Abstract
Privacy-respecting identity management systems take into account the user’s choices and may help her in her decisions. They have the potential of being the user’s gateway and guardian to the digital world. However, if these systems should play an important role throughout the user’s life, concepts for long-term privacy protection combined with identity management are sought. The text identifies five major challenges of lifelong privacy-respecting identity management systems and sketches how developers of identity management systems could tackle them. Still, it is not an easy task that may be solved by each identity management system on its own, but policy makers will have to provide support, e.g., in building common infrastructures or integrating national eID solutions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Art. 29 Data Protection Working Party: Opinion 2/2009 on the protection of children’s personal data (General Guidelines and the special case of schools). WP 160, 398/09/EN, adopted on 11 February, 2009, http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2009/wp160_en.pdf.
Baran, Paul: Communications, computers and people. Proc. of the AFIPS Joint Computer Conferences, Part II: Computers: Their Impact on Society, ACM, 1965, pp. 45–49.
Buchmann, Johannes/May, Alexander/Vollmer, Ulrich: Perspectives for cryptographic longterm security. Communications of the ACM, Vol. 49, No. 9, 2006, pp. 50–55.
Canetti, Ran/Gennaro, Rosario/Herzberg, Amir/Naor, Dalit: Proactive Security: Long-term Protection against Break-ins. RSA Laboratories’ CryptoBytes, Vol. 3, No. 1, 1997, pp. 1–8.
Clauß, Sebastian/Hansen, Marit/Pfitzmann, Andreas/Raguse, Maren/Steinbrecher, Sandra: Tackling the challenge of lifelong privacy. In: Cunningham, Paul/Cunningham, Miriam (Eds.): Proceedings of eChallenges 2009, 2009.
Dommering, Egbert J.: Regulating technology: code is not law. In: Dommering, Egbert J./Asscher, Lodewijk F. (Eds.), Coding Regulation: Essays on the Normative Role of Information Technology, The Hague, 2006, pp. 1–17, http://www.ivir.nl/publications/dommering/Regulating_technology.pdf.
Hansen, Marit/Berlich, Peter: Identity Management Systems: Gateway and Guardian for Virtual Residences. Accepted paper for the EMTEL Conference April 23–26, 2003, London, http://www.lse.ac.uk/collections/EMTEL/Conference/papers/hansen_berlich.pdf.
Hansen, Marit/Cooper, Alissa/Schwartz, Ari: Privacy and Identity Management. In: IEEE Security & Privacy; Vol. 6, No. 2, 2008, pp. 38–45.
Hansen, Marit/Pfitzmann, Andreas/Steinbrecher, Sandra: Identity Management throughout one’s whole life. In: Information Security Technical Report (ISTR) Vol. 13, No. 2, Elsevier Advanced Technology, Oxford (UK), 2008, pp. 83–94, doi:10.1016/j.istr.2008.06.003.
Hansen, Marit/Thomsen, Sven: Lebenslanger Datenschutz – Anforderungen an vertrauenswürdige Infrastrukturen. In: Datenschutz und Datensicherheit (DuD) Vol. 34, No. 5, 2010, pp. 283–288.
Hansen, Marit/Raguse, Maren/Storf, Katalin/Zwingelberg, Harald: Delegation for Privacy Management from Womb to Tomb – A European Perspective. In: Bezzi, M. et al. (Eds.), Privacy and Identity Management for Life, IFIP AICT 320, Springer, Berlin, Heidelberg, New York, 2010, pp. 18–33
Mayer-Schönberger, Viktor: Delete: The Virtue of Forgetting in the Digital Age. Princeton University Press, 2009.
Pfitzmann, Andreas/Hansen, Marit: A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management. Working document, v0.34, 2010, http://dud.inf.tu-dresden.de/Anon_Terminology.shtml.
Rost, Martin/Pfitzmann, Andreas: Datenschutz-Schutzziele – revisited. In: Datenschutz und Datensicherheit (DuD), Vol. 33, No. 6, 2009, pp. 353–358.
Schneier, Bruce: Secrets and Lies: Digital Security in a Networked World. John Wiley & Sons, 2000.
Seltzer, William/Anderson, Margo: Using population data systems to target vulnerable population subgroups and individuals: issues and incidents. In: Asher, Jana/Banks David/Scheuren, Fritz J. (Eds.): Statistical methods for human rights, Springer, 2008, pp. 273–328.
Storf, Katalin/Hansen, Marit/Raguse, Maren (Eds.): Requirements and concepts for identity management throughout life. PrimeLife Deliverable H1.3.5, Kiel/Zürich, November 2009, http://www.primelife.eu/images/stories/deliverables/h1.3.5-requirements_and_concepts_for_idm_throughout_life-public.pdf.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden GmbH
About this chapter
Cite this chapter
Hansen, M. (2011). Towards Future-Proof Privacy-Respecting Identity Management Systems. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2010 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9788-6_18
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9788-6_18
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-1438-8
Online ISBN: 978-3-8348-9788-6
eBook Packages: EngineeringEngineering (R0)