Issue I

Feb Cover 2010

Identity and Privacy Management

Volume: 2010, Issue No. 1

Date: February 2010

Guest Editors: Javier Lopez-Muñoz, Miguel Soriano-Ibañez and Fabio Martinelli

Contents: Download the full issue here

Download: Monograph | UPgrade European NETwork | CEPIS News



Digital Identity and Identity Management Technologies

There are many technologies for identity management available in the form of open specifications, open source tools and commercial applications. There are currently several standards competing in the field of identity management. In the beginning SAML (Security Assertion Markup Language) was the only viable choice with a high enough acceptance level. Recently, another technology called WS-Federation has also gained some attention from the community. Although this technology is not as mature as SAML, its modular design gives it some advantages over SAML. In this article we mainly focus on WS-Federation and the family of specifications that surround it. Download

SWIFT: Advanced Services for Identity Management

Traditional solutions for identity management, based on the end user authentication, usually by means of credentials such as username and password, have significantly improved in recent years with the incorporation of SSO (Single Sign-On) mechanisms and the concept of identity federations. However, both providers and end users are demanding additional services not yet available in current solutions. These additional advanced services such as anonymity, authorization based on end user attributes and cross-layer SSO would improve the usability and security of these systems. The SWIFT (Secure Widespread Identities for Federated Telecommunications) project aims to offer an identity management framework in which all these advanced topics can work together. Download

A Privacy Preserving Attribute Aggregation Model for Federated Identity Managements

In order to support attribute based access control (ABAC) in federated identity management most existing solutions, such as Shibboleth and Cardspace, utilise a model in which a single identity provider (IdP) is used to both authenticate the user and provide a set of attribute assertions or claims to the service provider (SP) for authorisation. Since most real world IdPs typically only issue one or very few attributes to users and all users have multiple IdPs, this model has a significant limitation. Users are only able to use one or very few of their attributes to access a service. One solution is to aggregate attributes from multiple IdPs before accessing a service. In this paper we discuss some of the existing attribute aggregation models before introducing our own Linking Service model and its associated protocol mappings. Download

Anonymity in the Service of Attackers

Since the inception of malware, the primary objective of its authors has been to either hide or camouflage their identities and locations in the Internet. To do this, attackers use traditional techniques based on the manipulation of TCP/IP elements as well as the most modern attack methods conceived to provide anonymity in the Internet. In this respect, the growing body of research into improving network anonymity intended to protect well-behaved users against malicious users has actually benefited the attackers. In this article, we describe the aforementioned techniques, i.e. those based on traditional concepts and those that apply recent mechanisms used by attackers in order to protect their identity. We also discuss the need to provide anonymity to Internet users without creating new vulnerabilities that open the door to dishonest intentions. Download

The Importance of Context-Dependent Privacy Requirements and Perceptions to the Design of Privacy-Aware Systems

The issue of information privacy protection is ensured nowadays by European and national legislation. However, it is not possible to protect information system user privacy adequately without establishing privacy requirements and employing an appropriate privacy assessment process that can identify the required privacy level and the possible countermeasures for achieving it. In this paper we draw upon security management tasks in order to highlight the gaps that need to be explored regarding privacy management, so as to be able to justifiably select the privacy enhancing technologies that fit a system’s privacy requirements. Download

Privacy…Three Agents Protection

Web 2.0 and its manifestations have given rise to an increase in the number of content providers. Now it is the individuals themselves who prepare and publish content. The implementation of e-Government procedures requires the fluid exchange of information between parties, although it is not always easy to know beforehand who will participate in such procedures. Privacy protection laws were prepared in a different environment. They are now under review to adapt them to the new scenarios. Within the current framework, government and organizations are the two agents involved in the protection of individuals. Due to changes in the use of the Internet and networks, it has become necessary to include a third agent: the individual. Thus, individuals should play a more active role in effective privacy protection. Download

Enforcing Private Policy via Security-by-Contract

This work aims to investigate how the Security-by-Contract (SxC) paradigm, developed for providing security assurances to mobile applications, can be used for guaranteeing the security of communicating systems composed by several, heterogeneous components. These components need to communicate with each other by establishing direct, point-to-point connections. Direct connections can involve components sharing no common communication protocols and need a suitable interface. Enablers are in charge of providing these communication interfaces. Each component has a local security policy composing a public and a private part. When a communication between two components has to be established, each component asks the enabler to provide a communication interface that respects its public policy. We exploit the Security-by-Contract approach for assuring that the application implementing the communication interface is always safe, i.e. it satisfies the security policies set by components. Moreover, we present an extension of the Security-by-Contract for dealing with trust. Trust management is useful when one of the involved actors is considered to be potentially untrusted and the others want to measure its trust level. Download

How Do We Measure Privacy?

We survey the state of the art on the metrics of privacy in perturbative methods for statistical disclosure control. While the focus is on data microaggregation, these methods also address a wide variety of alternative applications such as obfuscation in location-based services. More specifically, we examine k-anonymity and some of its enhancements. Motivated by the vulnerability of these measures to similarity and skewness attacks, we compare three recent criteria for privacy based on information-theoretic concepts that attempt to circumvent this vulnerability. Download

Privacy and Anonymity Management in Electronic Voting

Security issues have to be considered when an electoral process is done electronically. Among them, one of the most important is voter privacy. Voter privacy is a requirement which is difficult to fulfil because this privacy requirement conflicts with other election accuracy requirements such as ensuring that all votes have been submitted by eligible voters. Methods that allow preserving election accuracy while preserving voter privacy are described in this article. Download

Digital Identity and Privacy in Some New-Generation Information and Communication Technologies

The use of the new information and communication technologies (ICT) has led to significant changes in the daily development of the information society. Although most of those changes tend to improve our lives, ICT can endanger some of our fundamental rights. In this article, we describe the threats related to the identity of ICT users and we summarize the countermeasures that can be applied in three especially important areas: Internet search engines, vehicular networks and location-based services. Download

Authentication and Privacy in Vehicular Networks

Vehicular ad-hoc networks (VANETs) are composed mainly by vehicles. These communication networks allow data interchanging. In this way, more and better information is provided to drivers, thus achieving a better road safety. Information security is critical in the scenarios, as human lives are at stake. Particularly, spreading false data should be prosecuted, so sender identification and authentication is needed. However, it could allow vehicle tracking. In this way, privacy protection must also be achieved. In this work, mechanisms to fulfil this authentication-privacy compromise are analyzed. Download