ABSTRACT
There exist disparate sets of definitions with different semantics on different topics of Identity Management which often lead to misunderstanding. A few efforts can be found compiling several related vocabularies into a single place to build up a set of definitions based on a common semantic. However, these efforts are not comprehensive and are only textual in nature. In essence, a mathematical model of identity and identity management covering all its aspects is still missing. In this paper we build up a mathematical model of different core topics covering a wide range of vocabularies related to Identity Management. At first we build up a mathematical model of Digital Identity. Then we use the model to analyse different aspects of Identity Management. Finally, we discuss three applications to illustrate the applicability of our approach. Being based on mathematical foundations, the approach can be used to build up a solid understanding on different topics of Identity Management.
- G. Alpár, J.-H. Hoepman, and J. Siljee. The Identity Crisis. Security, Privacy and Usability Issues in Identity Management. CoRR, abs/1101.0427, 2011.Google Scholar
- K. Cameron. The Laws of Identity. 14th May, 2005. http://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf.Google Scholar
- J. Camp. Digital identity. Technology and Society Magazine, IEEE, 23(3):34--41, 2004.Google ScholarCross Ref
- D. Chadwick. Federated Identity Management. In FOSAD'08/09, volume 5705 of LNCS, pages 96--120, Springer, 2009. Google ScholarDigital Library
- D. Chadwick, G. Inman, K. Siu, and Md. S. Ferdous. Leveraging social networks to gain access to organisational resources. In DIM'11, pages 43--52, 2011 Google ScholarDigital Library
- D. Chadwick and G. Inman. Attribute aggregation in federated identity management. Computer, 42(5):33--40, 2009. Google ScholarDigital Library
- Md. S. Ferdous, Audun Jøsang, K. Singh, and R. Borgaonkar. Security Usability of Petname Systems. In NordSec'09, volume 5838 of LNCS, pages 44--59, Springer, 2009. Google ScholarDigital Library
- D. Ferraiolo and R. Kuhn. Role-Based Access Control. In In 15th NIST-NCSC National Computer Security Conference, pages 554--563, 1992.Google Scholar
- T. Gibson-Robinson, P. Armstrong, A. Boulgakov, and A. Roscoe. FDR3 - A Modern Refinement Checker for CSP. In TACAS'14, volume 8413 of LNCS, pages 187--201, Springer, 2014.Google Scholar
- U. Glasser and M. Vajihollahi. Identity management architecture. In ISI'08, pages 137--144, 2008.Google ScholarCross Ref
- Identity Fraud Report: Data Breaches Becoming a Treasure Trove for Fraudsters. 2013.Google Scholar
- Identity Theft and Assumption Deterrence Act of 1998: Title 18 USC 1028. Accessed 1 April, 2014, 1998. http://www.ckfraud.org/title_18.html.Google Scholar
- D.-O. Jaquet-Chiffelle, E. Benoist, R. Haenni, F. Wenger, and Harald Zwingelberg. Virtual Persons and Identities. In FIDIS'09, pages 75--122, 2009.Google Scholar
- A. Jøsang, M. Al, and Z. Suriadi. Usability and privacy in identity management architectures. In ACSW'07, pages 143--152, 2007. Google ScholarDigital Library
- A. Jøsang and S. Pope. User Centric Identity Management. In AusCERT'05, pages 77--89, 2005.Google Scholar
- B.-J. Koops and R. Leenes. Identity theft, identity fraud and/or identity-related crime. Datenschutz und Datensicherheit-DuD, 30(9):553--556, 2006.Google ScholarCross Ref
- T. El Maliki and J.-M. Seigneur. User-centric Mobile Identity Management Services. Management, pages 33--76, 2008.Google Scholar
- N. Mitchison, M. Wilikens, L. Breitbach, R. Urry, and S. Portesi. Identity Theft - A Discussion Paper. Technical report, 2004.Google Scholar
- Modinis - Common Terminological Framework for Interoperable Electronic Identity Management. Accessed 28th June, 2011. https://www.cosic.esat.kuleuven.be/modinis-idm/twiki/bin/view.cgi/Main/GlossaryDoc.Google Scholar
- OAuth 2.0. http://oauth.net/2.Google Scholar
- OpenID Authentication 2.0 - Final. 5 December, 2007. http://openid.net/specs/openid-authentication-2_0.html.Google Scholar
- A. Pfitzmann and M. Hansen. A terminology for talking about privacy by data minimization:Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management. V0.34, August 10 2010. http://dud.inf.tu-dresden.de/literatur/Anon_Terminology_v0.34.pdf.Google Scholar
- A. Roscoe. The theory and practice of concurrency. Prentice Hall, 1998. Google ScholarDigital Library
- G. Roussos, D. Peterson, and UY. Patel. Mobile Identity Management: An Enacted View. INT. JOUR. E-COMMERCE, VOL, 8:81--100, 2003. Google ScholarDigital Library
- Shibboleth. http://shibboleth.internet2.edu/.Google Scholar
- J. Spivey and J. Abrial. The Z notation. Prentice Hall Hemel Hempstead, 1992. Google ScholarDigital Library
- OASIS Standard. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0. 15 March, 2005. http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf.Google Scholar
- Using Access Control Lists (ACLs). http://www.hp.com/rnd/support/manuals/pdf/release_06628_07110/Bk2_Ch3_ACL.pdf.Google Scholar
- M. Veeningen, B. De Weger, and N. Zannone. Modeling identity-related properties and their privacy strength. In FAST'10, pages 126--140, 2011. Google ScholarDigital Library
Recommendations
Identity Management
The Identity Solutions Symposium held in Jonesboro, Arkansas, 21 to 22 February, 2007 brought together academic, industry, and government experts working on radio frequency identification (RFID), biometrics, sensors, animal identification, identity ...
Identity management throughout one's whole life
AbstractIdentity management has to comprise all areas of life throughout one's whole lifetime to gain full advantages, e.g., ease-of-use for all kinds of digital services, authenticity and authorisation, reputation and user-controlled privacy.
...Criteria for Evaluating the Privacy Protection Level of Identity Management Services
SECURWARE '09: Proceedings of the 2009 Third International Conference on Emerging Security Information, Systems and TechnologiesIdentity Management is the one of web services that manages the digital identity and the personally identifiable information of the user who subscribed for various web services in Internet. It was developed to provide user with an easy way to use and ...
Comments