User-controlled identity management: The key to the future of privacy?

International Journal of Intellectual Property Management

Volumn 2, Issue 4, 2008, Pages 325-344

  Hansen, Marit ^a  

^a Independent Centre for Privacy Protection   (Germany)

Author keywords

Identity; Identity management; Identity management systems; IMS; Linkage control; Partial identities; Privacy; Pseudonyms; Transparency; User centric identity management systems; User controlled identity management

Indexed keywords

EID: 78651077969     PISSN: 14789647     EISSN: 14789655     Source Type: Journal    
DOI: 10.1504/IJIPM.2008.021428     Document Type: Article

References (35)

1. Article 29 Working Party (2004) Opinion on More Harmonised Information Provisions, 11987/04/EN WP 100, 25 November, http://ec.europa.eu/justice-home/ fsj/privacy/docs/wpdocs/2004/wp100-en.pdf (current August 2008).
2. Article 29 Working Party (2007) Opinion 4/2007 on the Concept of Personal Data, 01248/07/EN WP 136, 20 June, http://ec.europa.eu/justice-home/fsj/ privacy/docs/wpdocs/2007/wp136-en.pdf (current August 2008).
3. Bauer, M., Meints, M. and Hansen, M. (Eds.) (2005) Structured Overview on Prototypes and Concepts of Identity Management Systems, Deliverable 3.1 in the Network of Excellence FIDIS - Future of Identity in the Information Society, V1.1, Frankfurt a.M., Germany, September 2005, http://fidis.net/fileadmin/fidis/ deliverables/fidis-wp3-del3.1.overview-on-IMS.final.pdf (current August 2008).
4. Borcea-Pfitzmann, K., Hansen, M., Liesebach, K., Pfitzmann, A. and Steinbrecher, S. (2006) 'What user-controlled identity management should learn from communities', Information Security Technical Report, Elsevier, Vol. 11, No. 3, pp.119-128. (Pubitemid 44234123)
5. Brin, D. (1998) The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom?, Reading, MA: Addison-Wesley.
6. Brückner, L. and Voss, M. (2005) 'MozPETs - a privacy enhanced web browser', Proceedings of the Third Annual Conference on Privacy, Security and Trust (PST05), St. Andrews, New Brunswick, Canada, 12-14 October, http://www.ito.tu-darmstadt.de/publs/pdf/BruecknerVoss-Mozpets.pdf (current August 2008).
7. Camenisch, J. and Lysyanskaya, A. (2000) Efficient Non-transferable Anonymous Multi-show Credential System with Optional Anonymity Revocation, Research Report RZ 3295 (# 93341), IBM Research, November.
8. Cameron, K. (2005) The Laws of Identity, Version 12 May 2005, http://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf (current August 2008).
9. Casassa Mont, M., Pearson, S. and Bramhall, P. (2003) Towards Accountable Management of Identity and Privacy: Sticky Policies and Enforceable Tracing Services, Trusted Systems Laboratory, HP Laboratories, Bristol, HPL-2003-49, http://www.hpl.hp.com/techreports/2003/HPL-2003-49.pdf (current August 2008).
10. Castells, M. (1996) The Rise of the Network Society, The Information Age: Economy, Society and Culture, Vol. I, Cambridge, MA/Oxford, UK: Blackwell.
11. Cavoukian, A. (2006) 7 Laws of Identity - The Law for Privacy-Embedded Laws of Identity in the Digital Age, Version October 2006, http://www.ipc.on.ca/ images/Resources/up-7laws-whitepaper.pdf (current August 2008).
12. Center for Democracy and Technology (CDT) (2007) Privacy Principles for Identity in the Digital Age, Draft for Comment - Version 1.3, June, http://www.cdt.org/security/20070716idprinciples.pdf (current August 2008).
13. Chaum, D. (1985) 'Security without identification: transaction systems to make big brother obsolete', Communications of the ACM, October, Vol. 28, No. 10, pp.1030-1044, http://chaum.com/articles/Security-Wthout-Identification.htm (current August 2008). (Pubitemid 15587967)
14. Clarke, R.A. (1993) 'Computer matching and digital identity', Proceedings of the Computers, Freedom & Privacy Conference, San Francisco, California, ACM.
15. Clauß, S. and Köhntopp, M. (2001) 'Identity management and its support of multilateral security', Computer Networks, Vol. 37, No. 2, pp.205-219. (Pubitemid 32750291)
16. Clayton, R., Danezis, G. and Kuhn, M.G. (2001) 'Real world patterns of failure in anonymity systems', Proceedings of Information Hiding 2001, LNCS 2137, Berlin: Springer, pp.230-245.
17. Commission of the European Communities (2007) Communication from the Commission to the European Parliament and the Council on Promoting Data Protection by Privacy Enhancing Technologies (PETs), COM(2007) 288 final, Brussels, 2 May, http://eur-lex.europa.eu/LexUriServ/site/en/com/2007/com2007- 0228en01.pdf (current August 2008).
18. Damker, H., Pordesch, U. and Reichenbach, M. (1999) 'Personal reachability and security management - negotiation of multilateral security', in G. Müller and K. Rannenberg (Eds.) Multilateral Security in Communications, München: Addison-Wesley, Vol. 3, pp.95-111.
19. EU DPD (1995) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of such Data, http://eur-lex.europa.eu/smartapi/cgi/sga-doc? smartapi!celexapi!prod!CELEXnumdoc&numdoc=31995L0046&model= guichett&lg=en (current August 2008).
20. Fischer-Hübner, S., Pettersson, J.S., Bergmann, M., Hansen, M., Pearson, S. and Casassa Mont, M. (2008) 'HCI designs for privacy-enhancing identity management', in A. Acquisti, S. Gritzalis, C. Lambrinoudakis and S. Di Vimercati (Eds.) Digital Privacy: Theory, Technologies, and Practices, Chap. 11, Auerbach Publications, Taylor & Francis Group, pp.229-252.
21. Hansen, M. (2008) 'Marrying transparency tools with user-controlled identity management', in S. Fischer-Hübner, P. Duquenoy, A. Zuccato and L. Martucci (Eds.) The Future of Identity in the Information Society, Proceedings of the Third IFIP WG 9.2 9.6/11.6, 11.7/FIDIS International Summer School on the Future of Identity in the Information Society, IFIP International Federation for Information Processing, New York: Springer, Vol. 262, pp.199-220.
22. Hansen, M. and Berlich, P. (2003) 'Identity management systems: gateway and guardian for virtual residences', EMTEL New Media, Technology and Everyday Life in Europe Conference, April, http://www.lse.ac.uk/collections/EMTEL/ Conference/papers/hansen-berlich.pdf (current August 2008).
23. Hansen, M., Fischer-Hübner, S., Pettersson, J.S. and Bergmann, M. (2007) 'Transparency tools for user-controlled identity management', in P. Cunningham and M. Cunningham (Eds.) Expanding the Knowledge Economy: Issues, Applications, Case Studies - Proceedings of eChallenges 2007, Amsterdam: IOS Press, pp.1360-1367.
24. Hildebrandt, M. and Koops, B-J. (Eds.) (2007) A Vision of Ambient Law, Deliverable 7.9 in the Network of Excellence FIDIS - Future of Identity in the Information Society, Frankfurt a.M., Germany, October, http://www.fidis.net/ fileadmin/fidis/deliverables/fidis-wp7-d7.9-A-Vision-of-Ambient-Law.pdf (current August 2008).
25. ICPP/SNG (2003) Identity Management Systems (IMS): Identification and Comparison, Independent Centre for Privacy Protection (ICPP) Schleswig-Holstein, Germany and Studio Notarile Genghini (SNG), Italy, Study commissioned by Institute for Prospective Technological Studies, Joint Research Centre Seville, Spain, September, http://www.datenschutzzentrum.de/idmanage/study/ICPP-SNG-IMS- Study.pdf (current August 2007).
26. Jøsang, A. and Pope, S. (2005) 'User centric identity management', Proceedings of AusCERT Conference 2005, Brisbane, Australia, May.
27. Karjoth, G., Schunter, M. and Waidner, M. (2002) 'Platform for enterprise privacy practices: privacy-enabled management of customer data', 2nd Workshop on Privacy Enhancing Technologies (PET 2002), LNCS 2482, Springer, pp.69-84. (Pubitemid 36309880)
28. Leenes, R., Schallaböck, J. and Hansen, M. (Eds.) (2008) PRIME White Paper V3, May, https://www.prime-project.eu/prime-products/whitepaper/ (current August 2008).
29. Marx, G.T. (2001) 'Identity and anonymity: some conceptual distinctions and issues for research', in J. Caplan and J. Torpey (Eds.) Documenting Individual Identity, Princeton University Press, pp.311-327.
30. Mead, G.H. (1934) Mind, Self and Society, Chicago Press.
31. Nissenbaum, H. (2004) 'Privacy as contextual integrity', Washington Law Review, Vol. 79, No. 1, pp.119-157. (Pubitemid 38422460)
32. Pfitzmann, A. and Hansen, M. (2008) Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management - A Consolidated Proposal for Terminology, Working Paper v0.31, 15 February (first version from 2000), http://dud.inf.tu-dresden.de/Anon-Terminology.shtml (current August 2008).
33. Phillips, D.J. (2004) 'Privacy policy and PETs - the influence of policy regimes on the development and social implications of privacy enhancing technologies', New Media & Society, London, Thousand Oaks, CA and New Delhi: SAGE Publications, Vol. 6, No. 6, pp.691-706. (Pubitemid 40019531)
34. Warren, S. and Brandeis, L. (1890) 'The right to privacy', Harvard Law Review, Vol. 4, pp.193-220.
35. Westin, A.F. (1967) Privacy and Freedom, New York: Atheneum.