Traceable and Automatic Compliance of Privacy Policies in Federated Digital Identity Management

Squicciarini, Anna; Bhargav-Spantzel, Abhilasha; Czeskis, Alexei; Bertino, Elisa

doi:10.1007/11957454_5

Anna Squicciarini¹⁸,
Abhilasha Bhargav-Spantzel¹⁸,
Alexei Czeskis¹⁸ &
…
Elisa Bertino¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4258))

Included in the following conference series:

International Workshop on Privacy Enhancing Technologies

5895 Accesses
7 Citations

Abstract

Digital identity is defined as the digital representation of the information known about a specific individual or organization. An emerging approach for protecting identities of individuals while at the same time enhancing user convenience is to focus on inter-organization management of identity information. This is referred to as federated identity management. In this paper we develop an approach to support privacy controlled sharing of identity attributes and harmonization of privacy policies in federated environments. Policy harmonizations mechanisms make it possible to determine whether or not the transfer of identity attributes from one entity to another violate the privacy policies stated by the former. We also provide mechanisms for tracing the release of user’s identity attributes within the federation. Such approach entails a form of accountability since an entity non-compliant with the users original privacy preferences can be identified. Finally, a comprehensive security analysis details security properties is also offered.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

The Platform for Privacy Preferences 1.0 (P3P1.1) specification, http://www.w3.org/TR/P3P/
EPAL 1.0 Specification, http://www.zurich.ibm.com/security/enterpriseprivacy/epal/
Spantzel, A.B., Squicciarini, A.C., Bertino, E.: Integrating federated digital identity management and trust negotiation. In: Review for the IEEE Security and Privacy Magazine (2005)
Google Scholar
Gruber, T.R.: A translation approach to portable ontology specifications. Knowledge Acquisition 5(2), 199–220 (1993)
Article Google Scholar
Doan, A., Madhavan, J., Domingos, P., Halevy, A.: Ontology Matching: A Machine Learning Approach (2003)
Google Scholar
Uschold, M., Gruninger, M.: Ontologies: Principles, Methods, and Applications. Knowledge Engineering Review 11(2), 93–155 (1996)
Article Google Scholar
Maedche, A., Motik, B., NunoSilva, Volz, R.: MAFRA – a MApping FRAmework for distributed ontologies. In: Gómez-Pérez, A., Benjamins, V.R. (eds.) EKAW 2002. LNCS (LNAI), vol. 2473, pp. 235–241. Springer, Heidelberg (2002)
Chapter Google Scholar
P3P Preference Exchange Language 1.0 (APPEL1.0), http://www.w3.org/TR/P3Ppreferences/
Alliance, L.: Liberty architecture framework for supporting privacy preference expression languages (ppel’s) (2003)
Google Scholar
Liberty Alliance Project, http://www.projectliberty.org
Shibboleth, Internet2, http://shibboleth.internet2.edu
Cranor, L.F.: P3P: Making privacy policies more useful 1, 50–55 (2003)
Google Scholar
Ashley, P., Satoshi Hada, G.K., Schunter, M.: E-P3P Privacy Policies and Privacy Authorization. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES) (2001)
Google Scholar
Stufflebeam, W.H., Antón, A.I., He, Q., Jain, N.: Specifying privacy policies with P3P and EPAL: lessons learned. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES), p. 35 (2004)
Google Scholar
Switchaai Federation, http://www.switch.ch/aai/documents.html
InCommon Federation, http://www.incommonfederation.org/
HAKA Federation Finland Federation, http://www.csc.fi/suomi/funet/middleware/
Overhage, S., Thomas, P.: Ws-specification: Specifying web services using uddi improvements. In: Aksit, M., Mezini, M., Unland, R. (eds.) NODe 2002. LNCS, vol. 2591, pp. 100–119. Springer, Heidelberg (2003)
Google Scholar

Download references

Author information

Authors and Affiliations

Computer Science Department, Purdue University,
Anna Squicciarini, Abhilasha Bhargav-Spantzel, Alexei Czeskis & Elisa Bertino

Authors

Anna Squicciarini
View author publications
You can also search for this author in PubMed Google Scholar
Abhilasha Bhargav-Spantzel
View author publications
You can also search for this author in PubMed Google Scholar
Alexei Czeskis
View author publications
You can also search for this author in PubMed Google Scholar
Elisa Bertino
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Microsoft Research, Cambridge, UK
George Danezis
Palo Alto Research Center, 3333 Coyote Hill Rd, 94304, Palo Alto, CA, USA
Philippe Golle

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Squicciarini, A., Bhargav-Spantzel, A., Czeskis, A., Bertino, E. (2006). Traceable and Automatic Compliance of Privacy Policies in Federated Digital Identity Management. In: Danezis, G., Golle, P. (eds) Privacy Enhancing Technologies. PET 2006. Lecture Notes in Computer Science, vol 4258. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11957454_5

Download citation

DOI: https://doi.org/10.1007/11957454_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68790-0
Online ISBN: 978-3-540-68793-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics