Group 6: Privacy and Security

From ITUwiki

Jump to: navigation, search

Key findings:

  • Security and Privacy are Orthogonal to other use cases, since they have to be taken into account in all IdM-Contexts.
  • Identity is a social "thing"
    • This must be reflected in the policy framework
  • The identity language must be spoken from the network to the service
    • Accompanied by the regulatory and legal framework
  • Translating laws into policies it is still a problem
    • language problems
    • the way information is passed on from one entity to another
  • Allow the user to perform policy auditing
  • Transparency layer at E2E or at the IdM level?
    • the telephone number offered
    • can the federated ID be the source to transparency
  • Security & Privacy are transversal to all use cases
    • there are cases where the lack of these are necessary in the use-case

Use cases we'd like to look at:

    • Cash Society
      • maybe there're cases where it's all about the transaction (in cash) and not the person
      • look at cash society as a use case (risk assessment)
    • Policy enforcement and Privacy
      • Context obfuscation
    • Unlinkability between different "identities"
    • Cases in which you want your privacy to be revoked
  • Some problems we cannot solve
    • Identity opens more possibilities for abuse


Todos

  • Cash Society: Tony Nadalin is proposing a use case that points to use of cash, since there privacy is not an issue.
  • Web-Services: Jan S. will provide the PRIME Whitepaper showcasing privacy enhancement in Web-Service-Infrastructures.
Personal tools