User consent for consumer identity (@ISSE2010)
Upcoming SlideShare
Loading in...5
×
 

User consent for consumer identity (@ISSE2010)

on

  • 1,279 views

As presented for ISSE 2010, on 7 October 2010 in Berlin.

As presented for ISSE 2010, on 7 October 2010 in Berlin.

Statistics

Views

Total Views
1,279
Views on SlideShare
1,278
Embed Views
1

Actions

Likes
0
Downloads
10
Comments
0

1 Embed 1

https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

User consent for consumer identity (@ISSE2010) User consent for consumer identity (@ISSE2010) Presentation Transcript

  • User consent for consumer identity 7 October 2010, ISSE 2010, Berlin Maarten Wegdam Principal Research @ Novay
  • Novay?
    • Mission “ to create breakthroughs in the way we work, live, and entertain ourselves, by creating and applying ICT-innovations ”
    • Independent Dutch ICT research institute
    • Formerly Telematica Instituut
    • Innovation projects for clients
    • Networked innovation
    • Identity & Trust is focus area, e.g.:
  • An intro to user consent
    • User centric identity
    • Empower user to control his/her identity
    • See also: Laws of Identity by Cameron
    • Why: legal, ethical and user acceptance
    • How: insight and control over data flow
  • Case: SURFfederation
    • Federate for Dutch higher education and research
    • ~700k users, ~40 IdPs, ~30 SPs
    • Limited sharing of attributes
    • Trust framework
    • Multi-protocol, including SAML & WS-Federation
    • Question: do users want consent, and how?
    IdP IdP IdP IdP SP SP SP SP hub
  • State-of-the-art for consent InfoCard (active client)
  • State-of-the-art for consent OpenID (web-redirect)
  • User centric SAML?
    • But isn ’t SAML is Identity Provider centric? Well, that depends …
    • SAML WebSSO is web-redirect, similar to OpenID: consent can be similar
    • Already examples:
      • consent module van SimpleSAMLphp (WAYF, Feide)
      • uApprove (SWITCH)
  • A step back A complicated trade-off for consent
  • Privacy attitude [Privacy indexes: a survey of Westin’s studies. Kumaraguru, Faith Cranor. ISRI technical report, december 2005.]
  • Approach
    • State-of-the-art
    • Design web-redirect based consent
      • Not SAML/OpenID specific …
      • 5 guidelines (next slides)
      • Based on ‘professional’ literature, academic literature and existing implementations
    • User studies! InfoCard vs user-centric SAML
    • Pilot
  • We decided in our case not to provide per-attribute choice, too difficult to understand. Always ask user before exchanging data 0 Consent
  • We show actual value of information, explain the federation and role of SURFnet, and link to privacy statement Make the information flow clear 1 Informed
  • We decided to only have ‘timed’ automation, people forget… Enable providing consent for future log-ins 2 Automate
  • We decided to only have ‘timed’ automation, people forget… Enable providing consent for future log-ins 2 Automate will be longer
  • Difficult to do with web-browser without becoming too intrusive…
    • Notify when information is exchanged (in right context)
      • Even if consent was already provided
    3 Notification
  • Including what attributes are included in consent, but no log. Provide overview and allow revocation of provided consents 4 Revocation
  • Including what attributes are included in consent, but no log. Provide overview and allow revocation of provided consents 4 Revocation
  • User study setup
    • Small/qualitative, in depth, using mockups
      • Co-discovery, 9 * 2 people, 3 universities, mix students & employees, questionnaire
    • Do they want consent, or will they rather leave it to their university?
    • If they do: do they prefer InfoCard or user-centric SAML?
    • And specific feedback on trade-off in our user-centric SAML
  • User study outcome
    • Yes , they did want consent
    • They prefer user-centric SAML over InfoCard
  • User study – other points
    • No consensus on desired ‘obtrusiveness’: we decided to skip notification
    • They want to know why service providers want their attributes
    • They want control over the data after consent: no solution yet …
  • Current status
    • Exploring user-centric SAML
    • Additional user studies to fine-tune user interface
    • Started large pilot two weeks ago 
    • Based on outcome SURFnet will decide if to roll-out
  • Closing remarks
    • Providing actual consent is NOT trivial
    • Unclear how specific the results are for our case: trust, web-redirect, limited attributes
    • Complication (?): role of hub and SURFnet
    • Asking people about privacy behavior is tricky: risk of bias towards privacy-paranoids, behavior over longer time, social desirable
    • Timed consent: what period?
  • THANK YOU
    • Acknowledgement:
    • SURFnet: Hans Zandbelt, Roland van Rijswijk, Eefje van der Harst, Remco Poortinga-van Wijnen and others
    • Novay: Ruud Janssen, Bob Hulsebosch, Dirk-Jan van Dijk and others
    More information: report: User controlled privacy voor de SURFfederatie (Dutch) report: User controlled privacy voor de SURFfederatie: een gebruikersstudie (Dutch) report: Outcome user controlled privacy pilot, to appear Dec 2010 (English) blog post: http://maarten.wegdam.name/2010/03/11/user-centric-saml/ email: [email_address]