Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- D13.1: Identity and impact of privacy enhancing technologie.
- D13.1 Addendum: Identity and impact of privacy enhancing technologies.
- D13.3: Study on ID number policies.
- D13.6 Privacy modelling and identity.
- D13.7: Workshop Privacy.
- D14.1: Workshop on Privacy in Business Processes.
- D14.2: Study on Privacy in Business Processes by Identity Management.
- D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes.
- D14.4: Workshop on “From Data Economy to Secure.
- D16.3: Towards requirements for privacy-friendly identity management in eGovernment.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
Conclusion
Identity management as the current security mechanism to preserve privacy is used to realise the principle of data economy. But, as chapter four shows, personalised services need personal data of their customers. As nowadays, there is no security mechanism for privacy, when personal data are disclosed. Customers have to trust the corresponding service providers. Implementing privacy-aware business processes lacks of an overview of collected customers’ data, the use of these data in business processes and whether a customer has given consent to processing his data for the given purpose. The contribution of the IBM Enterprise Privacy Architecture is a process model for service providers to model their business processes according to data protection directives and laws and to use an internal access control with audit functionality to ensure a compliant use of customers’ data within a service. In order to implement the derived process model for data protection, section 5.2 suggests the approach of security process models. But furthermore, customers have to trust their service providers to whom they have disclosed personal data. They are not able to determine or control the use of their data.
As this chapter shows identity management is, as an access control mechanism on personal data, a countermeasure for undesired collection of personal data, identification, profiling, and linkability of transaction as long as it is used in single-stage business processes. But identity management systems lead to “Big Brother” and abuses by undesired impersonation, if they are applied in business processes with proxies. Even the only identity management system (Liberty Alliance) considering multi-stage business processes has a contradiction in its trust model with respect to privacy: untrustworthy service providers become imperatively trustworthy service providers for the customer. Consequently, there is a need for a usage control mechanism as an extension for identity management in order to preserve privacy by an access control on personal data for controlling the disclosure of them at the same time by an usage control in order to control or verify the use of disclosed personal data with respect to customer’s privacy policy. The next chapter describes such an extension for identity management by protocols for an unlinkable delegation of rights as authorisations for the use of disclosed personal data. In ambient intelligence environments, e.g. sensor networks, customers are not aware of a data collection. So that customers are able to retrace the disclosure of their profiles in order to identify service providers which have abused or re-delegated customers’ data without their consent, a history mechanism for the disclosure of personal data is introduced: ‘Data Track’.
31 / 38 |