research-article

Towards standardizing trusted evidence of identity

Authors:

Christoph Busch,

Julien Bringer,

Willem Ronald Belser,

Edward Springmann,

Magnar AukrustAuthors Info & Claims

DIM '13: Proceedings of the 2013 ACM workshop on Digital identity management

Pages 63 - 72

https://doi.org/10.1145/2517881.2517890

Published: 08 November 2013 Publication History

Abstract

Evidence of identity (EOI), sometimes mentioned as breeder documents in a physical representation form, refers to a single or a set of evidence that can be used to provide confidence to the claimed identity. Trust of evidence of identity needs prudential assessment by an authority or a service provider before such evidence of identity can be accepted for identity verification or eligibility evaluation purposes. This is especially the case when such purposes have a high risk of cost, security, and other critical consequences. In this paper we analyze the status of deployed EOIs in the scope of ePassport issuance; and then attempt to define the implementation types, fraud scenarios, security objectives, and trust levels for EOIs, which have not been clearly defined in existing research and standardization societies. As a pilot survey work in this field, recommendations from policy and technology perspectives towards a highly-trusted EOI framework for standardization are shaped towards future ePassport issuance standardization and practice. Finally, a new design of birth certificate, compliant to the proposed recommendations, is presented as an example of trusted EOI.

References

[1]

ICAO Machine Readable Travel Documents Programme, http://www.icao.int/Security/mrtd/Pages/default.aspx

[2]

International Civil Aviation Organization (ICAO), http://www.icao.int

[3]

Document 9303, http://www.icao.int/Security/mrtd/Pages/Document9303.aspx

[4]

ICAO: Specifications for Electronically Enabled Passports with Biometric Identification Capability. Document 9303, 1(2), (2006)

[5]

Extened Access Control, http://en.wikipedia.org/wiki/Extended_access_control

[6]

BBC news.: Puerto Rico Targets ID Fraud with New Birth Certificates, http://www.bbc.co.uk/news/10444151, (2010)

[7]

Fikk 180.000 i måneden i barnetrygd (Got 180,000 a month in child support), http://www.dagbladet.no/nyheter/2008/04/17/532774.html

[8]

Report: German Passport Tied to Dubai Hit Wasn't Forged, http://www.haaretz.com/news/report-german-passport-tied-to-dubai-hit-wasn-t-forged-1.266022

[9]

Illegal Immigrant Stole Briton's Passport and Masqueraded as Her for Seven Years to Get a Job, Home and Husband, http://www.dailymail.co.uk/news/article-1311526/Illegal-immigrant-stole-Brits-passport-masqueraded-SEVEN-years-job-home-husband.html

[10]

NTWG.: Towards Better Practice in National Identity Management - Guidance for Passport Issuing Authorities and National Civil Registration. ICAO, (2009)

[11]

NTWG.: Towards Better Practice in National Identity Management - Guidance for Passport Issuing Authorities and National Civil Registration. ICAO, (2011)

[12]

International Commission on Civil Status, www.ciec1.org

[13]

Information technology - Security techniques - A Framework for Identity Management -- Part 1: Terminology and Concepts (International Standard), ISO/IEC JTC1 24760, (2011)

[14]

Operational and Technical Security of Electronic Passports. Frontex, Warsaw, (2011) http://www.frontex.europa.eu/assets/Publications/Research/Operational_and_Technical_Security_of_Electronic_Pasports.pdf

[15]

ICBWG.: Guide for Assessing Security of Handling and Issuance of Trave Documents. ICAO, December, (2009)

[16]

Bill & Melinda Gates Foundation.: Testing Infant Footprints for Biometric Identification Purpose. (2011) http://www.gatesfoundation.org/Grants-2011/Pages/RMIT-University-OPP1046031.aspx.

[17]

Weyrich, T.; Finkelstein, A.; Heninger, N.; Halderman, J.; Felten, E. Fingerprinting Blank Paper Using Commodity Scanners. In: 30th IEEE Symposium on Security and Privacy, (2009)

Digital Library

[18]

Information technology - Security techniques - Biometric Information Protection (International Standard), ISO/IEC JTC1 24745, (2011)

[19]

Article 29 Data Protection Working Party, Opinion 3/2011 on Developments in Biometric Technologies, WP193, 27 April 2012, 34 p.

[20]

EDPS, Opinion 1.02.2011 on a research project funded by the European Union under the 7th Framework Programme (FP 7) for Research and Technology Development (Turbine (TrUsted Revocable Biometric IdeNtitiEs), 13 p., available at http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2011/11-02-01_FP7_EN.pdf

[21]

European Commission, Proposal for a Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), COM(2012) 11 final, 25.1.2012, 118 p.; see also European Commission, Proposal for a Directive of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data, COM(2012) 10 final, 25.1.2012, 54 p.

[22]

See, e.g.e.g., Conseil d'Etat, N° 317827, 317952, 318013, 318051, 26 October 2011; but see also Cons. const. n°2012--652, 22 March 2012 (Loi protection de l'identité).

[23]

ICAO, Passports with Machine Readable Data Stored in Optical Character Recognition Format, Document 9303, 1(1), (2006)

[24]

ICAO, MRtds with Machine Readable Data Stored in Optical Character Recognition Format Ver.3, Document 9303, 3(1), (2008)

[25]

Juels, A.; Wattenberg, M.: A Fuzzy Commitment Scheme. 6th ACM Conf. on Computer and Communications Security, 28--36, (1999)

Digital Library

[26]

Yang, B.; Hartung, D.; Simoens, K.; Busch, C.: Dynamic Random Projection for Biometric Template Protection. Proc of the 4th IEEE Int Conf on Biometrics: Theory, applications and systems (BTAS'10), 1--7, (2010)

[27]

Teoh, A. B. J.; Goh, A.; Ngo, D. C. L.: Random Multispace Quantisation as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs. IEEE Trans. Pattern Anal. Mach. Intell. 28(12), 1892--1901, (2006)

Digital Library

[28]

Ratha, N. K.; Chikkerur, S.; Connell, J. H.; and Bolle, R. M.: Generating Cancelable Fingerprint Templates. IEEE Transactions on Pattern Analysis and Machine Intelligence, 29(4), 561--572, (2007)

Digital Library

[29]

Venkatesan, R.; Koon, S.M.; Jakubowski, M. H.; Moulin P.: Robust Image Hashing. Proc. IEEE Int. Conf. on. Image Processing, (2000)

[30]

ICCS - International Commission on Civil Status, ICCS Convention No. 1, Convention on the issue of certain extracts from civil status records for use abroad, signed 27th September 1956, Paris, http://www.ciec1.org/

Cited By

Yanushkevich SStoica AShmerko PHowells WCrockett KGuest R(2020)Cognitive Identity Management: Synthetic Data, Risk and Trust2020 International Joint Conference on Neural Networks (IJCNN)10.1109/IJCNN48605.2020.9207385(1-8)Online publication date: Jul-2020
https://doi.org/10.1109/IJCNN48605.2020.9207385
Lai KOliveira HHou MYanushkevich SShmerko V(2020)Risk, Trust, and Bias: Causal Regulators of Biometric-Enabled Decision SupportIEEE Access10.1109/ACCESS.2020.30158558(148779-148792)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.3015855
Toftegaard OYang B(2018)Towards an Operable Evaluation System for Evidence of Identity2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC)10.1109/COMPSAC.2018.10296(565-570)Online publication date: Jul-2018
https://doi.org/10.1109/COMPSAC.2018.10296
Show More Cited By

Index Terms

Towards standardizing trusted evidence of identity
1. Security and privacy
  1. Security services
    1. Authentication

Recommendations

Public Acceptance of Advanced Identity Documents
ICEGOV '18: Proceedings of the 11th International Conference on Theory and Practice of Electronic Governance

Improving the security of identities is currently high on the political agenda. Technological developments have made it possible to integrate advanced biometric features such as facial information, fingerprints, and iris scans directly into identity ...
Identity Management

The Identity Solutions Symposium held in Jonesboro, Arkansas, 21 to 22 February, 2007 brought together academic, industry, and government experts working on radio frequency identification (RFID), biometrics, sensors, animal identification, identity ...
Federated identity management for protecting users from ID theft
DIM '05: Proceedings of the 2005 workshop on Digital identity management

Federated identity management is sometimes criticized as exacerbating the problem of online identity theft, based as it is on the idea of connecting together previously separate islands of identity information. This paper explores this conjecture, and ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

DIM '13: Proceedings of the 2013 ACM workshop on Digital identity management

November 2013

114 pages

ISBN:9781450324939

DOI:10.1145/2517881

General Chairs:
Thomas Groß
Newcastle University, UK
,
Marit Hansen
Unabhängiges Landeszentrum für Datenschutz (ULD), Germany

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 November 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'13

Sponsor:

SIGSAC

CCS'13: 2013 ACM SIGSAC Conference on Computer and Communications Security

November 8, 2013

Berlin, Germany

Acceptance Rates

DIM '13 Paper Acceptance Rate 8 of 18 submissions, 44%;

Overall Acceptance Rate 16 of 34 submissions, 47%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
242
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)2

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Yanushkevich SStoica AShmerko PHowells WCrockett KGuest R(2020)Cognitive Identity Management: Synthetic Data, Risk and Trust2020 International Joint Conference on Neural Networks (IJCNN)10.1109/IJCNN48605.2020.9207385(1-8)Online publication date: Jul-2020
https://doi.org/10.1109/IJCNN48605.2020.9207385
Lai KOliveira HHou MYanushkevich SShmerko V(2020)Risk, Trust, and Bias: Causal Regulators of Biometric-Enabled Decision SupportIEEE Access10.1109/ACCESS.2020.30158558(148779-148792)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.3015855
Toftegaard OYang B(2018)Towards an Operable Evaluation System for Evidence of Identity2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC)10.1109/COMPSAC.2018.10296(565-570)Online publication date: Jul-2018
https://doi.org/10.1109/COMPSAC.2018.10296
Kirci MBabmir F(2017)A digest-based method for efficiency improvement of security in biometrical cryptography authentication2017 International Symposium on Computer Science and Software Engineering Conference (CSSE)10.1109/CSICSSE.2017.8320113(30-35)Online publication date: Oct-2017
https://doi.org/10.1109/CSICSSE.2017.8320113
Toli CPreneel B(2015)A Survey on Multimodal Biometrics and the Protection of Their TemplatesPrivacy and Identity Management for the Future Internet in the Age of Globalisation10.1007/978-3-319-18621-4_12(169-184)Online publication date: 10-May-2015
https://doi.org/10.1007/978-3-319-18621-4_12

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten