A Privacy Protection Model in ID Management Using Access Control

Choi, Hyang-Chang; Yi, Yong-Hoon; Seo, Jae-Hyun; Noh, Bong-Nam; Lee, Hyung-Hyo

doi:10.1007/11424826_9

Hyang-Chang Choi²⁴,
Yong-Hoon Yi²⁴,
Jae-Hyun Seo²⁵,
Bong-Nam Noh²⁴ &
…
Hyung-Hyo Lee²⁶

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3481))

Included in the following conference series:

International Conference on Computational Science and Its Applications

1313 Accesses
2 Citations

Abstract

The problem of privacy of the Identity Management System (IMS) is the most pressing concern of ordinary users. Uncertainty about privacy keeps many users away from utilizing IMS. Most privacy-enhancing technologies such P3P, E-P3P and EPAL use purposes or policies to ensure privacy that is set by users. Access control is arguably the most fundamental and pervasive security mechanism in use. This paper proposes a privacy protection model using access control for IMS. The proposed model protects privacy using access control techniques with privacy policies in a single circle of trust. We address characteristics of components for the proposed model and describe access control procedures. After that, we show protection architecture and XML-based schema for privacy policies.

This research was supported by the MIC (Ministry of Information and Communication), Korea, under the ITRC (Information Technology Research Center) support program supervised by the IITA (Institute of Information Technology Assessment).

*Correspondent author.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Identity Management Systems (IMS): Identification and Comparison Study. PRIME Project (2003), http://www.datenschutzzentrum.de/idmanage/study/ICPP_SNG_IMSStudy.pdf
Cranor, L.F.: Web Privacy with P3P. AT&T (2002)
Google Scholar
Ashley, P., Hada, S., Karjoth, G., Schunter, M.: Privacy Policies and Privacy Authorization (E-P3P). WPES (2002)
Google Scholar
Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise Privacy Authorization Language. W3C (2003), http://www.w3.org/Submission/2003/SUBM-EPAL-20031110/
RAPID: Roadmap for Advanced Research in Privacy and Identity Management. RAPID Project (2001), http://www.ra-pid.org
PRIME: Privacy and Identity Management for Europe Date of preparation. PRIME Project (2004), http://www.prime-project.eu.org/
Sourceid: Open Source Federated Identity Management. Ping Identity (2004), http://www.sourceid.org/
Warren, A.D., Brandeis, L.D.: The Right to Privacy. Harvard Law Review (1980)
Google Scholar
Magnuson, G., Reid, P.: Privacy and Identity Management Survey. In: IAPP Conference (2004)
Google Scholar
Microsoft.NET Passport: Microsoft (2004), http://www.microsoft.com/net/services/passport/
Liberty Alliance: Introduction to the Liberty Alliance Identity Architecture. Liberty Alliance Project (2003)
Google Scholar
XML SPY. Altova (2004), http://www.xml.com/pub/p/15

Download references

Author information

Authors and Affiliations

Dept. of Information Security, Chonnam National University, Gwangju, 500-757, Korea
Hyang-Chang Choi, Yong-Hoon Yi & Bong-Nam Noh
Div. of Information Engineering, Mokpo National University, Mokpo, 534-729, Korea
Jae-Hyun Seo
Div. of Information and EC, Wonkwang University, Iksan, 570-749, Korea
Hyung-Hyo Lee

Authors

Hyang-Chang Choi
View author publications
You can also search for this author in PubMed Google Scholar
Yong-Hoon Yi
View author publications
You can also search for this author in PubMed Google Scholar
Jae-Hyun Seo
View author publications
You can also search for this author in PubMed Google Scholar
Bong-Nam Noh
View author publications
You can also search for this author in PubMed Google Scholar
Hyung-Hyo Lee
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Mathematics and Computer Science, University of Perugia, via Vanvitelli, 1, I-06123, Perugia, Italy
Osvaldo Gervasi
Department of Computer Science, University of Calgary, 2500 University Drive N.W., T2N 1N4, Calgary, AB, Canada
Marina L. Gavrilova
William Norris Professor, Head of the Computer Science and Engineering Department, University of Minnesota, USA
Vipin Kumar
Department of Chemistry, University of Perugia, Via Elce di Sotto, 8, P.O. Box, I-06123, Perugia, Italy
Antonio Laganà
Institute of High Performance Computing, IHCP, 1 Science Park Road, 01-01 The Capricorn, Singapore Science Park II, 117528, Singapore
Heow Pueh Lee
School of Computing, Soongsil University, Seoul, Korea
Youngsong Mun
Clayton School of IT, Monash University, 3800, Clayton, Australia
David Taniar
OptimaNumerics Ltd, P.O. Box, Belfast, United Kingdom
Chih Jeng Kenneth Tan

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Choi, HC., Yi, YH., Seo, JH., Noh, BN., Lee, HH. (2005). A Privacy Protection Model in ID Management Using Access Control. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2005. ICCSA 2005. Lecture Notes in Computer Science, vol 3481. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11424826_9

Download citation

DOI: https://doi.org/10.1007/11424826_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25861-2
Online ISBN: 978-3-540-32044-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics