Title :
A Privacy Enabled Service Authorization Based on a User-centric Virtual Identity Management System
Author_Institution :
Univ. Stuttgart, Stuttgart
Abstract :
User trust and empowerment (in terms of their personal data control) are areas that must be addressed thoroughly when talking about identity and business models for distributed communication systems. Protecting the privacy of users is a challenging problem for identity management systems, which can only be achieved if it gives users complete control over their identity data. However, none of the existing solutions offers this possibility. Based on a user-centric virtual identity defined by EU IST project Daidalos, this paper proposes an effective infrastructure to authorize the privacy-enabled pervasive service, which protects the context-driven access policies for online services in order to avoid attacks by malicious eavesdroppers. In the proposed infrastructure, SMAL and Diameter are used to securely protect and deliver authenticated and authorized entities and XACML is used to authorize the user-level privacy policy. The proposed infrastructure is partially integrated into the Daidalos demonstration platform.
Keywords :
authorisation; data privacy; telecommunication services; virtual reality; authentication; business models; context-driven access policies; distributed communication systems; identity management systems; online services; pervasive service; privacy; project Daidalos; service authorization; user-centric virtual identity; user-level privacy policy; Authorization; Business communication; Communication system control; Computer networks; Control systems; Data privacy; Distributed computing; Identity management systems; Network servers; Protection; Privacy; Virtual Identity; policy; security;
Conference_Titel :
Communications and Networking in China, 2007. CHINACOM '07. Second International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-1009-5
Electronic_ISBN :
978-1-4244-1009-5
DOI :
10.1109/CHINACOM.2007.4469418
