Privacy and Identity Management Requirements: An Application Prototype Perspective

Introduction

The following requirements, which have been derived from the previously described application prototype scenarios, constitute features that a privacy-friendly identity management system should support, based on a wide range of application scenarios. However, the requirements should not be read as absolute: some of them might be impractical or even impossible to implement in a specific context, e.g. because of high system resource requirements with regard to their operation or difficulty of implementation. Rather, this chapter contributes experiences from the application prototype development to the ongoing discussion of generic identity management requirements. It also shows to a certain extent how PRIME could meet those requirements. Still, it always tries to stay generic in its descriptions, to ease comparison between scenarios and with other scenarios. The prototypes presented in the preceding chapters include examples of complex services that are offered by consortia; so, for example, more than just the two “classic” stakeholders (customer, provider) may be involved in, e.g., location-based services. For a more detailed discussion of particular aspects of this, refer to the chapters on the individual prototypes of Part IV and to selected chapters in Part III of the book, e.g. Chapter 22 for multilateral user-to-user interactions. This chapter will briefly list the main requirements for the key stakeholders identified in the scenarios and then elaborate on them.