Trusted Identity for All: Toward Interoperable Trusted Identity Management Systems

Pacyna, Piotr; Rutkowski, Anthony M.; Sarma, Amardeo; Takahashi, Kenji

doi:10.1109/mc.2009.168

Cited by 7 publications

(4 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This article captures various security and privacy issues revolving around the use of biometrics and forensics drawing on the intertwined concepts of "personally identifiable information" (PII) (Narayanan & Shmatikov, 2010) and interoperability (Pacyna, Rutkowski, Sarma, & Takahashi, 2009). The emphasis throughout is on quantitative performance and proper validation for uncontrolled settings, variable demographics, and distributed biometric recognition operations, e.g., expected rates of correct identification and/or rates of misidentification.…”

Section: Discussionmentioning

confidence: 99%

Biometric Security and Privacy Using Smart Identity Management and Interoperability: Validation and Vulnerabilities of Various Techniques

Wechsler

2012

Review of Policy Research

View full text Add to dashboard Cite

The central position of this article is that validation and interoperability are paramount for the effective and ethical use of biometrics. Illuminating the relevance for policymakers of the science underlying the security and privacy aspects of biometrics, this article calls for adequate and enforceable performance metrics that can be independently corroborated. Accordingly, the article considers biometrics and forensics for the dual challenges of addressing security and privacy using smart identity management. The discussion revolves around the concepts of “personally identifiable information” (PII) and interoperability with emphasis on quantitative performance analysis and validation for uncontrolled operational settings, variable demographics, and distributed and federated operations. Validation metrics includes expected rates of identification/misidentification, precision, and recall. The complementary concepts of identity and anonymity are addressed in terms of expected performance, functionality, law and ethics, forensics, and statistical learning. Biometrics encompasses appearance, behavior, and cognitive state or intent. Modes of deployment and performance evaluation for biometrics are detailed, with operational and adversarial challenges for both security and privacy described in terms of trustworthiness, vulnerabilities, functional creep, and feasibility of safeguards. The article underscores how lack of interoperability is mostly due to overfitting and tuning to well‐controlled settings, so that validation merely confirms “teaching to the test” rather than preparation for real‐world deployment. Most important for validation is reproducibility of results including full information on the experimental design used, that forensic exclusion is allowed, and that scientific methods for performance evaluation are followed. The article concludes with expected developments regarding technology use and advancements that bear on security and privacy, including data streams and video, de‐anonymization and reidentification, social media analytics and cyber security, and smart camera networks and surveillance.

show abstract

Section: Discussionmentioning

confidence: 99%

Biometric Security and Privacy Using Smart Identity Management and Interoperability: Validation and Vulnerabilities of Various Techniques

Wechsler

2012

Review of Policy Research

View full text Add to dashboard Cite

show abstract

“…For example, some Blockchain platforms have been modified as Blockchain-based transaction processing systems (TPS) [30] for the preservation of confidentiality. The use of personally identifiable attributes constituting a digital identity is an integral part of service transactions over networks and identity trust is being calling in question [31].…”

Section: Background Study a Personally Identifiable Informationmentioning

confidence: 99%

Burnable Pseudo-Identity: A Non-Binding Anonymous Identity Method for Ethereum

et al. 2021

View full text Add to dashboard Cite

The concept of identity has become one common research topic in security and privacy where the real identity of users must be preserved, usually covered by pseudonym identifiers. With the rise of Blockchain-based systems, identities are becoming even more critical than before, mainly due to the immutability property. In fact, many publicly accessible Blockchain networks like Ethereum rely on pseudonymization as a method for identifying subject actions. Pseudonyms are often employed to maintain anonymity, but true anonymity requires unlinkability. Without this property, any attacker can examine the messages sent by a specific pseudonym and learn new information about the holder of this pseudonym. This use of Blockchain collides with regulations because of the right to be forgotten, and Blockchainbased solutions are ensuring that every data stored within the chain will not be modified. In this paper we define a method and a tool for dealing with digital identities within Blockchain environments that are compliant with regulations. The proposed method provides a way to grant digital pseudo identities unlinked to the real identity. This new method uses the benefits of key derivation systems to ensure a non-binding interaction between users and the information model associated with their identity. The proposed method is demonstated in the Ethereum context and illustrated with a case study.

show abstract

“…Such policies can be specified on any role, entity, action, or resource within the federation. In recently developed architectures (Pacyna et al, 2009;Kellomäki, 2009) it is possible to dynamically define and update such access control policies. Moreover, striving for high flexibility, service federations are pushed to develop access control solutions that are decentralized and application-independent (Pacyna et al, 2009).…”

Section: Introductionmentioning

confidence: 99%

“…In recently developed architectures (Pacyna et al, 2009;Kellomäki, 2009) it is possible to dynamically define and update such access control policies. Moreover, striving for high flexibility, service federations are pushed to develop access control solutions that are decentralized and application-independent (Pacyna et al, 2009). For example, the architectural style of service federations usually keeps the application specific logic and the authorization infrastructure as separated aspects.…”

Section: Introductionmentioning

confidence: 99%

(role)CAST: A FRAMEWORK FOR ON-LINE SERVICE TESTING

Angelis

Bertolino

Polini

2011

Proceedings of the 7th International Conference on Web Information Systems and Technologies

View full text Add to dashboard Cite

Engineering of service-oriented systems is still an immature discipline. Traditional software engineering approaches do not adequately fit development needs arising in this widely adopted paradigm. In particular, because of dynamic service composition, several engineering activities typically performed off-line (i.e., predeployment) have to be carried on also on-line (i.e., during real usage). In this paper, we present a framework called (role)CAST which supports an instantiation of the concept of on-line testing of services, for the purpose of validating their compliance to role-based service access policies.

show abstract

Trusted Identity for All: Toward Interoperable Trusted Identity Management Systems

Cited by 7 publications

References 0 publications

Biometric Security and Privacy Using Smart Identity Management and Interoperability: Validation and Vulnerabilities of Various Techniques

Biometric Security and Privacy Using Smart Identity Management and Interoperability: Validation and Vulnerabilities of Various Techniques

Burnable Pseudo-Identity: A Non-Binding Anonymous Identity Method for Ethereum

(role)CAST: A FRAMEWORK FOR ON-LINE SERVICE TESTING

Contact Info

Product

Resources

About