Federated identity management for protecting users from ID theft

Madsen, Paul E.; Koga, Yuzo; Takahashi, Kenji

doi:10.1145/1102486.1102500

Cited by 28 publications

(25 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Section: Interoperability Of E-government Information Systems 31mentioning

confidence: 99%

“…There is a strong technical bias in the research and development of identity management-related concepts. Notions such as digital signatures, authentication, smart cards, identity federation [24], and so forth, require and encompass advanced technical approaches to handle digital identities [7]. Nevertheless, paper-based identifiers for identifying natural persons and legal entities have existed for decades.…”

Section: Identity Identification and Identifiersmentioning

confidence: 99%

“…Recent examples, such as the mass theft of credit card data, are well-known for this [21]. "Federated identity management" solutions in which one system accepts the identity and authentication mechanisms of another are "sometimes criticized as exacerbating the problem of online identity theft" [24].Despite these numerous issues regarding privacy, the collection and processing of person-related data in information systems is indispensable for the efficient deployment of these systems and has undisputed benefits-independent of the sector in which such systems are used. In the following, we focus on the subject of identification and sharing of identity-related data in the area of government information systems.…”

mentioning

confidence: 99%

See 2 more Smart Citations

Interoperability of E-Government Information Systems: Issues of Identification and Data Sharing

Otjacques¹,

Hitzelberger

Feltz³

2007

Journal of Management Information Systems

134

View full text Add to dashboard Cite

Lippmann in Luxembourg. His research themes include information systems modeling, computer-supported cooperative work, human-computer interaction, and information visualization.PATRIK HITZELBERGER is a Scientific Project Manager at the Centre de Recherche Public-Gabriel Lippmann in Luxembourg. His research interests include interoperability of IT systems, one-stop government, and business process modeling for information systems in the public sector. FERNAND FELTZ is a Scientific Director of the Research Department of Informatics,Systems and Collaboration at the Centre de Recherche Public-Gabriel Lippmann in Luxembourg. He is responsible for various R&D projects in the domains of e-government, e-business, computer-supported cooperative work, knowledge management, and virtual organizations.ABSTRACT: In business and government organizations, information systems often handle sensitive data about individuals and other organizations, using various kinds of identifiers. The growing cooperation of organizations results in the need to share and exchange such data. This collection and sharing, however, is affected by privacy concerns, and organizational and technical issues have to be solved and taken into account. This paper describes the results of an exploratory study in the government sector, focusing on the way public organizations manage identity-related data and the sharing of such data, either with other public agencies or with private organizations. Despite significant progress in harmonizing the legal and administrative provisions and technical standards in the European Union, there are still considerable cross-country differences regarding this subject. These differences-together with the growing mobility of goods, persons, and related data within the European Union-cause particular challenges for information systems in digital government in this region. After discussing and defining the key notions and methodology of the study, we present the status quo in 18 out of 25 EU member states and compare it to the results of a prior study by the same network done in 2001. Finally, we draw conclusions about identity management in cross-border contexts. OTJACQUES, HITZELBERGER, AND FELTZKEY WORDS AND PHRASES: data sharing, e-government, identifier, identity management, information sharing, interoperability, interorganizational information systems, privacy.THE COLLECTION, STORAGE, AND MANAGEMENT of data about individuals and enterprises in information systems are routine tasks in virtually all public or private organizations. Businesses, public agencies, and nongovernmental organizations (NGOs) deal with customers, suppliers, employees, partners, and so on, as well as with the data related to these customers, citizens, individuals, or legal entities.The potential of electronic information systems, however, and their opening to the Internet have invoked more and more concerns and questions regarding privacy during the last decades. Hiller and Belanger [13] point out the following issues related to the "online world": fa...

show abstract

Section: Interoperability Of E-government Information Systems 31mentioning

confidence: 99%

Section: Identity Identification and Identifiersmentioning

confidence: 99%

mentioning

confidence: 99%

See 1 more Smart Citation

Interoperability of E-Government Information Systems: Issues of Identification and Data Sharing

Otjacques¹,

Hitzelberger

Feltz³

2007

Journal of Management Information Systems

134

View full text Add to dashboard Cite

show abstract

“…This will enable users to sign in wherever they are and monitoring between the companies will become more effective. The system should consider incorporating a Federated Identity Management (FIDM) model which manages identities across policy and/or application domains in which the identity data is distributed [6,7]. In addition it should ensure that there is proper authentication and authorisation of individuals in order to address points 1, 3 and 5 [5].…”

Section: Suggested Solutions and Conclusionmentioning

confidence: 99%

Identification Now and in the Future: Social Grant Distribution Process in South Africa

Flowerday

Ranga

2007

New Approaches for Security, Privacy and Trust in Complex Environments

View full text Add to dashboard Cite

Abstract. This paper seeks to apply Identity Management (IDM) principles to the social grant distribution process in South Africa, which has been prone to fraud and corruption. It discusses the social grant distribution process and the problems encountered. Suggested solutions to the problems are highlighted and these include moving from an Isolated IDM architecture to either a Federated and/or Centralised IDM architecture.

show abstract

“…Recently, several practical solutions against on-line identity theft have been proposed [2,16]. In this section, we first analyze causes of a successful identity theft.…”

Section: Reducing the Risks Of Identity Theftmentioning

confidence: 99%

Notarized Federated Identity Management for Web Services

Goodrich

Tamassia

Yao

2006

Data and Applications Security XX

View full text Add to dashboard Cite

Abstract. We propose a notarized federated identity management model that supports efficient user authentication when providers are unknown to each other. Our model introduces a notary service, owned by a trusted third-party, to dynamically notarize assertions generated by identity providers. An additional feature of our model is the avoidance of direct communications between identity providers and service providers, which provides improved privacy protection for users. We present an efficient implementation of our notarized federated identity management model based on the Secure Transaction Management System (STMS). We also give a practical solution for mitigating aspects of the identity theft problem and discuss its use in our notarized federated identity management model. The unique feature of our cryptographic solution is that it enables one to proactively prevent the leaking of secret identity information.

show abstract

Federated identity management for protecting users from ID theft

Cited by 28 publications

References 2 publications

Interoperability of E-Government Information Systems: Issues of Identification and Data Sharing

Interoperability of E-Government Information Systems: Issues of Identification and Data Sharing

Identification Now and in the Future: Social Grant Distribution Process in South Africa

Notarized Federated Identity Management for Web Services

Contact Info

Product

Resources

About