nach oben

Mobile Networks and Applications

Erschienen in:

01.08.2011

A Privacy-Considerate Framework for Identity Management in Mobile Services

verfasst von: José M. del Álamo, Antonio M. Fernández, Rubén Trapero, Juan C. Yelmo, Miguel A. Monjas

Erschienen in: Mobile Networks and Applications | Ausgabe 4/2011

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The subscribers’ personal information and services that mobile operators are able to provide to Web developers offer new and exciting possibilities in numerous domains. However, bringing mobile information services to the Web to enable a new generation of mobile Web services presents several research challenges on identity and privacy management. In this paper, we describe a framework for identity management in mobile services that empowers users to govern the use and release of their personal information. Our framework is based on a brokering approach that intermediates between the mobile operator’s information services and the Web service providers. By leveraging on Web services, identity management infrastructure and privacy enhancing technologies, our framework provides an effective, privacy-considerate delivery of services over the mobile Web environment. This paper describes the design principles and architecture of the framework as well as the feasibility, applicability and user-experience evaluation we have carried out.

Vorheriger Artikel A Simplified Internet Routing Architecture

Nächster Artikel An Automatic Presence Service for Low Duty-Cycled Mobile Sensor Networks

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

Jetzt informieren

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

Jetzt informieren

http://www.openimscore.org

https://opensso.dev.java.net/

http://bandit-project.org

http://code.google.com/p/openid-server/

http://code.google.com/android/

http://sunxacml.sourceforge.net/

3rd Generation Partnership Project (2004) 3GPP TR 23 941, Generic User Profile (GUP), version 6.0.0.. http://www.3gpp.org/ftp/specs/html-info/23941.htm. Accessed 25 May 2011.

3rd Generation Partnership Project (2004) 3GPP TR 33.919, Generic Authentication Architecture (GAA); System description. http://www.3gpp.org/ftp/Specs/html-info/33919.htm. Accessed 25 May 2011.

3rd Generation Partnership Project (2006) 3GPP TR 33.980, Liberty Alliance and 3GPP security interworking; Interworking of Liberty Alliance Identity Federation Framework (ID-FF), Identity Web Services Framework (ID-WSF) and Generic Authentication Architecture (GAA). http://www.3gpp.org/ftp/Specs/html-info/33980.htm. Accessed 25 May 2011.

3rd Generation Partnership Project (2004) 3GPP TS 33.220, Generic Authentication Architecture (GAA); Generic bootstrapping architecture. http://www.3gpp.org/ftp/Specs/html-info/33220.htm. Accessed 25 May 2011.

Aars R, et al. (Editors) (2003) Liberty architecture framework for supporting privacy preference expression languages (PPELs). Version 1.0, Liberty Alliance.

Ahn GJ, Ko M (2007) User-centric privacy management for federated identity management. International Conference on Collaborative Computing: Networking, Applications and Worksharing, pp 187–195.

Working Party on Police and Justice (2009) Article 29 of the data protection working party, the future of privacy—joint contribution to the consultation of the European Commission on the legal framework for the fundamental right to protection of personal data, 02356/09/EN

Bessler S, Jons O (2005) A privacy enhanced service architecture for mobile users. PerCom Workshops, pp 125–129

Bhargav-Spantzely A, Camenisch J, Gross T, Sommer D (2007) User centricity: a taxonomy and open issues. ACM Workshop on Digital Identity Management, IOS Press, pp 493–527

10.

Cadenas A, Sanchez-Esguevillas A, Carro B (2010) Building context-aware telco operator services based on web services technologies. In: Sheng Q, Yu J, Dustdar S (eds) Enabling context-aware web services: methods, architectures, and technologies. Chapman and Hall/CRC, Boca Ratón, pp 139–169CrossRef

11.

Camarillo G, García-Martín MA (2006) The 3G IP multimedia subsystem (IMS): Merging the internet and the cellular worlds, 2nd edn. Wiley, Chichester

12.

Cantor S, et al. (2005). Assertions and protocols for the OASIS Security Assertion Markup Language (SAML). Standard v2.0, OASIS Standard. http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf. Accessed 25 May 2011

13.

del Álamo JM, Monjas MA, Yelmo JC, San Miguel B, Trapero R, Fernández AM (2010) Self-service privacy: user-centric privacy for network-centric identity. International Conference on Trust Management (IFIPTM), pp 17–31

14.

Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data

15.

El Maliki T, Seigneur J-M (2007) User-centric mobile identity management services. SECURWARE International Conference, IARIA.

16.

ETSI Standard ES 202 391-1, Open Service Access (OSA) (2006) Parlay X web services; Part 1: Common (Parlay X 2), version 1.2.1

17.

Goix LW, Lamorte L, Falcarin P, Baladrón C, Yu J, Ordás I, Martínez A, Trapero R, JM Del Álamo, Stecca M (2010) Leveraging context-awareness for personalization in a user generated services platform. In: Sheng Q, Yu J, Dustdar S (eds) Enabling context-aware web services: methods, architectures, and technologies. Chapman and Hall/CRC, Boca Ratón

18.

GSMA’s OneAPI project portal. http://www.gsmworld.com/oneapi.Accessed November 2010.

19.

Higgins Web Site: http://www.eclipse.org/higgins/. Accessed November 2010.

20.

InfoCard Web Site: http://informationcard.net/. Accessed November 2010.

21.

Jorstad I, Van Thuan D, Jonvik T, Van Thanh D (2007) Bridging cardspace and liberty alliance with SIM authentication. ICIN

22.

Jorstad, I., Van Thuan, D., Jonvik, T., Van Thanh, D. (2008). Utilising Emerging Identity Management Frameworks in IMS. ICIN.

23.

Kantara Project Web Site: http://kantarainitiative.org/. Accessed November 2010

24.

Liberty Alliance Web Site: http://projectliberty.org. Accessed November 2010

25.

Liberty IGF Privacy Constraints Specification. http://projectliberty.org/liberty/content/download/4323/28921/file/draft-liberty-igf-privacy-constraints-v1.0-04.pdf. Accessed March 2011

26.

Light-Weight Identity Web Site: http://lid.netmesh.org. Accessed November 2010

27.

Madsen P, Cassasa M, Wilton R (2006) A privacy policy framework. W3C Workshop of Privacy Policy Negotiation.

28.

Microsoft Cardspace Web Site: http://windows.microsoft.com/en-us/windows-vista/Windows-CardSpace. Accessed November 2010

29.

Moses T (Ed.) (2005) Extensible Access Control Markup Language (XACML), Version 2.0. OASIS Standard, OASIS eXtensible Access Control Markup Language (XACML) TC

30.

Nie P, et al. (2009) Flexible single sign-on for SIP: bridging the identity chasm. 2009 IEEE International Conference on Communications

31.

Nilsson M, et al. (2001) Privacy enhancements in the mobile internet. IFIP WG 9.6/11.7 Working Conf. on Security and Control of IT in Society.

32.

Open Mobile Alliance Website. http://www.openmobilealliance.org/. Accessed November 2010

33.

OpenID Web Site. http://openid.net/. Accessed November 2010.

34.

Organisation for Economic Cooperation and Development—Recommendation of the Council Concerning Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, 23 September 1980.

35.

Privacy 2.0: Give a little, take a little, The Economist. http://www.economist.com/node/15350984?story_id=15350984. Accessed 28 January 2010

36.

Sheng QZ, Yu J, JM Del Álamo, Falcarin P (2009) Personalized service creation and provision for the mobile web. In: King I, Baeza-Yates R (eds) Weaving services, location, and people on the WWW. Springer, Berlin, pp 99–121CrossRef

37.

Titkov L, Poslad S, Jim Tan J (2006) An integrated approach to user-centered privacy for mobile information services. Appl Artif Intell. doi:10.1080/08839510500484181

38.

The Friend Of a Friend (FOAF) Project Web Site. http://www.foaf-project.org/. Accessed November 2010

39.

W3C: Composite Capability/Preference Profiles (CC/PP): Structure and Vocabularies 1.0: World Wide Web consortium site, http://www.w3.org/TR/CCPP-struct-vocab. Accessed 25 May 2011

40.

Windley P (2005) Digital identity. O’Really Media, Sebastopol

41.

Wireless Application Forum (2008) Wireless application protocol user agent profile specification. http://www.openmobilealliance.org/tech/affiliates/wap/wap-248-uaprof-20011020-a.pdf. Accessed 25 May 2011.

42.

Yavatkar R, Pendarakis D, Guerin R (2000) A framework for policy-based admission control, IETF RFC, p 2753

43.

Yelmo JC, Trapero R, Del Álamo JM (2009) Identity management and web services as service ecosystem drivers in converged networks. IEEE Comm Mag 47(3):174–180CrossRef

44.

Yum P (2010) LTE Update. IEEE Comm Mag 48(2):78CrossRef

Titel: A Privacy-Considerate Framework for Identity Management in Mobile Services
verfasst von: José M. del Álamo
Antonio M. Fernández
Rubén Trapero
Juan C. Yelmo
Miguel A. Monjas
Publikationsdatum: 01.08.2011
Verlag: Springer US
Erschienen in: Mobile Networks and Applications / Ausgabe 4/2011
Print ISSN: 1383-469X
Elektronische ISSN: 1572-8153
DOI: https://doi.org/10.1007/s11036-011-0325-3

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Frank Urbansky/© Peter Eichler / Leipzig, CO2-Fußabdruck/© Jenny Sturm / stock.adobe.com, Interview Entropie Bild 1/© Bernhard Weßling, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelektronik

ATZelectronics worldwide

Weitere Artikel der Ausgabe 4/2011

Optimum Selection of Access Networks Within Heterogeneous Wireless Environments Based on Linear Programming Techniques

Enhancing a Fuzzy Logic Inference Engine through Machine Learning for a Self- Managed Network

A Simplified Internet Routing Architecture

Mobility and Network Management in Heterogeneous Networks

An Autonomic QoS-centric Architecture for Integrated Heterogeneous Wireless Networks

An Automatic Presence Service for Low Duty-Cycled Mobile Sensor Networks

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.