• Save
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross

on

  • 1,206 views

Privacy starting from general principles including monotonous growth of information. Introduction to EU Project PrimeLife. Introduction to Anonymous Credentials/Identity Mixer and Smart Identity Cards ...

Privacy starting from general principles including monotonous growth of information. Introduction to EU Project PrimeLife. Introduction to Anonymous Credentials/Identity Mixer and Smart Identity Cards as technology solutions.

Statistics

Views

Total Views
1,206
Views on SlideShare
1,190
Embed Views
16

Actions

Likes
1
Downloads
0
Comments
0

3 Embeds 16

http://www.fatec.edu.br 8
http://www.thomasgross.net 7
http://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross Presentation Transcript

  • 1. Dr. Thomas Gross – Research Scientist 18 June 2010 Privacy © 2009 IBM Corporation
  • 2. Privacy PrimeLife Technology ￷ 2
  • 3. Privacy PrimeLife Technology ￷ 3
  • 4. Who is Privacy About? 4 © 2009 IBM Corporation
  • 5. People 5 © 2009 IBM Corporation
  • 6. People Who Like to Talk 6 © 2009 IBM Corporation
  • 7. “Neil Armstrong’s Footsteps are still there” 7 (Robin Wilton, Sun Microsystems) Photo:cc-nc-by jahdakine
  • 8. Computers don’t forget 8 © 2009 IBM Corporation
  • 9. Consent Paradigm in Privacy Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others. Alan Westin 9 © 2009 IBM Corporation
  • 10. Legal Privacy Taxonomy Processing ●Aggregation ●Identification ●Insecurity ●Secondary Use Collection ●Exclusion ●Surveillance ●Interrogation Dissemination Data Subject Data Holders Confidentiality breach ● ●Disclosure ●Exposure ●Increased accessibility Invasions ●Blackmail ●Intrusion ●Appropriation ●Decisional interference ●Distortion From Daniel J. Solove, Understanding Privacy 10 © 2009 IBM Corporation
  • 11. IBM Presentation Template Full Version Privacy PrimeLife Technology ￷ 11
  • 12. PrimeLife Consortium 12
  • 13. PrimeLife's Objectives Bringing Sustainable Privacy and Identity Management to Future Networks and Services  Fundamentally understanding privacy-enhancing identity management ‘for life’  Bringing Privacy to the future web  Develop and make tools for privacy friendly identity management widely available – privacy live! 13
  • 14. PrimeLife’s 6 Activities Mechanisms HCI Policies Privacy In Life Infrastructures Privacy Live! 14
  • 15. Scenario 15
  • 16. PrimeLife's approach 16
  • 17. PrimeLife's approach  Privacy Policy  Easy Management of Partial Identities  Usable Interfaces (Anonymous Communication) 17
  • 18. PrimeLife's approach  Attributed Based Access control  Policies towards users  Enforcement of Policies  Change of Business Processes  Privacy Policy  Easy Management of Partial Identities  Usable Interfaces (Anonymous Communication) 18
  • 19. PrimeLife's Approach 19
  • 20. IBM Presentation Template Full Version Privacy PrimeLife Technology ￷ 20
  • 21. Private Credentials: How to Build Them In the beginning...
  • 22. State of the Art: How to Build Them asking for a credential
  • 23. State of the Art: How to Build Them getting a credential ... containing “birth date = April 3, 1987”
  • 24. State of the Art: How to Build Them showing a credential ... goes off-line - driver's license - insurance - older > 20
  • 25. State of the Art: How to Build Them showing a credential ... containing statements “driver's license, age (as stated in driver’s ) > 20, and insurance” Using identity mixer, user can transform (different) token(s) into a new single one that, however, still verifies w.r.t. original signers' public keys.
  • 26. Other Properties: Offline Usage Zzzzz ID providers (issuers) need sleep, too! • Sometimes it is too expensive to have connectivity • Or a security risk (e.g., ID cards) Certs can be used as many times as needed! • cf. Revocation; can be done w/ signer's secrets offline
  • 27. Other Properties: Cheating Prevention World of Warcraft Limits of anonymity possible (optional): • If Alice and Eve are on-line together they are caught! • Use Limitation – anonymous until: ● If Alice used certs > 100 times total... ● ... or > 10'000 times with Bob • Alice's cert can be bound to hardware token (e.g., TPM)
  • 28. Privacy Preserving Access Control DNA Database Simple case: DB learns not who accesses DB Better: Oblivious Access to Database (OT with AC) ● Server must not learn who accesses ● which record ● Still, Alice can access only records she is authorized for
  • 29. Secret Handshakes • Alice and Bob both define some predicate PA and PB • Alice learns whether Bob satisfies PA if she satisfies PB
  • 30. Smart Identity Card: Design Goals Strong accountability and privacy Sustainable secondary use Trusted identity basis Future-proof Cost effective Won the Innovation Award 2009 of the Society for Computer Science (GI, comparable to the ACM in Germany) © 2009 IBM Corporation
  • 31. Smart Identity Card User PC User interacts/ Browser request: policy/ Backend consents response: proof to policy (Server) Identity Wallet Identity Mixer Validation request: policy/ pkI response: proof Validates proofs with Key Point issuer’s public key Transforms inserts/owns certificates Smarter ID Card in privacy- Identity Mixer preserving identity proof statements skU certificates Maintains master key and certificates confidential Secure Javacard 31 © 2009 IBM Corporation
  • 32. Privacy PrimeLife Technology Sustainable Crypto to Important & identity & rescue: complex ￷ privacy efficient on challenge 'for life' any device 32
  • 33. Thank you! Contributors: Björn Assmann, Endre Bangerter, Patrik Bichsel, Carl Binding, Anthony Bussani, Jan Camenisch, Thomas Gross, Susan Hohenberger, Phil Janson, Gregory Neven, Franz-Stefan Preiss, Dieter Sommer, Abhi Shelat, Victor Shoup, Michael Waidner, Roger Zimmermann, & innumerous interns 33 http://idemix.wordpress.com/ © 2009 IBM Corporation