Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- D13.1: Identity and impact of privacy enhancing technologie.
- D13.1 Addendum: Identity and impact of privacy enhancing technologies.
- D13.3: Study on ID number policies.
- D13.6 Privacy modelling and identity.
- D13.7: Workshop Privacy.
- D14.1: Workshop on Privacy in Business Processes.
- D14.2: Study on Privacy in Business Processes by Identity Management.
- D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes.
- D14.4: Workshop on “From Data Economy to Secure.
- D16.3: Towards requirements for privacy-friendly identity management in eGovernment.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
Table of Contents
Executive Summary
Note: This section is mandatory for all deliverable and should help to get an overview of the topics covered in the document.
The objective of WP14 is the identification and description of privacy requirements for identity management relating to the disclosure of identifying personal data and the use of credentials as access rights on services in business processes. Service providers process identifying data of their users for example for individualizing services and to get access to services as a proxy of their users. By the directives 95/46/EC and 2002/58/EC, the European Commission has defined privacy principles in order to regulate the processing of identifying personal data. Identity management empowers users as long as they disclose their identifying personal data and credentials to service providers. For information chains as found in multi-staged business processes, identity management leads to a big-brother phenomenon. Users have to trust service providers to process personal data of their users according to their privacy policy.
Based on privacy as informational self-determination, privacy threats are identified in business processes by the reference scenario “loyalty programme”. The reference scenario is used as an orientation for the partners in WP14. Undesired profiling is in particular investigated by case studies. The investigation of profiling makes a difference between collection of customers’ data by service providers of which customers are not aware and in externally stored customers’ profiles, while delegation access rights to some of these profiles is made possible The starting point of WP14 is the workshop “Privacy in Business Processes” (D14.1).
Workshop on Privacy in Business Processes
Objectives
The aim of the workshop “Privacy in Business Processes” was to support the coordination of the work on the deliverables D14.2 “Study on privacy in business processes by identity management” and D14.3 “Study on the suitability of trusted computing to support privacy in business processes”.
The workshop was held during the first FIDIS Research Event from September 11th to 12th, 2006, in Budapest. The following presentations have been presented according to the agenda of this workshop:
Monday, September 11th, 2006 | |
14h15-14h45 | Sven Wohlgemuth (ALU-FR): Privacy in Business Processes by User-centric Identity Management
Sven Wohlgemuth presented the scenario “personalised services” and privacy threats as an orientation for the work in WP14. The characteristic of this scenario is the collection and delegation of customers’ personal data which is necessary, e.g., in loyalty programmes. He showed that data economy is not possible anymore in business processes with a delegation of customers’ personal data, if current user-centric identity management systems are applied. Customers’ will lose the control on their credentials and on the access on their personal data, because of the all-or-nothing non-transferability of credentials property of the considered identity management systems. Consequently, customers have to trust the participating service providers of a business process. Referring to the scenario and to this proof, the areas of work of WP14 have been presented together with its approach to investigate on privacy in business processes. |
14h45-15h15 | Mireille Hildebrandt (VUB): The user-centric narrative of AmI: smart marketing or citizen empowerment?
Mireille Hildebrandt showed by her talk the threat of interconnecting group profiles to persons and thereby deriving statements to persons which may not be true (or, maybe worse, are true and can be used to manipulate people unaware of the profiles that are applied to them). This may render ineffective D46/95 EC, cp. work plan 2006-2007 art. 29 Working Party, because anonymised data fall outside its scope even if the profiles inferred from them do impact a person. She derived the need of “Ambient Law” which means to articulate legal rules into technological design. |
15h15-15h45 | Günter Karjoth (IBM): Achieving Transparency by Applying an Enterprise Privacy Architecture
The talk of Günter Karjoth presented an organisational approach to model privacy-aware business processes. The approach enables an enterprise to formulate a single company privacy policy, to monitor processing of personal data against this policy, to enforce access and retention policy across all application and data stores within the enterprise and to prove regulatory compliance. He illustrated this approach by a bookshop example, i.e. privacy compliant processing of customer’s credit card number. |
15h45-16h15 | Simone Fischer-Hübner (KU): The Data Track for increasing transparency for end user
Data Track is a mechanism for end users in order to trace the disclosure or personal data. It is motivated by the European Data Protection Directive 95/46/EC concerning transparency and by Art. 9 of the Directive 2002/58/EC concerning location based services. The Data Track is a basis for logging functions concerning a privacy policy compliant processing of personal data, exercising legal rights and setting obligations. |
16h15-16h30 | Coffee break |
16h30-17h00 | Ammar Alkassar (SIRRIX): Employing Trusted Computing for User-Friendly Business Processes
The talk of Ammar Alkassar presented Trusted Computing as a technical foundation for digital rights management regarding a privacy compliant use of disclosed personal data. The talk showed this approach by means of the example of software agents acting as a proxy of an end user for booking a business trip. |
17h00-17h30 | Stefan Köpsell: Overview of Trusted Computing and possible Applications for Business Processes with Delegates
This talk introduced the participants of the workshop to the main ideas and concepts of Trusted Computing (TC) by the Trusted Computing Group and the technical device Trusted Platform Module (TPM). |
17h30-18h00 | Richard Cissée (TUB): Privacy-preserving Information Filtering
An application of TC for privacy is the privacy-preserving information filtering approach of TUB. They propose TC for recommender systems in order to enforce customers’ interest regarding disclosure and retention of personal data. |
18:00-18:30 | Sven Wohlgemuth (ALU-FR): Further steps to D14.2, D14.3 and 4th work plan
The first day of the workshop ended with the discussion about the structure of the deliverables D14.2 and D14.2. A proposal for their table of contents was presented by the work package leader. This sketch is based on the contribution of the participants which have been sent to the work package leader before this workshop. The result of this slot is their table of contents by means of a sketch and the further proceeding to develop these deliverables. At the end, the contributors have been asked for their ideas and research activities for the 4th FIDIS work plan. |
| |
Tuesday, September 12th, 2006 | |
13h45-14h15 | Martin Meints (ICPP): Compliance in Enterprises – how can Trends in IT-Security successfully be transferred to Data Protection?
Continuous and repeated tasks in organisations in the private as well as in the public sector exist quite often. Important areas are among others:
In many of these areas good practice process models are used that suggest standardised proceedings for typical organisations. These process models are meant to be used as framework – they need to be adapted to the specific needs and environmental conditions of the organisation. For data protection no generic good practice process models have been suggested so far. This talk presented an approach for a model for data protection. |
14h15-14h45 | Laurent Bussard (Microsoft): Privacy Aspects of Scoped Federations
This talk introduced privacy aspects of scoped federations. Scoped federations focus on a particular collaboration and enable individuals from different organizations to consume and expose (web) service resources in a dynamic and secure way. By a prototype on .NET 2.0 and Web Services Enhancements (WSE) for .NET, the privacy aspects of user anonymity, anonymity revocation and identity selection are shown. This prototype makes use of Microsoft InfoCard. |
14h45-15-15 | Pieter Ribbers (Tilburg University): Privacy and Business Processes: the approach in PRIME
Pieter Ribbers presented in his invited talk the PRIME approach for the topic “Privacy in Business Processes”. This top-down approach considers business processes in general and aims to develop a reference process model for integrating privacy-enhanced technologies (PET) in business processes. Thereby, the cost and benefit of using PET will be considered. |
The slides are available at http://internal.fidis.net/workpackage-main/wp14/wp14-wiki-workpad/wiki/D14.1%20Workshop%20%22Privacy%20in%20Business%20Processes%22/
Results
The contributions of the participants in WP14 have been presented, discussed and fixed. Regarding D14.2 and D14.3, the sketches of their table of content have been proposed by ALU-FR, discussed and fixed together with the contributing participants.
To interconnect the work of FIIDS and PRIME and to foster an exchange of approaches and results to the work on privacy in business processes, Pieter Ribbers (KUB) presented the corresponding work in PRIME in his invited talk. The following discussion focussed on process models for an integration and evaluation of security mechanisms. To present the results of PRIME and FIDIS concerning this topic, a workshop “Business Models and Identity” has been proposed for IST 2006, which has been accepted and held in November 2006 in Helsinki.
Further Steps
The results of this workshop, sketches of table of contents of D14.2 and D14.2 respectively the IST 2006 workshop “Business Models and Identity”, are used to develop the deliverables by integrating the individual contributions and to refine the structure of the deliverables respectively to disseminate the presented results at the IST 2006.
Annex 1: Participants
The participants of the workshop are listed in the following table:
Contr. No. | Organisation | Surname | First name |
1 | JWG | Nassary Zadeh | Layla |
1 | JWG | Royer | Denis |
3 | VUB | Hildebrandt | Mireille |
4 | ICPP | Meints | Martin |
7 | KULEUVEN R&D | Huysmans | Xavier |
8 | KUB (external from PRIME) | Ribbers | Pieter |
9 | KU | Fischer-Hübner | Simone |
10 | TUB | Cissée | Richard |
10 | TUB | Wetzker | Robert |
11 | TU Dresden | Köpsell | Stefan |
12 | ALU-FR | Wohlgemuth | Sven |
13 | MU | Cvrcek | Dan |
14 | VaF | Vyskoc | Jozef |
15 | LSE | Backhouse | James |
20 | VIP | Jaquet-Chiffelle | David-Olivier |
21 | Microsoft | Bussard | Laurent |
23 | AXSIONICS | Jacomet | Marcel |
24 | SIRRIX | Alkassar | Ammar |
External | NMMU, South Africa | Botha | Reinhardt |
External | Charles Sturt University, Australia | Bowern | Michael |
External | JRC | Schumacher | Günter |
Sven Wohlgemuth | 0 / 0 |