Top

Published in:

2014 | OriginalPaper | Chapter

3. Digital Identity Management

Author : Ghazi Ben Ayed

Published in: Architecting User-Centric Privacy-as-a-Set-of-Services

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

In this chapter, we present a literature review on the definitions of Digital Identity Management (DigIdM), various origins of identity silos, and digital identity management technical models. We provide also a comparison between digital identity management technical models and then we explain the basics of a new technical approach that is based on global Web digital identity management. We highlight the contributions of user-centric digital identity management. Finally, we explain a metadata-based approach to make digital identity less visible in order to give users more control on persistent digital identity.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Digital Identity

next chapter Privacy and Digital Identity

http://www.idcommons.net

P.J. Windley, Digital identity: Unmasking identity management architecture (IMA). O’Reilly Media (2005)

A survey. 01 Informatique magazine (2004)

Organizing Committee of Digital Identity & Privacy (Human Capital & Social Innovation Technology Summit), Call for contribution to managing digital identities for education, employment and business development (2007), Available: http://events.eife-l.org/HCSIT2007/overview/dip/dip2007. Accessed 11 May 2010

International Telecommunication Union—Joint Coordination Activity for Identity Management (JCA-IdM), Scope of identity management, Available: http://www.itu.int/en/ITU-T/jca/idm/Pages/default.aspx. Accessed 11 Feb 2010

S. Vanamali, Identity management framework. Inf. Syst. Control J. 4 (2004)

D.G.W. Birch, The identity vision, in Digital Identity Management: Perspectives on the Technological, Business and Social Implications, ed. by D.G.W. Birch (Gower Publishing Limited, 2007), pp. 3–8

M. Benantar, Access Control Systems: Security, Identity Management and Trust Models (Springer Science + Business Media, 2006)

G. Ben Ayed, Consolidating fragmented identity: Attributes aggregation to secure information systems. IADIS Int. J. Comput. Sci. Inf. Syst. 4, 1–12 (2009)

International Telecommunication Union, Digital Life, ITU Internet Report (2006), Available: http://www.itu.int/osg/spu/publications/digitalife/docs/digital-life-web.pdf. Accessed 21 May 2010

10.

W. Hommel, Using XACML for privacy control in SAML-based identity federations, in 9th IFIP TC-6 TC-11 Conference on Communications and Multimedia Security, Salzburg, Austria (2005), pp. 160–169

11.

S. Slone, Identity management (2004), Available: http://www.opengroup.org/onlinepubs/7699959899/toc.pdf. Accessed 21 May 2010

12.

A. Scorer, Identity directories and databases, in Digital Identity Management: Perspectives on the Technological, Business and Social Implications, ed. by D.G.W. Birch (Gower Publishing Limited, 2007), pp. 41–49

13.

L. McRae, Identity management strategic vision (2005), Available: http://www.stanford.edu/dept/its/vision/identity-management.html. Accessed 4 May 2008

14.

International Telecommunication Union—Focus Group on Identity Management (FG IdM), Report on identity management ecosystem and Lexion (2007)

15.

E. Damiani et al., Managing multiple and dependable identities. IEEE Internet Comput. IEEE Comput. Soc. 29–37 (2003)

16.

D.A. Buell, R. Sandhu, Identity management. IEEE Internet Comput. 26–28 (2003)

17.

M. Small, Business and technical motivation for identity management. Inf Secure Tech R 9, 6–21 (2004)CrossRef

18.

R.R. Panko, Corporate Computer and Network Security, 2nd edn. (Prentice Hall, New Jersey, 2009)

19.

Organization for Economic Co-operation and Development (OECD), At crossroads: Personhood and digital identity in the information society (2008). The working paper series of the OECD directorate for science, technology and industry, Available: http://www.oecd.org/LongAbstract/0,3425,en_2649_34223_40204774_119684_1_1_1,00.html. Accessed 21 May 2010

20.

H. Chivers, Personal Attributes and Privacy: How to ensure that private attributes management is not subverted by data mining (2004), Available: http://sec.cs.kent.ac.uk/cms2004/Program/CMS2004final/p1a2.pdf. Accessed 24 March 2011

21.

M. Hansen, User-controlled identity management: The key to the future of privacy? Int. J. Intellect. Property Manag. 2, 325–344 (2008)

22.

J. Crosby, Challenges and opportunities in identity assurance (2008)

23.

PriceWaterhouseCoopers Thought Leadership Institute, From the white board to the bottom line: The case for pursuing process maturity through business process management (2010), Available: http://download.pwc.com/ie/pubs/from_the_white_board_to_the_bottom_line.pdf. Accessed 18 March 2011

24.

Sxip, Sxip, Available: http://www.sxip.org. Accessed 11 Feb 2010

25.

LID, LID, Available: http://lid.netmesh.org/wiki/Main_Page. Accessed 11 Feb 2010

26.

XDI/XRI, XDI/XRI, Available: http://www.xdi.org/. Accessed 11 Feb 2010

27.

OpenID, OpenID, Available: http://openid.net/. Accessed 11 Feb 2010

28.

Yadis, Yadis, Available: http://yadis.org/wiki/Main_Page. Accessed 11 Feb 2010

29.

Microsoft, Windows CardSpace, Available: http://www.microsoft.com/windows/products/winfamily/cardspace/default.mspx. Accessed 11 Feb 2010

30.

Telecommunication Standardization Sector (ITU-T), Available: http://www.itu.int/ITU-T/. Accessed 11 Feb 2010

31.

The Internet Engineering Task Force (IETF), Available: http://www.ietf.org/. Accessed 11 Feb 2010

32.

Kantara Initiative, Available: http://kantarainitiative.org/. Accessed 11 Feb 2010

33.

Liberty Alliance Project, Available: http://www.projectliberty.org/. Accessed 11 Feb 2010

34.

Shibboleth, Shibboleth Project, Available: http://shibboleth.internet2.edu/. Accessed 14 Feb 2010

35.

Bandit Project, Available: http://www.bandit-project.org/. Accessed 8 May 2008

36.

Higgins Community, Higgins Open Source Identity Framework, Available: http://eclipse.org/higgins/. Accessed 14 Feb 2010

37.

PRIME Community, PRIME—Privacy and identity management for Europe document, Available: https://www.prime-project.eu/. Accessed 14 Feb 2010

38.

International Telecommunication Union—Focus Group on Identity Management (FG IdM), Report on identity management use cases and gap analysis (2008)

39.

R. Oppliger, Microsoft.NET passport and identity management. Inf. Secur. Tech. Rep. 9, 26–34 (2004)CrossRef

40.

K.-K.R. Choo, Issue report on business adoption of microsoft passport. Inf. Manag. Comput. Secur. 14, 218–234 (2006)CrossRef

41.

M. Gardiner, The business value of identity federation (2007), Available: http://whitepaper.techworld.com/authentication/4818/the-business-value-of-identity-federation. Accessed 21 May 2010

42.

J. Hodges et al., Glossary for the OASIS security assertion markup language (SAML) V2.0, OASIS (2005)

43.

J. Hodges, Liberty technical glossary, Liberty Alliance Project (2006)

44.

Center for Democracy & Technology, Privacy Principles for Identity in the Digital Age [Draft for Comment—Version 1.4] (2007), Available: http://www.cdt.org/files/pdfs/20071201_IDPrivacyPrinciples.pdf. Accessed 28 May 2010

45.

B. Pfitzmann, Federated identity-management protocols (Transcript of Discussion). LNCS J. (Springer, 2005), pp. 175–177

46.

N. Klingenstein, Attribute aggregation and federated identity, in Proceedings of the IEEE International Symposium on Applications and the Internet Workshops (2007)

47.

Q. Pham et al., Consistency of user attribute in federated systems. LNCS J. (Springer, 2007)

48.

OASIS, XRI requirements and glossary (2003)

49.

OASIS, Extensible resource identifier (XRI) resolution (2006)

50.

OASIS, An introduction to XRIs (Working Draft) (2005)

51.

XDI, XDI, Available: http://www.xdi.org/. Accessed 21 May 2010

52.

D. Reed et al., The social web: Creating an open social network with XDI. PlanetWork J. (2004)

53.

P. Hoschka, CSCW research at GMD-FIT: From basic groupware to the social Web. ACM SIGGROUP Bull. 19, 5–9 (1998)CrossRef

54.

A.C. Krey, History and the social Web (University of Minnesota Press, 1995)

55.

J. Caroll, J. Murphy, Who am I? I am Me! identity management in a networked world, in Proceedings of the 4th International We-B Conference (2003)

56.

The Dataweb: An introduction to XDI, Available: http://www.oasis-open.org/committees/download.php/6434/wd-xdi-intro-white-paper-2004-04-12.pdf. Accessed 21 May 2010

57.

R. Abhyankar et al., (2008) Improving online security. Sci. Am. Mag. 96–99

58.

S. Kruglinski, The woman who never forgets: Does AJ have the world’s best memory? DISCOVER Mag. (2006), Available: http://discovermagazine.com/2006/jun/j-woman-memory. Accessed 25 Nov 2010

59.

J. Adler, Unable to forget: The remarkable story of a woman who remembers every day of her life. Newsweek Mag. (2008), Available: http://www.newsweek.com/2008/05/10/unable-to-forget.html. Accessed 9 an 2011

60.

V. Mayer-Schönberger, Delete: The virtue of forgetting in the digital age (Princeton University Press, 2009)

61.

J. Fildes, Taking control of your digital ID (2006). Available: http://news.bbc.co.uk/2/hi/technology/6102694.stm. Accessed 22nd May 2010

62.

G. Bell, J. Gemmel, A digital life. Sci. Am. Mag. 58–65 (2007)

63.

K. Cukier, A special report on managing information. The Economist (23 Feb–5 March 2010)

64.

Facebook ‘hack’ releases 100 million user details onto filesharing sites. Inforsecurity USA (2010), Available: http://www.infosecurity-us.com/view/11343/facebook-hack-releases-100-million-user-details-onto-filesharing-sites/. Accessed 30 Nov 2010

65.

M. Fischetti, Scoring your identity: New tactics root out the false use of personal data. Sci. Am. 27–28 (2007)

66.

K. Cukier, New Rules for Big Data: Regulators are having to rethink their brief. The Economist (23rd Feb–5th March 2010), Available: http://www.economist.com/specialreports/displaystory.cfm?story_id=15557487. Accessed 13 May 2010

67.

P. Brown, Privacy in an Age of Terabytes and Terror. Sci. Am. Mag. 46–47 (2008)

68.

A.R. Galloway, E. Thacker, The exploit—A theory of networks (University of Minnesota Press, 2008)

69.

S.L. Garfinkel, Information of the World, UNITE! Sci. Am. Mag. 82–87 (2008)

70.

Delicious, Available: http://www.delicious.com

71.

Diigo, Available: http://www.diigo.com

72.

Technorati, Available: http://technorati.com

73.

G. Ben Ayed, Digital identity metadata scheme: A technical approach to reduce digital identity risks, in International Workshop on Information Security and Risk Management of the 25th IEEE International Conference on Advanced Information Networking and Applications (AINA-2011), Biopolis, Singapore (2011)

74.

G. Ben Ayed, S. Ghernaouti-Hélie, XRD digital identity metadata-based approach to foster collaborations across networked computing ecosystems, in The Third International Conference on Networked Digital Technologies (NDT 2011), Macau, China (2011)

75.

G. Ben Ayed et al., Towards building weak links between persistent digital identity documents: MetaEngine and distance to make identity less visible, in International Conference on Digital Enterprise and Information Systems (DEIS2011), London, UK (2011)

76.

OASIS eXtensible Resource Identifier (XRI) TC, Extensible Resource Descriptor (XRD) Version 1.0 (OASIS Standard) (2010), Available: http://docs.oasis-open.org/xri/xrd/v1.0/xrd-1.0.html. Accessed 8 Dec 2010

77.

E. Hammer-Lahav, XRD document structure (2009), Available: http://hueniverse.com/2009/03/xrd-document-structure/. Accessed 9 Dec (2010)

78.

A. Elabidi et al., Towards hiding federated digital identity: Stop-dissemination mechanism in content-centric networking, in The 4th International Conference on Security of Information and Networks (SIN 2011), Sydney, Australia (2011)

79.

D. Meyer et al., Report from the IAB Workshop on Routing and Addressing (RFC 4984) (2007)

80.

D. Clark et al., Addressing reality: An architectural response to real world demands on the evolving internet, in ACM SIGCOMM Conference—Workshop on future directions in network architecture (FDNA-03), Germany (2003)

81.

M. Handley, A. Greenhalgh, Steps towards a Dos-Resistant internet architecture, in ACM SIGCOMM Conference—Workshop on future directions in network architecture (FDNA-03), USA (2004)

82.

V. Jacobson, If a Clean Slate is the solution what was the problem, in Stanford Clean Slate Seminar (2006)

83.

V. Jacobson et al., Networking named content, in The 5th International Conference on Emerging Networking Experiments and Technologies (ACM CoNEXT ‘09), pp. 1–12 (2009)

84.

Organisation for Economic Co-operation and Development, The role of digital identity management in the internet economy: A primer for policy makers (2009), Available: http://www.oecd.org/dataoecd/55/48/43091476.pdf. Accessed 16 June 2010

Title: Digital Identity Management
Author: Ghazi Ben Ayed
Publisher: Springer International Publishing
Book: Architecting User-Centric Privacy-as-a-Set-of-Services
Print ISBN: 978-3-319-08230-1

Electronic ISBN: 978-3-319-08231-8

Copyright Year: 2014
DOI: https://doi.org/10.1007/978-3-319-08231-8_3

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"