User centricity: A taxonomy and open issues

Proceedings of the Second ACM Workshop on Digital Identity Management, DIM 2006. Co-located with the 13th ACM Conference on Computer and Communications Security, CCS'06

Volumn , Issue , 2006, Pages 1-10

  Bhargav Spantzely, Abhilasha ^a   Camenisch, Jan ^b   Gross, Thomas ^b   Sommer, Dieter ^b  

^a PURDUE UNIVERSITY   (United States)

^b IBM RESEARCH ZURICH   (Switzerland)

Author keywords

Delegation; Identity management systems; Privacy; Security; Taxonomy; User centric; User control

Indexed keywords

FEDERATED IDENTITY MANAGEMENT (FIM); IDENTITY MANAGEMENT SYSTEMS; USER CENTRICITY; USER CONTROL;

CRYPTOGRAPHY; DATA PRIVACY; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; NETWORK PROTOCOLS; ONLINE SYSTEMS; SEMANTICS;

ACCESS CONTROL;

EID: 34547404349     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1179529.1179531     Document Type: Conference Paper

References (36)

1. Introduction to usability, 2005. http://www.usabilityfirst.com/intro/ index.txl.
2. ABADI, M., AND NEEDHAM, R. Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering 22, 1 (1996), 6-15.
3. ASHLEY, P., HADA, S., KARJOTH, G., POWERS, C., AND SCHUNTER, M. Enterprise Privacy Authorization Language (EPAL 1.1), 2003.
4. BETTINI, C., JAJODIA, S., WANG, X. S., AND WIJESEKERA, D. Provisions and obligations in policy rule management. J. Netw. Syst. Manage. 11, 3 (2003), 351-372.
5. BLAZE, M., FEIGENBAUM, J., AND KEROMYTIS, A. D. KeyNote: Trust management for public-key infrastructures (position paper). Lecture Notes in Computer Science 1550 (1999), 59-63.
6. BLAZE, M., FEIGENBAUM, J., AND LACY, J. Decentralized trust management. Tech. Rep. 96-17, 28, 1996.
7. BRANDS, S. Rethinking Public Key Infrastructure and Digital Certificates-Building in Privacy. PhD thesis, Eindhoven Institute of Technology, Eindhoven, The Netherlands, 1999.
8. BRICKELL, E., CAMENISCH, J., AND CHEN, L. Direct anonymous attestation. In CCS '04: Proceedings of the 11th ACM conference on Computer and communications security (New York, NY, USA, 2004), ACM Press, pp. 132-145.
9. CAMENISCH, J. Protecting (anonymous) credentials with the trusted computing group's trusted platform modules v.1.2. In Proceedings of the 21st IFIP International Information Security Conference (SEC 2006) (2006).
10. CAMENISCH, J., AND LYSYANSKAYA, A. Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. in Advances in Cryptology -EUROCRYPT 2001 (2001), B. Pfitzmann, Ed., vol. 2045 of LNCS. Springer Verlag, pp. 93-118.
11. CAMENISCH, J., AND LYSYANSKAYA, A. Dynamic accumulators and application to efficient revocation of anonymous credentials. In Advances in Cryptology -CRYPTO 2002 (2002), M. Yung, Ed., vol. 2442 of LNCS, Springer Verlag, pp. 61-76.
12. CAMENISCH, J., AND LYSYANSKAYA, A. Signature schemes and anonymous credentials from bilinear maps. In Advances in Cryptology -CRYPTO 2004 (2004), LNCS, Springer Verlag.
13. CAMENISCH, J., AND SHOUP, V. Practical verifiable encryption and decryption of discrete logarithms. In Advances in Cryptology - CRYPTO 2003 (2003), D. Boneh, Ed., LNCS.
14. CAMENISCH, J., SOMMER, D., AND ZIMMERMANN, R. A general certification framework with applications to privacy-enhancing certificate infrastructures. In Proceedings of the 21st IFIP International Information Security Conference (2006).
15. CAMERON, K. Laws of identity, 5/12/2005.
16. CHASE, M., AND LYSYANSKAYA, A. On signatures of knowledge. Cryptology ePrint Archive, Report 2006/184, 2006.
17. CRANOR, L., LANGHEINRICH, M., MARCHIORI, M., PRESLER-MARSHALL, M., AND REAGLE, J. The Platform for Privacy Preferences 1.0 (P3P1.0) Specification.
18. EUROPEAN PARLIAMENT. Directive 95/46/ec of the european parliament and the council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities (1995).
19. HALL, R. S., HEIMBIGNER, D., AND WOLF, A. L. A cooperative approach to support software deployment using the software dock. In ICSE '99: Proceedings of the 21st international conference on Software engineering (Los Alamitos, CA, USA, 1999), IEEE Computer Society Press, pp. 174-183.
20. Higgins Trust Framework, 2006. http://www.eclipse.org/higgins/.
21. HOUSLEY, R., POLK, W., FORD, W., AND SOLO, D. RFC 3280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, Apr. 2002. Status: Informational.
22. IDENTITY-MANAGEMENT. Liberty alliance project. http://www.projectliberty.org.
23. INTERNET2. Shibboleth, http://shibboleth.internet2.edu.
24. J. MERRELS, SXIP IDENTITY. DIX: Digital Identity Exchange Protocol. Internet Draft, March 2006.
25. KALER, C., AND NADALIN, A. Web services federation language, 2003.
26. KALER, C., AND NADALIN, A. Ws-federation: Passive requestor profile, 2003. Available from: ftp://www6.software.ibra.com/ software/developer/library/ws-fedpass.pdf.
27. LI, N., WINSBOROUGH, W. H., AND MITCHELL, J. C. Distributed credential chain discovery in trust management: extended abstract. In ACM Conference on Computer and Communications Security (2001), pp. 156-165.
28. LIBERTY ALLIANCE. Liberty alliance id-ff 1.2 specifications. Available at http://www.projectliberty.org.
29. LÜER, C., AND VAN DER HOEK, A. Jploy: User-centric deployment support in a component platform.
30. LYSYANSKAYA, A., RIVEST, R., SARAI, Á., AND WOLF, S. Pseudonym systems. In Selected Areas in Cryptography (1999), H. Heys and C. Adams, Eds., vol. 1758 of LNCS, Springer Verlag.
31. MICROSOFT. A technical reference for InfoCard v1.0 in windows, 2005.
32. NATIONAL INSTITUTE FOR STANDARDS AND TECHNOLOGY (NIST). Digital signature standard (dss), 2000.
33. OASIS STANDARD. Security assertion markup language (SAML) V2.0, 2005.
34. OECD. OECD guidelines on the protection of privacy and transborder flows of personal data, 1980.
35. PRIME CONSORTIUM. Privacy and Identity Management for Europe (PRIME). Web site at www.prime-project.eu.
36. RIVEST, R., SHAMIR, Á., AND ADLEMAN, L. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21, 2 (Feb. 1978), 120-126.