iigiig institut für informatik und gesellschaft, abteilung telematik, albert-ludwigs-universität...

IIGIIGIIGIIG

Michael Kreutzer, Uwe Jendricke, Alf Zugenmaier

Institut für Informatik und Gesellschaft, Abteilung Telematik, Albert-Ludwigs-Universität Freiburg

1

Mobile Identity Management

Michael Kreutzer

Uwe Jendricke

Alf Zugenmaier

Göteborg, September 29th 2002

IIGIIGIIGIIG



2

ScenarioUser: Kreutzer, MichaelAccess: 09:20Withdraw: € 500

IIGIIGIIGIIG



3

User: Kreutzer, MichaelAccess: 09:20Withdraw: € 500

User: Kreutzer, MichaelAccess: 10:21Using: Bus #10

Scenario

IIGIIGIIGIIG



4

User: Kreutzer, Michael Access: 09:20Withdraw: € 500

User: Kreutzer, MichaelAccess: 10:21Using: Bus #10

User: Kreutzer, MichaelAccess: 11:42Query: „Privacy+NSA“

Scenario

IIGIIGIIGIIG



5

Library Client Profile

Bruce Schneier

Date: 24.03.02Time: 11:42Query: Location

TrafficSystem Client Profile

Bruce Schneier

Date: 24.03.02Time: 10:21Using:Bus #10

Exit: Stop#11


Bruce Schneier


Exit: Stop#11


Bruce Schneier


Exit: Stop#11

Bank Client Profile

Bruce Schneier

Date: 24.03.02Time: 09:20Withdraw: 10032

Quit: 09:42

Bank Client Profile

Bruce Schneier


Quit: 09:42

Linkability => User ProfilingUser: Kreutzer, MichaelAccess: 09:20Withdraw: € 500

User: Kreutzer MichaelAccess: 10:21Using: Bus #10

User: Kreutzer, MichaelAccess: 11:42Query: „Privacy+NSA“

General Person Profile

Bruce Schneier

Date: 24.03.02Time: 11:42Location:BusExit: Stop#11


Bruce Schneier



Bruce Schneier



Bruce Schneier



Michael Kreutzer

Date: 24.03.02Time: 11:42Location:LibraryQuery:Privacy+ NSA


Michael Kreutzer

Date: 24.03.02Time: 11:42Query:Privacy+

NSA


Michael Kreutzer


Exit: Stop#11

Bank Client Profile

Michael Kreutzer


Quit: 09:42

IIGIIGIIGIIG



6

Control of Personal Data• Internet:

Well known techniquesto prevent disclosure.

• UC: Personal devices carry personal data.

.com

IIGIIGIIGIIG



7

The Problem: Prevention of User Profiling

Conditions:

– Ad Hoc => Constantly changing networks/services.

– Mobile => Constantly changing location.

– Fully automatic authentication requests from

the environment.

Linkability of the device!

IIGIIGIIGIIG



8

The solution: Self-Protection by

Identity Management (IM)

– Express & enforce security needs

– Depending on the situation (context)

– Communication is based on anonymity

and confidentiality.

IIGIIGIIGIIG



9

Shopping

Identity Management: Management of partial identities

Willi Webster

Public Authority

Leisure

Anonymous

Name:Willi Weber

Credit Card: VISACard #: 9988 7766 5544Valid until:01.01.2003

Address:Street: Friedrichstr. 50ZIP-Code: 79098City: Freiburg

Birthday: 11.07.1974Place of Birth: Paris

Hobbies:Swimming, Books

Identity

Nickname: WebsterSociety: Friends of Privacy Berlin e.V.

IIGIIGIIGIIG



10


Identity: Anonymous

Name: Michael KreutzerAccount#: 12927382

Identity: Bank Client


IIGIIGIIGIIG



11

Ticket #: 23882

Identity: Bus

Ticket#: 23882Access: 10:21Using: Bus #10

Bus



IIGIIGIIGIIG



12

Identity: Anonymous



Bus

User: AnonymousAccess: 10:21Query: Privacy+NSA


IIGIIGIIGIIG



13

Limited User Profiling


Bus

User: AnonymousAccess: 10:21Query: Privacy+NSA


Bank Client Profile

Bruce Schneier


Quit: 09:42

Bank Client Profile

Bruce Schneier


Quit: 09:42

Bank Client Profile

Michael Kreutzer


Quit: 09:42


Anonymous

Date: 24.03.02Time: 11:42Query: Crypto


Anonymous

Date: 24.03.02Time: 11:42Query:Privacy+ NSA

? TrafficSystem Client Profile

Ticket #23882


Exit: Stop#11

Bus


Ticket #5321


Exit: Stop#123

Bus


Ticket #12321


Exit: Stop#5

Bus

IIGIIGIIGIIG



14

Flow Chart of Mobile Identity Management

System

Context Sensing

Choice of Appropriate Identity

Setting of Authentication and Services

User Input

IIGIIGIIGIIG



15

Context of the User (focus: PDA)

• The Task

• IT-Infrastructure

• Physical Environment

AP

St.W end e l

SA A R LA N DH om b urg

M erzig

S aa rb rücken

get +Z oom -

P h a r m a c y

200 m eternext left

St. M ichelsPharm acy

Time Table 05:00 22:00

Saarbr. Landwehrpl. (Wednesday)all: Heusweiler/Holz

17 00 02 11 22 26 30 42 5618 05 10 26 42 5619 07 15 32 4420 09 25 49

IIGIIGIIGIIG



16

Components of a Mobile Identity Management System

Identity Management

ContextSensors

Servicesand

Applications

Banking

Shopping

HomeAutomation

...

ContextSensing

Choice ofIdentity

Configurationof Services

Rules Identities

Filter

IIGIIGIIGIIG



17

Communication EnvironmentNetwork

User

Network-Gateway

Comm.Interface (to Anon-ymizing Service)

Applications

Identity-Manager

(IDM)IDM

IDM

IDM

Trustworthy End-Device

Anonymi-zing

Service

Local Service

Service Provider/CommunicationPartner

IIGIIGIIGIIG



18

The Demonstrator

IIGIIGIIGIIG



19

The demonstrator: Lessons learnt

– Active and inactive Applications

– Priority of Applications

– Overview of Local Services

– User initiated Authentication

– First Step in Direction Prototype

IIGIIGIIGIIG



20

Mobile Identity Management:Benefits for the User ...

– Usable: Only available applications visible

– The user feels safe and secure

– The user is safe and secure

• The user is per default anonymous

• The user has full control of what kind of

personal data leaves the device.

iigiig institut für informatik und gesellschaft, abteilung telematik, albert-ludwigs-universität...

Documents