Privacy by Design in Federated Identity Management

Horbe, Rainer; Hötzendorfer, Walter

doi:10.1109/spw.2015.24

Cited by 7 publications

(10 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This is an important inclusion, since concepts of privacy protection have been traditionally absent from UK common law. 24 The DPA does not include all provisions of the EU Data Protection Directive and many passages have been kept purposefully vague. As with many UK policies, it is a principle-based policy, focusing on a goal oriented approach to data protection rather than details on how to achieve it [43]; instead the Act gets supplemented by explanations on practical applications from the Information Commissioner.…”

Section: Eid Policy In the Ukmentioning

confidence: 99%

“…Selective disclosure, which can be viewed as a complimentary principle, refers to the disclosure of only the minimum necessary data for the stated purpose [13,35]. 7 Similarly, storage locations affect the risk of data breaches [24]. Traditionally, eID architectures revolved around a central entity that served as an Identity Provider to multiple Service Providers.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Identity Assurance in the UK: technical implementation and legal implications under eIDAS

Tsakalakis

Stalla-Bourdillon

O’Hara

2017

JWS

View full text Add to dashboard Cite

Gov.UK Verify, the new Electronic Identity (eID) Management system of the UK Government, has been promoted as a state-of-the-art privacy-preserving system, designed around demands for better privacy and control, and is the first eID system in which the government delegates the provision of identity to competing private third parties. Under the EU eIDAS, Member States can allow their citizens to transact with foreign services by notifying their national eID systems. Once a system is notified, all other Member States are obligated to incorporate it into their electronic identification procedures. The paper offers a discussion of Gov.UK Verify's compliance with eIDAS as well as Gov.UK Verify's potential legal equivalence to EU systems under eIDAS as a third-country legal framework after Brexit. To this end it examines the requirements set forth by eIDAS for national eID systems, classifies these requirements in relation to their ratio legis and organises them into five sets. The paper proposes a more thorough framework than the current regime to decide on legal equivalence and attempts a first application in the case of Gov.UK Verify. It then assesses Gov.UK Verify's compliance against the aforementioned set of requirements and the impact of the system's design on privacy and data protection. The article contributes to relevant literature of privacy-preserving eID management by offering policy and technical recommendations for compliance with the new Regulation and an evaluation of interoperability under eIDAS between systems of different architecture. It is also, to our knowledge, the first exploration of the future of eID management in the UK after a potential exit from the European Union.

show abstract

Section: Eid Policy In the Ukmentioning

confidence: 99%

mentioning

confidence: 99%

Identity Assurance in the UK: technical implementation and legal implications under eIDAS

Tsakalakis

Stalla-Bourdillon

O’Hara

2017

JWS

View full text Add to dashboard Cite

show abstract

“…GUMS has a mapping logic that associates VO attributes with a list of grid resources, UNIX user accounts on these resources and location of files. It provides better control and security for access to the site's grid resources 12 . At FNAL, when a job submission is accepted, Jobsub Server sends a mapping request to the Fermilab GUMS Authorization server.…”

Section: Gums: Grid User Management Servicementioning

confidence: 99%

“…As we accept these new Identity Providers into our ecosystem, we will closely examine their operational security practices such as how they operate their Identity Provider systems, how they monitor for incidents and how quickly they can detect credential compromise and notify us. A thorough discussion of risks in trust federations is presented in [12,13] and will be included in our evaluation of new IdPs. Our new model shifts some of the security responsibility beyond Fermilab's control, but the user's home institution has a closer relationship with the user and should be able to detect and respond in the event of an compromise of a user's authentication credentials.…”

Section: Department Of Education Regional Institutional Accreditingmentioning

confidence: 99%

Bringing Federated Identity to Grid Computing

Teheran

Dykstra

Altunay

2016

Proceedings of the 11th Annual Cyber and Information Security Research Conference

View full text Add to dashboard Cite

The Fermi National Accelerator Laboratory (FNAL) is facing the challenge of providing scientific data access and grid submission to scientific collaborations that span the globe but are hosted at FNAL. Users in these collaborations are currently required to register as an FNAL user and obtain FNAL credentials to access grid resources to perform their scientific computations. These requirements burden researchers with managing additional authentication credentials, and put additional load on FNAL for managing user identities. Our design integrates the existing InCommon federated identity infrastructure, CILogon Basic CA, and MyProxy with the FNAL grid submission system to provide secure access for users from diverse experiments and collaborations without requiring each user to have authentication credentials from FNAL. The design automates the handling of certificates so users do not need to manage them manually. Although the initial implementation is for FNAL's grid submission system, the design and the core of the implementation are general and could be applied to other distributed computing systems.

show abstract

“…And trust include privacy with a) Application-level confidentiality and integrity aspects, example, for content that is owned by the relying party or third parties. b) Protection against attacks on components that are not related to identity management [25].…”

Section: General Privacy Policy Requirementsmentioning

confidence: 99%

Future Challenging Issues in Location based Services

KumarTyagi¹,

Sreenath²

2015

IJCA

View full text Add to dashboard Cite

The fast advances of mobile devices and positioning technologies has led to the flourish of Location-Based Services (LBS), in that people want to enjoy wireless services everywhere like in hotels, colleges, etc. LBS, the branch of computer program level services used in various fields and support, the application are broadly classified as Maps and Navigation, Information service, Tracking service, Social networking, Games, Vehicular navigation and Advertising etc. Now a days, LBSs attract millions of mobile users for example include POI finders such as Qype, which help the users to find the next POI such as bars or cinemas, and enrich the provided information. But during this communication, Security and Privacy of personal location information (of LBSs users) is becoming an increasingly important issue for future. So concerning it (privacy) as an important issue, discusses several privacy preserving location issues for vehicular (mobile) users (since knowledge of a vehicle"s location can result in leakage of sensitive information). Location privacy for mobile users is mainly determined into two levels such as internally by a device or externally by systems and kind of networks with which the device interrelates. Users wish to maintain the vehicle"s information is known only to those legally authorized to have access to them and remain unknown to anybody unauthorized. Hence the purpose and contribution of this paper is to discussed about various privacy and challenges issues in LBSs increasing in future that have not been published in the any research journal so far.

show abstract

Privacy by Design in Federated Identity Management

Cited by 7 publications

References 13 publications

Identity Assurance in the UK: technical implementation and legal implications under eIDAS

Identity Assurance in the UK: technical implementation and legal implications under eIDAS

Bringing Federated Identity to Grid Computing

Future Challenging Issues in Location based Services

Contact Info

Product

Resources

About