Abstract
The identity problem today is a data-sharing problem. Today the fixed attributes approach adopted by the consumer identity management industry provides only limited information about an individual, and therefore, is of limited value to the service providers and other participants in the identity ecosystem. This paper proposes the use of the Open Algorithms (OPAL) paradigm to address the increasing need for individuals and organizations to share data in a privacy-preserving manner. Instead of exchanging static or fixed attributes, participants in the ecosystem will be able to obtain better insight through a collective sharing of algorithms, governed through a trust network. Algorithms for specific datasets must be vetted to be privacy-preserving, fair and free from bias.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Pentland, A., Shrier, D., Hardjono, T., Wladawsky-Berger, I.: Towards an internet of trusted data: input to the whitehouse commission on enhancing national cybersecurity. In: Hardjono, T., Pentland, A., Shrier, D. (eds.) Trust::Data - A New Framework for Identity and Data Sharing, Visionary Future, pp. 21–49 (2016)
Pentland, A.: Social Physics: How Social Networks Can Make Us Smarter. Penguin Books (2015)
Pentland, A., Reid, T., Heibeck, T.: Big data and health - revolutionizing medicine and public health: report of the big data and health working group 2013. World Innovation Summit for Health, Qatar Foundation, Technical report, December 2013. http://www.wish-qatar.org/app/media/382
World Economic Forum. Personal Data: The Emergence of a New Asset Class (2011). http://www.weforum.org/reports/personal-data-emergence-new-asset-class
European Commission: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). Off. J. Eur. Union L119, 1–88 (2016)
Abelson, R., Goldstein, M.: Millions of Anthem customers targeted in cyberattack. New York Times, February 2015. https://www.nytimes.com/2015/02/05/business/hackers-breached-data-of-millions-insurer-says.html
Bernard, T.S., Hsu, T., Perlroth, N., Lieber, R.: Equifax says cyberattack may have affected 143 million in the U.S. New York Times, September 2017. https://www.nytimes.com/2017/09/07/business/equifax-cyberattack.html
Gartner: 2017 Planning Guide for Identity and Access Management, Gartner Inc., Report, October 2016
OASIS: Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0, March 2005. https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf
Liberty Alliance: https://en.wikipedia.org/wiki/Liberty_Alliance. Accessed 29 May 2017
OASIS: Assertions and protocols for the OASIS security assertion markup language (SAML) V2.0, March 2005. http://docs.oasisopen.org/security/saml/v2.0/ saml-core-2.0-os.pdf
Morgan, R.L., Cantor, S., Carmody, S., Hoehn, W., Klingenstein, K.: Federated security: the shibboleth approach. EDUCAUSE Q. 27(4), 1217 (2004)
Neuman, C., Yu, T., Hartman, S., Raeburn, K.: The kerberos network authentication service (V5). RFC 4120 (Proposed Standard), Internet Engineering Task Force, July 2005, updated by RFCs 4537, 5021, 5896, 6111, 6112, 6113, 6649, 6806. http://www.ietf.org/rfc/rfc4120.txt
Zhu, L., Leach, P., Jaganathan, K., Ingersoll, W.: The simple and protected generic security service application program interface (GSS-API) negotiation mechanism. RFC 4178 (Proposed Standard), Internet Engineering Task Force, October 2005. http://www.ietf.org/rfc/rfc4178.txt
Jaganathan, K., Zhu, L., Brezak, J.: SPNEGO-based Kerberos and NTLM HTTP authentication in microsoft windows. RFC 4559 (Informational), Internet Engineering Task Force, June 2006. http://www.ietf.org/rfc/rfc4559.txt
Hardt, D.: The OAuth 2.0 authorization framework. RFC 6749 (Proposed Standard), Internet Engineering Task Force, October 2012. http://www.ietf.org/rfc/rfc6749.txt
Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., Mortimore, C.: OpenID connect core 1.0. OpenID Foundation, Technical Specification v1.0 – Errata Set 1, November 2014. http://openid.net/specs/openid-connect-core-1_0.html
American Bar Association: An overview of identity management: submission for UNCITRAL commission 45th session. ABA Identity Management Legal Task Force, May 2012. http://meetings.abanet.org/ webupload/commupload/CL320041/relatedresources/ABA-Submission-to-UNCITRAL.pdf
OASIS: Glossary for the OASIS Security Assertion Markup Language (SAML) V2.0, March 2005. http://docs.oasis-open.org/security/saml/v2.0/samlglossary- 2.0-os.pdf
Hardjono, T., Maler, E., Machulak, M., Catalano, D.: User-Managed Access (UMA) Profile of OAuth2.0 – Specification Version 1.0, April 2015. https://docs.kantarainitiative.org/uma/rec-uma-core.html
Maler, E., Machulak, M., Richer, J.: User-Managed Access (UMA) 2.0, January 2017. https://docs.kantarainitiative.org/uma/ed/uma-core-2.0-10.html
Lizar, M., Turner, D.: Consent Receipt Specification Version 1.0, March 2017. https://kantarainitiative.org/confluence/display/infosharing/Home
Cameron, K.: The Laws of Identity (2004). http://www.identityblog.com/stories/2004/12/09/thelaws.html
Cavoukian, A.: 7 laws of identity - the case for privacy-embedded laws of identity in the digital age. Office of the Information and Privacy Commissioner of Ontario, Canada, Technical report, October 2006. http://www.ipc.on.ca/index.asp?navid=46&fid1=470
de Montjoye, Y.A., Quoidbach, J., Robic, F., Pentland, A.: Predicting personality using novel mobile phone-based metrics. In: Social Computing, Behavioral-Cultural Modeling and Prediction, LCNS, vol. 7812, pp. 48–55. Springer (2013)
Pentland, A.: Saving big data from itself. Sci. Am., 65–68 (2014)
Hardjono, T., Seberry, J.: Strongboxes for electronic commerce. In: Proceedings of the Second USENIX Workshop on Electronic Commerce. USENIX Association, Berkeley (1996)
de Montjoye, Y.A., Shmueli, E., Wang, S., Pentland, A.: openPDS: protecting the privacy of metadata through SafeAnswers. PLoS ONE 9(7), 13–18 (2014). https://doi.org/10.1371/journal.pone.0098790
De Filippi, P., McCarthy, S.: Cloud computing: centralization and data sovereignty. Eur. J. Law Technol. 3(2) (2012). SSRN: https://ssrn.com/abstract=2167372
Zyskind, G., Nathan, O., Pentland, A.: Decentralizing privacy: using blockchain to protect personal data. In: Proceedings of the 2015 IEEE Security and Privacy Workshops. IEEE (2015)
Hardjono, T.: Decentralized service architecture for OAuth2.0. Internet Engineering Task Force, draft-hardjono-oauth-decentralized-00, February 2017. https://tools.ietf.org/html/draft-hardjono-oauth-decentralized-00
Frey, R., Hardjono, T., Smith, C., Erhardt, K., Pentland, A.: Secure sharing of geospatial wildlife data. In: Proceedings of the Fourth International ACM Workshop on Managing and Mining Enriched Geo-Spatial Data, GeoRich 2017, May 2017
DataPop: Data-Pop Alliance (2017). http://datapopalliance.org
Singh, V.K., Bozkaya, B., Pentland, A.: Money walks: implicit mobility behavior and financial well-being. PLOS ONE 10(8), 1–17 (2015). https://doi.org/10.1371/journal.pone.0136628
Makaay, E., Smedinghoff, T., Thibeau, D.: OpenID exchange: trust frameworks for identity systems, June 2017. http://www.openidentityexchange.org/wp-content/uploads/2017/06/OIX-White-Paper_Trust-Frameworks-for-Identity-Systems_Final.pdf
State of Virginia: Virginia Electronic Identity Management Act, VA Code 2.2-436 2.2-437; VA Code 59.1-550 59.1-555 March 2015. https://lis.virginia.gov/cgi-bin/legp604.exe?151+ful+CHAP0483
US General Services Administration: U.S. Federal Identity, Credential and Access Management (FICAM) Program (2013). http://info.idmanagement.gov
SAFE-BioPharma Association: SAFE-BioPharma FICAM Trust Framework Provider Approval Process (FICAM-TFPAP) (2016). https://www.safe-biopharma.org/SAFE_Trust_Framework.html
Adebayo, J., Kagal, L.: Iterative orthogonal feature projection for diagnosing bias in black-box models. In: Proceedings of 3rd Workshop on Fairness, Accountability, and Transparency in Machine Learning, New York, NY, USA, November 2016
Norton Rose Fulbright: Can smart contracts be legally binding contracts. Norton Rose Fulbright, Report, November 2016. http://www.nortonrosefulbright.com/knowledge/publications/144559/can-smart-contracts-be-legally-binding-contracts
Acknowledgment
The authors thank the following for inputs and insights (alphabetically): Abdulrahman Alotaibi, Stephen Buckley, Raju Chithambaram, Keeley Erhardt, Indu Kodukula, Emmanuel Letouz, Eve Maler, Carlos Mazariegos, Yves-Alexandre de Montjoye, Ken Ong, Kumar Ramanathan, Justin Richer, David Shrier, and Charles Walton. We also thank the reviewers for valuable suggestions on improvements for the paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Hardjono, T., Pentland, A. (2019). Open Algorithms for Identity Federation. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Advances in Information and Communication Networks. FICC 2018. Advances in Intelligent Systems and Computing, vol 887. Springer, Cham. https://doi.org/10.1007/978-3-030-03405-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-03405-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03404-7
Online ISBN: 978-3-030-03405-4
eBook Packages: EngineeringEngineering (R0)