Article

Managing privacy preferences for federated identity management

Authors:

John LamAuthors Info & Claims

DIM '05: Proceedings of the 2005 workshop on Digital identity management

Pages 28 - 36

https://doi.org/10.1145/1102486.1102492

Published: 11 November 2005 Publication History

Abstract

We have witnessed that the Internet is now a prime vehicle for business, community, and personal interactions. The notion of identity is the important component of this vehicle. Identity management has been recently considered to be a viable solution for simplifying user management across enterprise applications. The network identity of each user is the global set of personal credentials and preferences constituting the various accounts. The prevalence of business alliances or coalitions necessitates the further evolution of identity management, named federated identity management (FIM). The main motivation of FIM is to facilitate the federation of identities among business partners emphasizing on ease of user management. In this paper, we investigate privacy issues in FIM, especially focusing on Liberty Alliance approach. We attempt to identify practical business scenarios that help us understand privacy issues in FIM. Also, we propose systematic mechanisms to specify privacy preferences in FIM.

References

[1]

W3C Note: Simple object access protocol v 1.1. Technical report, Available at www.w3.org, 2000.

[2]

W3C note: Web services description language (WSDL) v 1.1. Technical report, Available at www.w3.org/, 2001.

[3]

G.-J. Ahn, D.~Shin, and S.-P. Hong. Information assurance in federated identity management: Experimentations and issues. In Proceedings of 5th Web Information Systems Engineering Conference, Lecture Notes in Computer Science (LNCS3306), pages 79--90, Brisbane, Australia, November 2004.

[4]

D. Chaum. Security without identification: Card computers to make big brother obsolete. Communications of the ACM, 28(10):1030--1044, 1985.

Digital Library

[5]

L. Cranor, M. Langheinrich, and M. Marchiori. A P3P preference exchange language 1.0 (APPEL1.0). Technical report, Available at www.w3.org, 2002.

[6]

L. Cranor, M. Langheinrich, M. Marchiori, M. Presler-Marshall, and J. Reagle. The platform for privacy preferences 1.0 (P3P1.0) specification. Technical report, Available at www.w3.org, 2002.

[7]

L. F. Cranor. Agents of choice: Tools that facilitate notice and choice about web site data practices.

[8]

H. Damker, U. Pordesch, and M. Reichenbach. Personal reach ability and security management - negotiation of multilateral security. In Proceedings of Multilateral Security in Communications, Stuttgart, Germany, 1999.

[9]

Federal Trade Commission. Online Profiling - A Report to Congress, part 2. Technical report, 2002.

[10]

P. Hallam-Baker and E. Maler. Assertions and protocols for OASIS SAML. Technical report, Available at www.oasis-open.org, 2002.

[11]

J. Hegel and M. Singer, editors. Net Worth: Shaping Market When Customers Make the Rule. Harvard Business School Press, 1999.

Digital Library

[12]

J. Hodges and T. Watson. Liberty architecture overview v 1.2-03. Technical report, Available at www.sourceid.org, 2003.

[13]

IBM. Web services security (WSS) specifications 1.0.05. Technical report, Available at www-106.ibm.com, 2002.

[14]

Liberty Alliance. ID-WSF security and privacy best practices. Technical report, Available at www.projectliberty.org.

[15]

Liberty Alliance. Privacy preference expression languages. White report, Available at www.projectliberty.org.

[16]

Mircrosoft Corporations. Microsoft .Net Passport Review Guide. Technical report, Available at www.microsoft.com, 2003.

[17]

M. C. Mont, S. Pearson, and P. Bramhall. Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services. Technical report, Available at www.hpl.hp.com, 2003.

[18]

P. Shenoy, D. Shin, and G.-J. Ahn. Towards IA-Aware web services for federated identity management. In Proceedings of IASTED International Conference on Communication, Network, and Information Security, pages 10--15, New York, USA, December 2003.

[19]

D. Shin, G.-J. Ahn, and P. Shenoy. Ensuring information assurance in federated identity management. In Proc. of the 23rd IEEE International Performance Computing and Communications Conference (IPCCC), Phoenix, Arizona, April 2004.

[20]

T. Watson. Liberty ID-FF implementation guidlines v 1.2.02. Technical report, Liberty Alliance Project, 2003.

Cited By

Roland MHöller TMayrhofer R(2023)Digitale Identitäten in der physischen Welt: Eine Abwägung von Privatsphäreschutz und PraktikabilitätDigital Identities in the Physical World: A Trade-off Between Privacy and PracticabilityHMD Praxis der Wirtschaftsinformatik10.1365/s40702-023-00949-160:2(283-307)Online publication date: 14-Mar-2023
https://doi.org/10.1365/s40702-023-00949-1
Ngo TDang THuynh VCong Le T(2023)A Systematic Literature Mapping on Using Blockchain Technology in Identity ManagementIEEE Access10.1109/ACCESS.2023.325651911(26004-26032)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3256519
Villarán CBeltrán M(2022)User-Centric Privacy for Identity Federations Based on a Recommendation SystemElectronics10.3390/electronics1108123811:8(1238)Online publication date: 14-Apr-2022
https://doi.org/10.3390/electronics11081238
Show More Cited By

Index Terms

Managing privacy preferences for federated identity management

Recommendations

Privacy enhancing identity management: protection against re-identification and profiling
DIM '05: Proceedings of the 2005 workshop on Digital identity management

User centric identity management will be necessary to protect user's privacy in an electronic society. However, designing such systems is a complex task, as the expectations of the different parties involved in electronic transactions have to be met. In ...
Privacy and identity management for everyone
DIM '05: Proceedings of the 2005 workshop on Digital identity management
The shift from a paper-based to an electronic-based society has dramatically reduced the cost of collecting, storing and processing individuals' personal information. As a result, it is becoming more common for businesses to "profile" individuals in ...
Achieving Privacy in a Federated Identity Management System
Financial Cryptography and Data Security

Federated identity management allows a user to efficiently authenticate and use identity information from data distributed across multiple domains. The sharing of data across domains blurs security boundaries and potentially creates privacy risks. We ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

DIM '05: Proceedings of the 2005 workshop on Digital identity management

November 2005

120 pages

ISBN:1595932321

DOI:10.1145/1102486

General Chair:
Vijay Atluri
Rurgers University
,
Program Chairs:
Pierangela Samarati
Universita' degli Studi di Milano, Italy
,
Atsuhiro Goto
NTT, Japan

Copyright © 2005 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 November 2005

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS05

Sponsor:

CCS05: 12th ACM Conference on Computer and Communications Security 2005

November 11, 2005

VA, Fairfax, USA

Acceptance Rates

Overall Acceptance Rate 16 of 34 submissions, 47%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

41
Total Citations
View Citations
1,765
Total Downloads

Downloads (Last 12 months)13
Downloads (Last 6 weeks)0

Reflects downloads up to 04 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Roland MHöller TMayrhofer R(2023)Digitale Identitäten in der physischen Welt: Eine Abwägung von Privatsphäreschutz und PraktikabilitätDigital Identities in the Physical World: A Trade-off Between Privacy and PracticabilityHMD Praxis der Wirtschaftsinformatik10.1365/s40702-023-00949-160:2(283-307)Online publication date: 14-Mar-2023
https://doi.org/10.1365/s40702-023-00949-1
Ngo TDang THuynh VCong Le T(2023)A Systematic Literature Mapping on Using Blockchain Technology in Identity ManagementIEEE Access10.1109/ACCESS.2023.325651911(26004-26032)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3256519
Villarán CBeltrán M(2022)User-Centric Privacy for Identity Federations Based on a Recommendation SystemElectronics10.3390/electronics1108123811:8(1238)Online publication date: 14-Apr-2022
https://doi.org/10.3390/electronics11081238
Rathee TSingh P(2022)A systematic literature mapping on secure identity management using blockchain technologyJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2021.03.00534:8(5782-5796)Online publication date: Sep-2022
https://doi.org/10.1016/j.jksuci.2021.03.005
Nishioka SOkabe Y(2021)Mutual Secrecy of Attributes and Authorization Policies in Identity Federation2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC)10.1109/COMPSAC51774.2021.00166(1202-1209)Online publication date: Jul-2021
https://doi.org/10.1109/COMPSAC51774.2021.00166
Santos-Pereira CAugusto ACruz-Correia RCorreia M(2013)A secure RBAC mobile agent access control model for healthcare institutionsProceedings of the 26th IEEE International Symposium on Computer-Based Medical Systems10.1109/CBMS.2013.6627814(349-354)Online publication date: Jun-2013
https://doi.org/10.1109/CBMS.2013.6627814
Karantjias APolemi N(2012)Effective Guidelines for Facilitating Construction of Successful, Advanced, User-Centric IAM FrameworksDigital Identity and Access Management10.4018/978-1-61350-498-7.ch003(39-63)Online publication date: 2012
https://doi.org/10.4018/978-1-61350-498-7.ch003
Manan JKhattak ZSulaiman S(2012)Practicable Unified Security, Trust and Privacy (STP) Framework for Federated Access Management (FAM)Proceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications10.1109/TrustCom.2012.222(1411-1416)Online publication date: 25-Jun-2012
https://dl.acm.org/doi/10.1109/TrustCom.2012.222
Leskinen J(2012)Evaluation Criteria for Future Identity ManagementProceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications10.1109/TrustCom.2012.153(801-806)Online publication date: 25-Jun-2012
https://dl.acm.org/doi/10.1109/TrustCom.2012.153
Jensen J(2012)Federated Identity Management ChallengesProceedings of the 2012 Seventh International Conference on Availability, Reliability and Security10.1109/ARES.2012.68(230-235)Online publication date: 20-Aug-2012
https://dl.acm.org/doi/10.1109/ARES.2012.68
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents