Role Management in a Privacy-Enhanced Collaborative Environment<br />Anja Lorenz<br />Chair of Business Information System...
Agenda<br />Role Management in a<br />Privacy-Enhanced<br />Collaborative Environment<br />18.03.2010<br />2 | 33<br />Anj...
Collaborative environments<br />Relationshipmanagement<br />Content sharing<br />Collaborativeworking<br />Collaborative E...
Motivation forprivacy-enhancement<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />4 | 33<br />18.03...
Web profilesof Katrin <br />Collaborative Environment<br /><ul><li>forresearch
for professional networking
for private networking</li></ul>Privacy-Enhanced<br />Rolemanagement<br />18.03.2010<br />5 | 33<br />Anja Lorenz: "Roles ...
Web profilesof Anja<br />Collaborative Environment<br /><ul><li>forresearch
for professional networking</li></ul>	(@anjalorenz)<br /><ul><li>for private networking</li></ul>Privacy-Enhanced<br />Rol...
Collaborative Environment<br />Privacy-Enhanced<br />Motivation forprivacy-enhancement<br />Things thatmay happen…<br />Ro...
Collaborative Environment<br />Privacy-Enhanced<br />Rolemanagement<br />Via http://thenextweb.com/2009/08/09/note-friend-...
Collaborative Environment<br />Privacy-Enhanced<br />Rolemanagement<br />http://pleaserobme.com/<br />Motivation forprivac...
Collaborative Environment<br />Privacy-Enhanced<br />Becarefulwithspreading personal data in the web!<br />Rolemanagement<...
Privacy-Enhancement<br />Protection in collaborativeenvironments<br />The surrounding of each person is uniformly untruste...
State-of-the-art<br />Technical approaches for privacy-enhancement<br />Pseudonymisation<br />Encryption<br />Anonymisatio...
Collaborative environments<br />Conditionsforprivacyprotection<br />No predefined protocols<br />Ad-hoc decisions<br />Spo...
Ourapproach:<br />Privacy enhancedidentitymanagement<br />Focus:<br />User Control<br />
Privacy enhanced ID-management<br />Main concept: Partial identities<br />Privacy-Enhanced Collaborative Environment<br />...
Privacy enhanced ID-management<br />Main concept: Partial identities<br />A partial identity (pID)… „represents the person...
The Userdecideswhich personal dataisdisclosedandtowhom in whatcontext!<br />
Research Background<br />BluES, PRIME, BluES’n, Prime Life<br />Privacy-Enhanced Collaborative Environment<br />Rolemanage...
Research Background<br />BluES’n<br />A privacy-enhancedcollaborativeenvironmentforlearning<br />Privacy-Enhanced Collabor...
Research Background<br />BluES’n<br />A privacy-enhancedcollaborativeenvironmentforlearning<br />Privacy-Enhanced Collabor...
Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Understanding ofRoles<br />Different interpretations<b...
Understanding ofRoles<br />Different usage<br />Overall aim: reducing management complexity<br /><ul><li>Apply actions to ...
Generate and support certain work settings
Ease access control</li></ul>Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />18.03.2010<br />22 | 33<b...
Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />RoleConceptforBluES‘n<br />Ourinterpretation<br />Role...
RoleConceptforBluES‘n<br />Ourusage: 3 roledimensions<br />Administrative Roles<br />Rolemanagement in a Privacy-Enhanced ...
Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />RoleConceptforBluES‘n<br />Ourusage: 3 roledimensions<...
Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />RoleConceptforBluES‘n<br />Ourusage: 3 roledimensions<...
Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Role Management for PECEs<br />Benefitsregardingprivac...
Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Role Management for PECEs<br />Benefitsregardingprivac...
Role Management for PECEs<br />Benefitsregardingprivacyissues<br />Rolemanagement in a Privacy-Enhanced Collaborative Envi...
Role Management for PECEs<br />Remainingcoreproblem<br />Rolesareinformationaboutusers<br />Scenario: Onlyfewuserscan hold...
Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Role Management for PECEs<br />Approaches forautomatic...
Upcoming SlideShare
Loading in...5
×

Role Management In Privacy-enhanced collaborative environment

1,412

Published on

Presentation at the IADIS international conference e-Society 2010, 18.03.2010, Porto

Find the full paper here: http://www.iadisportal.org/digital-library/role-management-in-a-privacy-enhanced-collaborative-environment

Published in: Education
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,412
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Role Management In Privacy-enhanced collaborative environment

  1. 1. Role Management in a Privacy-Enhanced Collaborative Environment<br />Anja Lorenz<br />Chair of Business Information Systems<br />University of Technology Chemnitz, Germany<br />KatrinBorcea-Pfitzmann<br />Chair of Privacy and Data Security<br />University of Technology Dresden,<br />Germany<br />
  2. 2. Agenda<br />Role Management in a<br />Privacy-Enhanced<br />Collaborative Environment<br />18.03.2010<br />2 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  3. 3. Collaborative environments<br />Relationshipmanagement<br />Content sharing<br />Collaborativeworking<br />Collaborative Environment<br />Privacy-Enhanced<br />Rolemanagement<br />18.03.2010<br />3 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  4. 4. Motivation forprivacy-enhancement<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />4 | 33<br />18.03.2010<br />Collaborative Environment<br />Manyspreaded personal data on web profilesfor different reasons…<br />Privacy-Enhanced<br />Rolemanagement<br />
  5. 5. Web profilesof Katrin <br />Collaborative Environment<br /><ul><li>forresearch
  6. 6. for professional networking
  7. 7. for private networking</li></ul>Privacy-Enhanced<br />Rolemanagement<br />18.03.2010<br />5 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  8. 8. Web profilesof Anja<br />Collaborative Environment<br /><ul><li>forresearch
  9. 9. for professional networking</li></ul> (@anjalorenz)<br /><ul><li>for private networking</li></ul>Privacy-Enhanced<br />Rolemanagement<br />18.03.2010<br />6 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  10. 10. Collaborative Environment<br />Privacy-Enhanced<br />Motivation forprivacy-enhancement<br />Things thatmay happen…<br />Rolemanagement<br />18.03.2010<br />7 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  11. 11. Collaborative Environment<br />Privacy-Enhanced<br />Rolemanagement<br />Via http://thenextweb.com/2009/08/09/note-friend-boss-fb-bitch-job/<br />Motivation forprivacy-enhancement<br />18.03.2010<br />8 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  12. 12. Collaborative Environment<br />Privacy-Enhanced<br />Rolemanagement<br />http://pleaserobme.com/<br />Motivation forprivacy-enhancement<br />18.03.2010<br />9 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  13. 13. Collaborative Environment<br />Privacy-Enhanced<br />Becarefulwithspreading personal data in the web!<br />Rolemanagement<br />Motivation forprivacy-enhancement<br />18.03.2010<br />10 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  14. 14. Privacy-Enhancement<br />Protection in collaborativeenvironments<br />The surrounding of each person is uniformly untrusted!<br />(Chaum 1995)<br />Privacy-Enhanced Collaborative Environment<br />Rolemanagement<br />18.03.2010<br />11 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  15. 15. State-of-the-art<br />Technical approaches for privacy-enhancement<br />Pseudonymisation<br />Encryption<br />Anonymisation<br />Privacy-Enhanced Collaborative Environment<br />Well-provedforsender-recipientrelationships (e-Shops etc.)<br />But do not supportrequirementsforprivacyrespectingcollaborativeworking<br />Rolemanagement<br />18.03.2010<br />12 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  16. 16. Collaborative environments<br />Conditionsforprivacyprotection<br />No predefined protocols<br />Ad-hoc decisions<br />Spontaneous activities<br />And interaction is a strongly wanted feature<br />Privacy-Enhanced Collaborative Environment<br />Rolemanagement<br />18.03.2010<br />13 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  17. 17. Ourapproach:<br />Privacy enhancedidentitymanagement<br />Focus:<br />User Control<br />
  18. 18. Privacy enhanced ID-management<br />Main concept: Partial identities<br />Privacy-Enhanced Collaborative Environment<br />Not:showingwholeprofilesofoneperson<br />But:disclosingselectedattributesofoneperson partial identity<br />Rolemanagement<br />18.03.2010<br />15 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  19. 19. Privacy enhanced ID-management<br />Main concept: Partial identities<br />A partial identity (pID)… „represents the person in a specific context or role.“<br />a subset of attributes<br />union of all pIDs = complete identity<br />credentials for proof-demanding attributes<br />(Pfitzmann & Hansen 2008, Chaum 1985)<br />Privacy-Enhanced Collaborative Environment<br />Rolemanagement<br />18.03.2010<br />16 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  20. 20. The Userdecideswhich personal dataisdisclosedandtowhom in whatcontext!<br />
  21. 21. Research Background<br />BluES, PRIME, BluES’n, Prime Life<br />Privacy-Enhanced Collaborative Environment<br />Rolemanagement<br />https://www.prime-project.eu<br />http://www.primelife.eu/<br />18.03.2010<br />18 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  22. 22. Research Background<br />BluES’n<br />A privacy-enhancedcollaborativeenvironmentforlearning<br />Privacy-Enhanced Collaborative Environment<br />Identity managment  partial identities for user representation in certain contexts<br />Authentication & authorisation based on anonymous credentials and policies (cf. David Chaum 1985)<br />Rolemanagement<br />18.03.2010<br />19 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  23. 23. Research Background<br />BluES’n<br />A privacy-enhancedcollaborativeenvironmentforlearning<br />Privacy-Enhanced Collaborative Environment<br />Socialinteraction vs. privacyrequirements<br />Intra-applicationpartitioning(Borcea et al. 2005)<br />Awarenessinformation(cf. e.g. Franz et al. 2006)<br />Reputation (Steinbrecher 2006)<br />Roles<br />Rolemanagement<br />18.03.2010<br />20 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  24. 24. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Understanding ofRoles<br />Different interpretations<br />Position (Linton 1936, Luhmann 1984)<br />Behaviour(Gerhardt 1971)<br />Relations (Mead 1967, Goffman 1974, Carell+ 2002)<br />Groups (Znaniecki 1965)<br />18.03.2010<br />21 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  25. 25. Understanding ofRoles<br />Different usage<br />Overall aim: reducing management complexity<br /><ul><li>Apply actions to a group of users
  26. 26. Generate and support certain work settings
  27. 27. Ease access control</li></ul>Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />18.03.2010<br />22 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  28. 28. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />RoleConceptforBluES‘n<br />Ourinterpretation<br />Roles = stereotypes of users<br />Equal rights and duties<br />Expectations of behavior<br />Help interaction partners to range in a user’s position within a group<br />(Lorenz 2009, Borcea-Pfitzmann 2008)<br />18.03.2010<br />23 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  29. 29. RoleConceptforBluES‘n<br />Ourusage: 3 roledimensions<br />Administrative Roles<br />Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Owner<br />Participant<br />Guest<br />18.03.2010<br />24 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  30. 30. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />RoleConceptforBluES‘n<br />Ourusage: 3 roledimensions<br />Administrative Roles<br />FunctionalRoles<br />Teacher<br />Learner<br />18.03.2010<br />25 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  31. 31. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />RoleConceptforBluES‘n<br />Ourusage: 3 roledimensions<br />Administrative Roles<br />FunctionalRoles<br />Group dynamicRoles<br />Creative<br />Problem Solver<br />Motivator<br />18.03.2010<br />26 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  32. 32. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Role Management for PECEs<br />Benefitsregardingprivacyissues<br />Not:discloseattributesofthepID<br />But:discloseattributesoftherole<br />18.03.2010<br />27 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  33. 33. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Role Management for PECEs<br />Benefitsregardingprivacyissues<br />Not:centrallymanagedlistofroleholders<br />But:decentralisationbyanonymouscredentialsforroles<br />18.03.2010<br />28 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  34. 34. Role Management for PECEs<br />Benefitsregardingprivacyissues<br />Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Not:oneroleforeachpID<br />But: n:m relationshipofrolesandpIDs<br />18.03.2010<br />29 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  35. 35. Role Management for PECEs<br />Remainingcoreproblem<br />Rolesareinformationaboutusers<br />Scenario: Onlyfewuserscan hold teacherrole<br />Question:WhatistherightcontexttoswitchtoanotherpID?<br />Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Teacher 1<br />Teacher 2<br />18.03.2010<br />30 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  36. 36. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Role Management for PECEs<br />Approaches forautomaticchoiceofpID<br />In BluES: Decisionsuggestionmodule(DSM)<br />helpstoselecttheappropriatepIDaccordingtopreferencesforthecorrespondingcontext<br />Question:Whatare relevant contextsforswitchingpIDs?<br />Transactions?<br />Roles?<br />Interaction Partners?<br />Nodefaultway<br /> Onlyadvicesbyuser‘spreferences<br />18.03.2010<br />31 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  37. 37. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Role Management for PECEs<br />Conclusions<br />PECEs providemeanstoprotectusers‘ privacy, e.g. by partial identitymanagement<br />Mission: keeppIDsunlinkable<br />Flexible, decoupledrolemanagementallowstodistributerolesontoseveralpIDs<br />Riskof linkability canbereduced but not removed<br />18.03.2010<br />32 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  38. 38. Thankyou!<br />Questions?<br />18.03.2010<br />33 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  39. 39. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />References<br />1|2<br />Borcea, K. et al., 2005b. Intra-Application Partitioning of Personal Data. In A. Kobsa & L. CranorProceedings of the Workshop on Privacy-Enhanced Personalization (PEP’05). Edinburgh, UK, pp. 67-72. Available at: http://www.isr.uci.edu/pep05/papers/borcea-pep.pdf. <br />Borcea-Pfitzmann, K., 2008. Framework für die Entwicklungeineruniversellenkollaborativen eLearning-Plattform, PhD thesis, TechnischeUniversität, Dresden. Available at: http://hsss.slub-dresden.de/deds-access/hsss.urlmapping.MappingServlet?id=1237287991632-2707 .<br />Carell, A. et al., 2002. ComputergestützteskollaborativesLernen: Die Bedeutung von Partizipation, Wissensintegration und Einfluss von Rollen. Journal Hochschuldidaktik, 13, 26-35. Available at: http://www.sociotech-lit.de/CaJR02-CkL.pdf. <br />Chaum, D., 1985. Security without identification: transaction systems to make big brother obsolete. Communications of the ACM, 28(10), 1030-1044. Available at: http://portal.acm.org/citation.cfm?doid=4372.4373. <br />Franz, E et al., 2006. Privacy-aware user interfaces within collaborative environments. In K. MihalicProceedings of the international workshop in conjunciton with AVI 2006 on Context in advanced interfaces - AVI ‘06. New York, USA: ACM Press, pp. 45-48. Available at: http://portal.acm.org/citation.cfm?doid=1145706.1145715. <br />Gerhardt, U., 1971. RollenanalysealskritischeSoziologie: EinkonzeptuellerRahmenzurempirischen und methodologischenBegründungeinerTheoriederVergesellschaftung H. Maus & F. Fürstenberg, Neuwied, Berlin: Luchterhand. <br />18.03.2010<br />34 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  40. 40. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />References<br />2|2<br />Goffman, E., 1974. Rollenkonzepte und Rollendistanz. In C. MühlfeldSozilogischeTheorie. Hamburg: Hoffmann und CampeVerlag.<br />Linton, R., 1936. The study of man: an introduction, New York, USA: Appleton Century Crofts, Inc. <br />Lorenz, A., 2009. Rollenmanagement trifft Privatsphäre: Problempunkte und Konsequenzen: Analyse und Realisierung des Rollenmanagements in der kollaborativen Lernumgebung BluES’n, Saarbrücken: VDM Verlag.<br />Luhmann, N., 1984. SozialeSysteme. GrundrißeinerallgemeinenTheorie, Frankfurt: SuhrkampVerlag. Available at: http://www.worldcat.org/isbn/351857700X.<br />Mead, G.H., 1967. Mind, Self and Society 3 ed., Chicago: University of Chicago Press. <br />Pfitzmann, A. & Hansen, M., 2008. Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management - A Consolidated Proposal for Terminology, Dresden, Germany: Institute of Systems Architecture. Available at: http://dud.inf.tu-dresden.de/Anon_Terminology.shtml. <br />Staples, W.G., 2007. Encyclopedia of Privacy: A-M, Westport (Connecticut); London: Greenwood Publishing Group. Available at: http://books.google.de/books?id=sFv1ZltBhR0C. <br />Steinbrecher, S., 2006. Design Options for Privacy-Respecting Reputation Systems within Centralised Internet Communities. In S. Fischer-Hübner et al. Security and Privacy in Dynamic Environments: Proceedings of the IFIP TC-1 1 2 1st International Information Security Conference (SEC 2006). IFIP International Federation for Information Processing. Boston: Springer, pp. 123-134. Available at: http://www.springerlink.com/index/10.1007/0-387-33406-8. <br />Znaniecki, F., 1965. Social relations and social roles: the unfinished systematic sociology, San Francisco, CA: Chandler Pub. Co. <br />18.03.2010<br />35 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />
  41. 41. Rolemanagement in a Privacy-Enhanced Collaborative Environment<br />Images<br />Joystick: http://www.flickr.com/photos/beggs/103038447/<br />Dishes: http://www.flickr.com/photos/starwarsblog/514453347/<br />Classroam: http://www.flickr.com/photos/wolfra/2873071778<br />18.03.2010<br />36 | 33<br />Anja Lorenz: "Roles in PECEs" at IADIS e-Society 2010, Porto<br />

×