities. But later on this part may be extended, e.g. by describing the protocols of data exchange with the third party, the security mechanisms and privacy controls applied, and evaluating usability aspects.
Trustworthiness
Attribute Label | Definition | Values |
Multilateral security (*) | Segregation of power, self-protection, open source etc. | Boolean: yes / no + text |
Seals (*) | Privacy and other seals that certify that the IMS applies to law. | Boolean: yes / no + text |
| |
   |
|
| 18 / 53 |
