Identity management throughout one's whole life

被引：13

作者：

Hansen, Marit ^{[1
]}

Pfitzmann, Andreas ^{[2
]}

Steinbrecher, Sandra ^{[2
]}

机构：

[1] Independent Centre for Privacy Protection Schleswig-Holstein (ULD), 24103 Kiel

[2] TU Dresden, Department of Computer Science

来源：

Information Security Technical Report | 2008年 / 13卷 / 02期

关键词：

Identity; Identity management; PET; Privacy; Privacy-enhancing identity management system; Privacy-enhancing technologies; User-controlled identity management system;

D O I：

10.1016/j.istr.2008.06.003

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Identity management has to comprise all areas of life throughout one's whole lifetime to gain full advantages, e.g., ease-of-use for all kinds of digital services, authenticity and authorisation, reputation and user-controlled privacy. To help laying the foundations for identity management applicable to people's whole life, we describe the formation of digital identities happening numerous times within one's physical life, i.e., their establishment, evolvement and termination, and derive building blocks for managing these digital identities from the needs of individuals and of society. The identity attributes occurring and developing can be categorised according to their sensitiveness and the security requirements individuals have regarding them. We give an analysis of the sensitivity of identities and their attributes w.r.t. privacy and security both from a legal and individual's perspective. This leads to how systems for identity management throughout one's whole life should be designed using the building blocks derived. © 2008 Elsevier Ltd. All rights reserved.

引用

页码：83 / 94

页数：11

共 22 条

[1]

Art. 29 Working Party, Working document 1/2008 on the protection of children's personal data (General guidelines and the special case of schools), 00483/08/EN, WP 147, (2008)

[2]

D3.1: structured overview on prototypes and concepts of identity management systems, Deliverable 3.1 in the network of excellence FIDIS - future of identity in the information society, (2005)

[3]

Borcea-Pfitzmann K., Hansen M., Liesebach K., Pfitzmann A., Steinbrecher S., What user-controlled identity management should learn from communities, Information security technical report, 11, (2006)

[4]

Buchmann J., May A., Vollmer U., Perspectives for cryptographic long-term security, Communications of the ACM, 49, (2006)

[5]

Camenisch J., Lysyanskaya A., Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation, Research report RZ 3295 (# 93341), (2000)

[6]

Casassa Mont M., Pearson S., Bramhall P., Towards accountable management of identity and privacy: sticky policies and enforceable tracing services, HPL-2003-49, (2003)

[7]

Chaum D., Untraceable electronic mail, return addresses, and digital pseudonyms, Communications of the ACM, 24, (1981)

[8]

Chaum D., Security without identification: transaction systems to make big brother obsolete, Communications of the ACM, 28, (1985)

[9]

Chaum D., van Heyst E., Group signatures, Advances in cryptology - EUROCRYPT '91, 547, (1991)

[10]

Chor B., Kushilevitz E., Goldreich O., Sudan M., Private information retrieval, Journal of the ACM, 45, 6, pp. 965-981, (1998)

← 1 2 3 →