SlideShare a Scribd company logo

Privacy in Business Processes with User-Centric Identity Management

S
Sven Wohlgemuth

This document summarizes a presentation on privacy in business processes through user-centric identity management. It discusses challenges with 1:n and 1:n:m relationships where personal data is disclosed to multiple services. Two approaches are described: single sign-on and anonymous credentials. Neither fully addresses issues like linkability, non-transferability of data, and misuse of credentials. The document then proposes an approach called DREISAM that uses anonymous credentials and proxy credentials to enable delegation of rights over personal data while preserving user privacy. It outlines the work of WP14 in studying privacy requirements for identity management and business processes.

Internet
1 of 21
Download to read offline
FIDIS Research Event 2006, Budapest Sven Wohlgemuth Albert-Ludwig University Freiburg, Germany Privacy in Business Processes by User-centric Identity Management
FIDIS - Future of Identity in the Information Society (No. 507512) 11.09.2006 2 Agenda I. Scenario: Personalized Services and Business Processes II. Example: Data Economy in Business Processes III. WP14: Areas of Work
FIDIS - Future of Identity in the Information Society (No. 507512) 11.09.2006 3 I. Personalized Services and 
 Business Processes Objectives of an attacker: • Tracing user • Misusing user‘s attributes I want a holiday trip, here are my attributes User Holiday trip Service 1 1:n To known service Challenge: Trust in Service 1? U wants a car, Here is what I know of U Car 1:n:m To unknown service(s)U = profile Service 2 user profiles
FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 4 Survey for Germany (ECE IV)
 Most Important Barriers for Personalized Services 0 % 25 % 50 % 75 % 100 % 20,700 %20,700 %18,100 %15,800 %15,984 % 12,012 % 58,400 %56,700 % 47,700 %49,800 %46,753 % 44,344 % 20,900 %22,600 % 34,200 %34,400 %37,263 % 43,644 % high medium no Costly integration in processes Expected neg. reaction since privacy violation Doubts wrt. data protection laws Low customer acceptance Other legal doubts Pot. loss of reputation http://www.telematik.uni-freiburg.de/ece.php
FIDIS - Future of Identity in the Information Society (No. 507512) 5 Car? Driving licence? Privacy Attacks
 1:n Relationships Privacy: User is able to to determine on the disclosure and use of his own personal data. I want a holiday trip, here are my attributes User Holiday trip Service 1Service 1 1:n To known service U = profile 11.09.2006
FIDIS - Future of Identity in the Information Society (No. 507512) 5 Car? Driving licence? Threat: Misuse of personal data by services Driving
 licence Stella Freiburger
 Classes: ABE
 Friedrichstr. 50
 D-79098 Freiburg
 Germany
 IP: 132.15.16.3 Motorbike Claudia Freiburger Harley Davidson IP: 132.15.16.3 Car Stella Freibuger VW Beetle IP: 132.15.16.3 Privacy Attacks
 1:n Relationships Privacy: User is able to to determine on the disclosure and use of his own personal data. I want a holiday trip, here are my attributes User Holiday trip Service 1Service 1 1:n To known service U = profile 11.09.2006
Driving licence? Car? Car Car Stella Freiburger VW Beetle IP: 132.15.16.3 Driving
 licence Stella Freiburger Classes: ABE
 Friedrichstr. 50
 D-79098 Freiburg
 Germany
 IP: 132.15.16.3 Vacation trip? Privacy Attacks
 1:n:m Relationships I want a holiday trip, here are my attributes U wants a car, Here is what I know of U User CarHoliday trip Service 1Service 1 1:n 1:n:m To known service To unknown service(s)U = profile Service 2Service 2 user profiles
Driving licence? Informational self-determination? Driving
 Licence Stella Freibuger
 Classes: ABE
 Friedrichstr. 50
 D-79098 Freiburg
 Germany
 IP: 132.15.16.3 Holiday Stella Freiburger VW Beetle ... IP: 132.15.16.3 Car? Car Car Stella Freiburger VW Beetle IP: 132.15.16.3 Driving
 licence Stella Freiburger Classes: ABE
 Friedrichstr. 50
 D-79098 Freiburg
 Germany
 IP: 132.15.16.3 Vacation trip? Privacy Attacks
 1:n:m Relationships I want a holiday trip, here are my attributes U wants a car, Here is what I know of U User CarHoliday trip Service 1Service 1 1:n 1:n:m To known service To unknown service(s)U = profile Service 2Service 2 user profiles
FIDIS - Future of Identity in the Information Society (No. 507512) 7 II. Problem: Data Economy Identity management and multi-staged business processes □ Single Sign On: central or several CA
 (Microsoft .NET Passport or Liberty Alliance) □ Partial identities
 (Freiburg iManager) □ Anonymous credentials
 (IBM idemix) 11.09.2006
FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 8 Case 1: Single Sign-On
 1:n:m Relationships 3: Authentification 1: Request for booking 1: Request for car 2: Redirection 4: Connect 5: Request for pers. data: driving licence 7: Allow / deny access 8: Booking confirmation 6: Pers. data: driving licence
FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 8 Case 1: Single Sign-On
 1:n:m Relationships • Proxy needs secret token of user for authentication ➔ Linkability + Misuse • CA is in every authentication involved ➔ Linkability 3: Authentification 1: Request for booking 1: Request for car 2: Redirection 4: Connect 5: Request for pers. data: driving licence 7: Allow / deny access 8: Booking confirmation 6: Pers. data: driving licence
FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 9 Stella 543ag I am Stella Dig. driving licence I am 543ag Booking confirmation • Non-Transferability Mechanismen:
 All credentials and pseudonyms are based on one secret key kMax Car for 543ag Car CA certifies personal data and issues anonymous credentials skStella Case 2: Anonymous Credentials
 1:n:m Relationships
FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 9 Stella 543ag I am Stella Dig. driving licence I am 543ag Booking confirmation • Non-Transferability Mechanismen:
 All credentials and pseudonyms are based on one secret key kMax Car for 543ag Car • Proxy requires secret key kStella for showing credential ! Delegation of all credentials: misuse is possible ! Fraud: Revealing anonymity of the user kStella CA certifies personal data and issues anonymous credentials skStella Case 2: Anonymous Credentials
 1:n:m Relationships
Additional criteria for 1:n:m relationships: Delegation of rights on personal data • Integrity of an authorization • Delegation of „least privilege” • Preventing misuse of delegated authorizations • Restricting re-delegation of delegated authorizations • Revoking delegated authorizations • Distinguishing user and proxy Criteria for 1:n relationships: • Showing personal data depending on service • Non-linkability of transactions • Authentication without revealing identifying data • Non-repudiation of user‘s transactions • Revealing identity of cheating users Criteria for 1:n and 1:n:m Relationships
FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 11 Idea: Authorization for purpose-based transfer of personal data as a credential
 (Proxy Credential) Unobservability by: – Anonymous credentials – Pseudonyms – CA signs Proxy Credential Purpose-based: – Logging of delegation and use by
 CA and end service Limit: – User cannot enforce restrictions
 of a delegated authorization – Observability if servíce needs
 identifying data of the user Wohlgemuth, S., Müller, G.: Privacy with Delegation of Rights by Identity Management, ETRICS 2006. DREISAM
 Unlinkable Delegation of Rights
(Mechanisms of PKI + anonymous credentials) • Integrity of an authorization • Delegation of „least privilege“ • Preventing misuse of delegated authorizations • Restricting re-delegation of delegated authorizations • Revoking delegated authorizations • Distinguishing user and proxy DREISAM: Evaluation Criteria for a self-determined disclosure of personal data: • Showing personal data depending on service • Non-linkabiltiy of transactions • Authentication without revealing identifying data • Non-repudiation of user‘s transactions • Revealing identity of cheating users (Partial identity) (Pseudonyms and anonymity service) (Zero-Knowledge Proof) (Protocol run of showing a credential) (De-anonymization party) (Anonymous credential + CA) (One-show anony. credential + Audit) (Audit) (Proxy Credential) (Protocol of showing a credential + CA)
Verifying Use of Personal Data:
 Certified Service □ Information flow: Verified sandbox at service provider □ Peer: Attestated service access points of sandbox □ Presumption: TPM and CA infrastructure service OS hardware service OS hardware Service ProviderUser service OS hardware service OS hardware Privacy CA SoftwareCA Hohl, A., Lowis, L., Zugenmaier, A.: Look who's talking - Authenticated Service Access Points. travel agency untrusted area trusted end device
FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 14 III. WP 14: Areas of Work I want a holiday trip, here are my attributes U wants a car, Here is what I know of U User CarHoliday trip Service 1 1:n 1:n:m To known service To unknown service(s)U = profile Service 2 user profiles Identity management Identity management extended by protocols, TC, … D14.2: Study on privacy in business processes by identity management D14.3: Study on the suitability of trusted computing to support
 privacy policies in business processes Identification of privacy requirements for identity management relating to the use of disclosed personal data Objective:
FIDIS - Future of Identity in the Information Society (No. 507512) 15 • Non-Programmed Norms Safe harbor, regulations EU, self-determination politeness, respect • Programmed Norms P3P, EPAL, … • Privacy Tools - Distrust in partner - Control service‘s system
 behavior or knowledge about it - User-controlled only Approach of WP14 Privacy Principles Privacy Policy Privacy Tools Prevent misuse (Access Control) Identify misuse (Audit) Prevent profiling (Anonymity services) Minimize profiling (IMS) 11.09.2006
FIDIS - Future of Identity in the Information Society (No. 507512) 16 Workshop Agenda – Monday Session 1 14:15-16:15 14:15-14:45 Sven Wohlgemuth (ALU-FR): Privacy in Business Processes by User-centric Identity Management 14:45-15:15 Mireille Hildebrandt (VUB): The user-centric narrative of AmI: smart marketing or citizen empowerment? 15:15-15:45 Günter Karjoth (IBM): Achieving Transparency by Applying an Enterprise Privacy Architecture 15:45-16:15 Simone Fischer-Hübner (KU): The "Data Track" for increasing transparency for end users 16:15-16:30 Coffee Break Session 2 16:30-18:30 16:30-17:00 Ammar Alkassar (SIRRIX): Employing Trusted Computing for User-Friendly Business-Processes 17:00-17:30 Stefan Köpsell (TUD): Overview of Trusted Computing and possible Applications for Business Processes with Delegates 17:30-18:00 Richard Cissée (TUB): Privacy-preserving Information Filtering 18:00-18:30 Sven Wohlgemuth (ALU-FR): Further steps to D14.2, D14.3 and to 4th work plan 11.09.2006
FIDIS - Future of Identity in the Information Society (No. 507512) 17 Workshop Agenda – Tuesday Session 3 13:45-15:15 13:45-14:15 Martin Meints (ICPP): Compliance in Enterprises - how can Trends in IT-Security successfully be transfered to Data Protection? 14:15-14:45 Laurent Bussard (Microsoft): TBA 14:45-15:15 Pieter Ribbers (Tilburg University): Privacy and Business Processes: the approach in PRIME 11.09.2006

Recommended

Privacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementPrivacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementSven Wohlgemuth
 
Identity Platform Use Cases
Identity Platform Use CasesIdentity Platform Use Cases
Identity Platform Use CasesUbisecure
 
Lessons Learned from Federal ICAM - User Group
Lessons Learned from Federal ICAM - User GroupLessons Learned from Federal ICAM - User Group
Lessons Learned from Federal ICAM - User GroupJoel Rader, CISSP
 
Nursecoin technology platform overview
Nursecoin technology platform overviewNursecoin technology platform overview
Nursecoin technology platform overviewCyrus Maaghul
 
Identity Trust Framework Survey
Identity Trust Framework SurveyIdentity Trust Framework Survey
Identity Trust Framework Surveyadremllc
 
Velociter Case Studeis (Smart Card Project)
Velociter Case Studeis (Smart Card Project)Velociter Case Studeis (Smart Card Project)
Velociter Case Studeis (Smart Card Project)prathikb
 
Multi-Factor Authentication & Authorisation
Multi-Factor Authentication & AuthorisationMulti-Factor Authentication & Authorisation
Multi-Factor Authentication & AuthorisationUbisecure
 
Bin list tool
Bin list toolBin list tool
Bin list toolalbinamuro2
 

Recommended

Privacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementPrivacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementSven Wohlgemuth
 
Identity Platform Use Cases
Identity Platform Use CasesIdentity Platform Use Cases
Identity Platform Use CasesUbisecure
 
Lessons Learned from Federal ICAM - User Group
Lessons Learned from Federal ICAM - User GroupLessons Learned from Federal ICAM - User Group
Lessons Learned from Federal ICAM - User GroupJoel Rader, CISSP
 
Nursecoin technology platform overview
Nursecoin technology platform overviewNursecoin technology platform overview
Nursecoin technology platform overviewCyrus Maaghul
 
Identity Trust Framework Survey
Identity Trust Framework SurveyIdentity Trust Framework Survey
Identity Trust Framework Surveyadremllc
 
Velociter Case Studeis (Smart Card Project)
Velociter Case Studeis (Smart Card Project)Velociter Case Studeis (Smart Card Project)
Velociter Case Studeis (Smart Card Project)prathikb
 
Multi-Factor Authentication & Authorisation
Multi-Factor Authentication & AuthorisationMulti-Factor Authentication & Authorisation
Multi-Factor Authentication & AuthorisationUbisecure
 
Bin list tool
Bin list toolBin list tool
Bin list toolalbinamuro2
 
Brazil3- Forbes
Brazil3- ForbesBrazil3- Forbes
Brazil3- ForbesFLORENCE LILTI
 
Research paper UAVs2012
Research paper UAVs2012Research paper UAVs2012
Research paper UAVs2012Jan Miller
 
Создание рефлексивно-гуманистической образовательной среды
Создание рефлексивно-гуманистической образовательной средыСоздание рефлексивно-гуманистической образовательной среды
Создание рефлексивно-гуманистической образовательной средыTaisiya Mukii
 
On Privacy in Medical Services with Electronic Health Records
On Privacy in Medical Services with Electronic Health RecordsOn Privacy in Medical Services with Electronic Health Records
On Privacy in Medical Services with Electronic Health RecordsSven Wohlgemuth
 
Грипп и пневмония
Грипп и пневмонияГрипп и пневмония
Грипп и пневмонияsk1ll
 
karpets2015
karpets2015karpets2015
karpets2015Andrei Vainer
 
Conditional 0 and 1
Conditional 0 and 1Conditional 0 and 1
Conditional 0 and 1juan pablo vinchery
 
2 Recommendation letters
2 Recommendation letters2 Recommendation letters
2 Recommendation lettersVan Anh Nguyen Ngoc
 
THESIS 2013 copy
THESIS 2013 copyTHESIS 2013 copy
THESIS 2013 copyVan Anh Nguyen Ngoc
 
BS ABM 2014
BS ABM 2014BS ABM 2014
BS ABM 2014Andrei Vainer
 
معلومات عن الهاكر وطرق الحمايه
معلومات عن الهاكر وطرق الحمايهمعلومات عن الهاكر وطرق الحمايه
معلومات عن الهاكر وطرق الحمايهhakmhamdy
 
English vocabulary
English vocabularyEnglish vocabulary
English vocabularygguzman76
 
2016ProductCatalogcolorFinalProductionCatalog
2016ProductCatalogcolorFinalProductionCatalog2016ProductCatalogcolorFinalProductionCatalog
2016ProductCatalogcolorFinalProductionCatalogRobert J Rodrick Jr.
 
Modern Nanostructures for Diagnosis and Treatment
Modern Nanostructures for Diagnosis and TreatmentModern Nanostructures for Diagnosis and Treatment
Modern Nanostructures for Diagnosis and Treatmenttabirsir
 
Cartel educativo
Cartel educativoCartel educativo
Cartel educativoSathya Casasola
 
Aquasomes
AquasomesAquasomes
AquasomesSagar Savale
 
Nano carriers in cancer treatment
Nano carriers in cancer treatment Nano carriers in cancer treatment
Nano carriers in cancer treatment venkatesh swamy
 
Drug delivery via nanocapsules
Drug delivery via nanocapsules Drug delivery via nanocapsules
Drug delivery via nanocapsules tabirsir
 
Smart sms
Smart sms Smart sms
Smart sms Mohamed Ali Salem ,MBA,PMP,Scrum
 
Sovereign identity
Sovereign identitySovereign identity
Sovereign identityI am currently looking for a good job with a great company!
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...gueste4e93e3
 
UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015Jerry Fishenden
 

More Related Content

Viewers also liked

Research paper UAVs2012
Research paper UAVs2012Research paper UAVs2012
Research paper UAVs2012Jan Miller
 
Создание рефлексивно-гуманистической образовательной среды
Создание рефлексивно-гуманистической образовательной средыСоздание рефлексивно-гуманистической образовательной среды
Создание рефлексивно-гуманистической образовательной средыTaisiya Mukii
 
On Privacy in Medical Services with Electronic Health Records
On Privacy in Medical Services with Electronic Health RecordsOn Privacy in Medical Services with Electronic Health Records
On Privacy in Medical Services with Electronic Health RecordsSven Wohlgemuth
 
Грипп и пневмония
Грипп и пневмонияГрипп и пневмония
Грипп и пневмонияsk1ll
 
معلومات عن الهاكر وطرق الحمايه
معلومات عن الهاكر وطرق الحمايهمعلومات عن الهاكر وطرق الحمايه
معلومات عن الهاكر وطرق الحمايهhakmhamdy
 
English vocabulary
English vocabularyEnglish vocabulary
English vocabularygguzman76
 
2016ProductCatalogcolorFinalProductionCatalog
2016ProductCatalogcolorFinalProductionCatalog2016ProductCatalogcolorFinalProductionCatalog
2016ProductCatalogcolorFinalProductionCatalogRobert J Rodrick Jr.
 
Modern Nanostructures for Diagnosis and Treatment
Modern Nanostructures for Diagnosis and TreatmentModern Nanostructures for Diagnosis and Treatment
Modern Nanostructures for Diagnosis and Treatmenttabirsir
 
Nano carriers in cancer treatment
Nano carriers in cancer treatment Nano carriers in cancer treatment
Nano carriers in cancer treatment venkatesh swamy
 
Drug delivery via nanocapsules
Drug delivery via nanocapsules Drug delivery via nanocapsules
Drug delivery via nanocapsules tabirsir
 

Viewers also liked (18)

Brazil3- Forbes
Brazil3- ForbesBrazil3- Forbes
Brazil3- Forbes
 
Research paper UAVs2012
Research paper UAVs2012Research paper UAVs2012
Research paper UAVs2012
 
Создание рефлексивно-гуманистической образовательной среды
Создание рефлексивно-гуманистической образовательной средыСоздание рефлексивно-гуманистической образовательной среды
Создание рефлексивно-гуманистической образовательной среды
 
On Privacy in Medical Services with Electronic Health Records
On Privacy in Medical Services with Electronic Health RecordsOn Privacy in Medical Services with Electronic Health Records
On Privacy in Medical Services with Electronic Health Records
 
Грипп и пневмония
Грипп и пневмонияГрипп и пневмония
Грипп и пневмония
 
karpets2015
karpets2015karpets2015
karpets2015
 
Conditional 0 and 1
Conditional 0 and 1Conditional 0 and 1
Conditional 0 and 1
 
2 Recommendation letters
2 Recommendation letters2 Recommendation letters
2 Recommendation letters
 
THESIS 2013 copy
THESIS 2013 copyTHESIS 2013 copy
THESIS 2013 copy
 
BS ABM 2014
BS ABM 2014BS ABM 2014
BS ABM 2014
 
معلومات عن الهاكر وطرق الحمايه
معلومات عن الهاكر وطرق الحمايهمعلومات عن الهاكر وطرق الحمايه
معلومات عن الهاكر وطرق الحمايه
 
English vocabulary
English vocabularyEnglish vocabulary
English vocabulary
 
2016ProductCatalogcolorFinalProductionCatalog
2016ProductCatalogcolorFinalProductionCatalog2016ProductCatalogcolorFinalProductionCatalog
2016ProductCatalogcolorFinalProductionCatalog
 
Modern Nanostructures for Diagnosis and Treatment
Modern Nanostructures for Diagnosis and TreatmentModern Nanostructures for Diagnosis and Treatment
Modern Nanostructures for Diagnosis and Treatment
 
Cartel educativo
Cartel educativoCartel educativo
Cartel educativo
 
Aquasomes
AquasomesAquasomes
Aquasomes
 
Nano carriers in cancer treatment
Nano carriers in cancer treatment Nano carriers in cancer treatment
Nano carriers in cancer treatment
 
Drug delivery via nanocapsules
Drug delivery via nanocapsules Drug delivery via nanocapsules
Drug delivery via nanocapsules
 

Similar to Privacy in Business Processes with User-Centric Identity Management

The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...gueste4e93e3
 
UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015Jerry Fishenden
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...XEventsHospitality
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identityWAFAA AL SALMAN
 
FIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in GermanyFIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in GermanyFIDO Alliance
 
X-Road as a Platform to Exchange MyData
X-Road as a Platform to Exchange MyDataX-Road as a Platform to Exchange MyData
X-Road as a Platform to Exchange MyDataPetteri Kivimäki
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Mike Schwartz
 
Cryptograpy Exam
Cryptograpy ExamCryptograpy Exam
Cryptograpy ExamLisa Olive
 
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTBUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTForgeRock
 
Chapter 2.ppt
Chapter 2.pptChapter 2.ppt
Chapter 2.pptOMDINA1
 
Trondheim20070508_OECDf
Trondheim20070508_OECDfTrondheim20070508_OECDf
Trondheim20070508_OECDffnfzone
 
apidays LIVE Hong Kong 2021 - Federated Learning for Banking by Isaac Wong, W...
apidays LIVE Hong Kong 2021 - Federated Learning for Banking by Isaac Wong, W...apidays LIVE Hong Kong 2021 - Federated Learning for Banking by Isaac Wong, W...
apidays LIVE Hong Kong 2021 - Federated Learning for Banking by Isaac Wong, W...apidays
 
IIW-11 Pseudonyms for Privacy
IIW-11 Pseudonyms for PrivacyIIW-11 Pseudonyms for Privacy
IIW-11 Pseudonyms for PrivacyJayUnger
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock
 
OpenID Foundation Workshop at EIC 2018 - Mobile Driver's License Presentantion
OpenID Foundation Workshop at EIC 2018 - Mobile Driver's License PresentantionOpenID Foundation Workshop at EIC 2018 - Mobile Driver's License Presentantion
OpenID Foundation Workshop at EIC 2018 - Mobile Driver's License PresentantionMikeLeszcz
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Avirot Mitamura
 
IDoT: Challenges from the IDentities of Things Landscape
IDoT: Challenges from the IDentities of Things LandscapeIDoT: Challenges from the IDentities of Things Landscape
IDoT: Challenges from the IDentities of Things Landscapekantarainitiative
 

Similar to Privacy in Business Processes with User-Centric Identity Management (20)

Smart sms
Smart sms Smart sms
Smart sms
 
Sovereign identity
Sovereign identitySovereign identity
Sovereign identity
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
 
UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015UK Government identity initiatives since the late 1990s - IDnext 2015
UK Government identity initiatives since the late 1990s - IDnext 2015
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
 
FIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in GermanyFIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in Germany
 
X-Road as a Platform to Exchange MyData
X-Road as a Platform to Exchange MyDataX-Road as a Platform to Exchange MyData
X-Road as a Platform to Exchange MyData
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
 
Cryptograpy Exam
Cryptograpy ExamCryptograpy Exam
Cryptograpy Exam
 
180926 ihan webinar 2
180926 ihan webinar 2180926 ihan webinar 2
180926 ihan webinar 2
 
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTBUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
 
Chapter 2.ppt
Chapter 2.pptChapter 2.ppt
Chapter 2.ppt
 
Trondheim20070508_OECDf
Trondheim20070508_OECDfTrondheim20070508_OECDf
Trondheim20070508_OECDf
 
apidays LIVE Hong Kong 2021 - Federated Learning for Banking by Isaac Wong, W...
apidays LIVE Hong Kong 2021 - Federated Learning for Banking by Isaac Wong, W...apidays LIVE Hong Kong 2021 - Federated Learning for Banking by Isaac Wong, W...
apidays LIVE Hong Kong 2021 - Federated Learning for Banking by Isaac Wong, W...
 
IIW-11 Pseudonyms for Privacy
IIW-11 Pseudonyms for PrivacyIIW-11 Pseudonyms for Privacy
IIW-11 Pseudonyms for Privacy
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
OpenID Foundation Workshop at EIC 2018 - Mobile Driver's License Presentantion
OpenID Foundation Workshop at EIC 2018 - Mobile Driver's License PresentantionOpenID Foundation Workshop at EIC 2018 - Mobile Driver's License Presentantion
OpenID Foundation Workshop at EIC 2018 - Mobile Driver's License Presentantion
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)
 
IDoT: Challenges from the IDentities of Things Landscape
IDoT: Challenges from the IDentities of Things LandscapeIDoT: Challenges from the IDentities of Things Landscape
IDoT: Challenges from the IDentities of Things Landscape
 

More from Sven Wohlgemuth

A Secure Decision-Support Scheme for Self-Sovereign Identity Management
A Secure Decision-Support Scheme for Self-Sovereign Identity ManagementA Secure Decision-Support Scheme for Self-Sovereign Identity Management
A Secure Decision-Support Scheme for Self-Sovereign Identity ManagementSven Wohlgemuth
 
Competitive Compliance with Blockchain
Competitive Compliance with BlockchainCompetitive Compliance with Blockchain
Competitive Compliance with BlockchainSven Wohlgemuth
 
Secure Sharing of Design Information with Blockchains
Secure Sharing of Design Information with BlockchainsSecure Sharing of Design Information with Blockchains
Secure Sharing of Design Information with BlockchainsSven Wohlgemuth
 
個人情報の有効活用を可能にする (Enabling effective use of personal information)
個人情報の有効活用を可能にする (Enabling effective use of personal information) 個人情報の有効活用を可能にする (Enabling effective use of personal information)
個人情報の有効活用を可能にする (Enabling effective use of personal information)Sven Wohlgemuth
 
Tagging Disclosure of Personal Data to Third Parties to Preserve Privacy
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacyTagging Disclosure of Personal Data to Third Parties to Preserve Privacy
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacySven Wohlgemuth
 
Privacy-Enhancing Trust Infrastructure for Process Mining
Privacy-Enhancing Trust Infrastructure for Process MiningPrivacy-Enhancing Trust Infrastructure for Process Mining
Privacy-Enhancing Trust Infrastructure for Process MiningSven Wohlgemuth
 
EN 6.3: 3 Sicherheitsmodelle
EN 6.3: 3 SicherheitsmodelleEN 6.3: 3 Sicherheitsmodelle
EN 6.3: 3 SicherheitsmodelleSven Wohlgemuth
 
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...Sven Wohlgemuth
 
EN 6.3: 2 IT-Compliance und IT-Sicherheitsmanagement
EN 6.3: 2 IT-Compliance und IT-SicherheitsmanagementEN 6.3: 2 IT-Compliance und IT-Sicherheitsmanagement
EN 6.3: 2 IT-Compliance und IT-SicherheitsmanagementSven Wohlgemuth
 
EN 6.3: 1 IT-Sicherheit und Technischer Datenschutz
EN 6.3: 1 IT-Sicherheit und Technischer DatenschutzEN 6.3: 1 IT-Sicherheit und Technischer Datenschutz
EN 6.3: 1 IT-Sicherheit und Technischer DatenschutzSven Wohlgemuth
 
Privacy with Secondary Use of Personal Information
Privacy with Secondary Use of Personal InformationPrivacy with Secondary Use of Personal Information
Privacy with Secondary Use of Personal InformationSven Wohlgemuth
 
International Workshop on Information Systems for Social Innovation (ISSI) 2009
International Workshop on Information Systems for Social Innovation (ISSI) 2009International Workshop on Information Systems for Social Innovation (ISSI) 2009
International Workshop on Information Systems for Social Innovation (ISSI) 2009Sven Wohlgemuth
 
Durchsetzung von Privacy Policies in Dienstenetzen
Durchsetzung von Privacy Policies in DienstenetzenDurchsetzung von Privacy Policies in Dienstenetzen
Durchsetzung von Privacy Policies in DienstenetzenSven Wohlgemuth
 
Privacy in Business Processes by Identity Management
Privacy in Business Processes by Identity ManagementPrivacy in Business Processes by Identity Management
Privacy in Business Processes by Identity ManagementSven Wohlgemuth
 
Schlüsselverwaltung - Objektorientierter Entwurf und Implementierung
Schlüsselverwaltung - Objektorientierter Entwurf und ImplementierungSchlüsselverwaltung - Objektorientierter Entwurf und Implementierung
Schlüsselverwaltung - Objektorientierter Entwurf und ImplementierungSven Wohlgemuth
 
Resilience by Usable Security
Resilience by Usable SecurityResilience by Usable Security
Resilience by Usable SecuritySven Wohlgemuth
 
Sicherheit in einer vernetzten Welt
Sicherheit in einer vernetzten WeltSicherheit in einer vernetzten Welt
Sicherheit in einer vernetzten WeltSven Wohlgemuth
 
Solutions for Coping with Privacy and Usability
Solutions for Coping with Privacy and UsabilitySolutions for Coping with Privacy and Usability
Solutions for Coping with Privacy and UsabilitySven Wohlgemuth
 

More from Sven Wohlgemuth (20)

A Secure Decision-Support Scheme for Self-Sovereign Identity Management
A Secure Decision-Support Scheme for Self-Sovereign Identity ManagementA Secure Decision-Support Scheme for Self-Sovereign Identity Management
A Secure Decision-Support Scheme for Self-Sovereign Identity Management
 
Competitive Compliance with Blockchain
Competitive Compliance with BlockchainCompetitive Compliance with Blockchain
Competitive Compliance with Blockchain
 
Secure Sharing of Design Information with Blockchains
Secure Sharing of Design Information with BlockchainsSecure Sharing of Design Information with Blockchains
Secure Sharing of Design Information with Blockchains
 
個人情報の有効活用を可能にする (Enabling effective use of personal information)
個人情報の有効活用を可能にする (Enabling effective use of personal information) 個人情報の有効活用を可能にする (Enabling effective use of personal information)
個人情報の有効活用を可能にする (Enabling effective use of personal information)
 
Tagging Disclosure of Personal Data to Third Parties to Preserve Privacy
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacyTagging Disclosure of Personal Data to Third Parties to Preserve Privacy
Tagging Disclosure of Personal Data to Third Parties to Preserve Privacy
 
Privacy-Enhancing Trust Infrastructure for Process Mining
Privacy-Enhancing Trust Infrastructure for Process MiningPrivacy-Enhancing Trust Infrastructure for Process Mining
Privacy-Enhancing Trust Infrastructure for Process Mining
 
EN 6.3: 4 Kryptographie
EN 6.3: 4 KryptographieEN 6.3: 4 Kryptographie
EN 6.3: 4 Kryptographie
 
EN 6.3: 3 Sicherheitsmodelle
EN 6.3: 3 SicherheitsmodelleEN 6.3: 3 Sicherheitsmodelle
EN 6.3: 3 Sicherheitsmodelle
 
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...
 
Privacy in e-Health
Privacy in e-HealthPrivacy in e-Health
Privacy in e-Health
 
EN 6.3: 2 IT-Compliance und IT-Sicherheitsmanagement
EN 6.3: 2 IT-Compliance und IT-SicherheitsmanagementEN 6.3: 2 IT-Compliance und IT-Sicherheitsmanagement
EN 6.3: 2 IT-Compliance und IT-Sicherheitsmanagement
 
EN 6.3: 1 IT-Sicherheit und Technischer Datenschutz
EN 6.3: 1 IT-Sicherheit und Technischer DatenschutzEN 6.3: 1 IT-Sicherheit und Technischer Datenschutz
EN 6.3: 1 IT-Sicherheit und Technischer Datenschutz
 
Privacy with Secondary Use of Personal Information
Privacy with Secondary Use of Personal InformationPrivacy with Secondary Use of Personal Information
Privacy with Secondary Use of Personal Information
 
International Workshop on Information Systems for Social Innovation (ISSI) 2009
International Workshop on Information Systems for Social Innovation (ISSI) 2009International Workshop on Information Systems for Social Innovation (ISSI) 2009
International Workshop on Information Systems for Social Innovation (ISSI) 2009
 
Durchsetzung von Privacy Policies in Dienstenetzen
Durchsetzung von Privacy Policies in DienstenetzenDurchsetzung von Privacy Policies in Dienstenetzen
Durchsetzung von Privacy Policies in Dienstenetzen
 
Privacy in Business Processes by Identity Management
Privacy in Business Processes by Identity ManagementPrivacy in Business Processes by Identity Management
Privacy in Business Processes by Identity Management
 
Schlüsselverwaltung - Objektorientierter Entwurf und Implementierung
Schlüsselverwaltung - Objektorientierter Entwurf und ImplementierungSchlüsselverwaltung - Objektorientierter Entwurf und Implementierung
Schlüsselverwaltung - Objektorientierter Entwurf und Implementierung
 
Resilience by Usable Security
Resilience by Usable SecurityResilience by Usable Security
Resilience by Usable Security
 
Sicherheit in einer vernetzten Welt
Sicherheit in einer vernetzten WeltSicherheit in einer vernetzten Welt
Sicherheit in einer vernetzten Welt
 
Solutions for Coping with Privacy and Usability
Solutions for Coping with Privacy and UsabilitySolutions for Coping with Privacy and Usability
Solutions for Coping with Privacy and Usability
 

Recently uploaded

定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Deliverybabeytanya
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdf
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdfThe Intriguing World of CDR Analysis by Police: What You Need to Know.pdf
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdfMilind Agarwal
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一3sw2qly1
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 

Recently uploaded (20)

定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdf
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdfThe Intriguing World of CDR Analysis by Police: What You Need to Know.pdf
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdf
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 

Privacy in Business Processes with User-Centric Identity Management

  • 1. FIDIS Research Event 2006, Budapest Sven Wohlgemuth Albert-Ludwig University Freiburg, Germany Privacy in Business Processes by User-centric Identity Management
  • 2. FIDIS - Future of Identity in the Information Society (No. 507512) 11.09.2006 2 Agenda I. Scenario: Personalized Services and Business Processes II. Example: Data Economy in Business Processes III. WP14: Areas of Work
  • 3. FIDIS - Future of Identity in the Information Society (No. 507512) 11.09.2006 3 I. Personalized Services and 
 Business Processes Objectives of an attacker: • Tracing user • Misusing user‘s attributes I want a holiday trip, here are my attributes User Holiday trip Service 1 1:n To known service Challenge: Trust in Service 1? U wants a car, Here is what I know of U Car 1:n:m To unknown service(s)U = profile Service 2 user profiles
  • 4. FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 4 Survey for Germany (ECE IV)
 Most Important Barriers for Personalized Services 0 % 25 % 50 % 75 % 100 % 20,700 %20,700 %18,100 %15,800 %15,984 % 12,012 % 58,400 %56,700 % 47,700 %49,800 %46,753 % 44,344 % 20,900 %22,600 % 34,200 %34,400 %37,263 % 43,644 % high medium no Costly integration in processes Expected neg. reaction since privacy violation Doubts wrt. data protection laws Low customer acceptance Other legal doubts Pot. loss of reputation http://www.telematik.uni-freiburg.de/ece.php
  • 5. FIDIS - Future of Identity in the Information Society (No. 507512) 5 Car? Driving licence? Privacy Attacks
 1:n Relationships Privacy: User is able to to determine on the disclosure and use of his own personal data. I want a holiday trip, here are my attributes User Holiday trip Service 1Service 1 1:n To known service U = profile 11.09.2006
  • 6. FIDIS - Future of Identity in the Information Society (No. 507512) 5 Car? Driving licence? Threat: Misuse of personal data by services Driving
 licence Stella Freiburger
 Classes: ABE
 Friedrichstr. 50
 D-79098 Freiburg
 Germany
 IP: 132.15.16.3 Motorbike Claudia Freiburger Harley Davidson IP: 132.15.16.3 Car Stella Freibuger VW Beetle IP: 132.15.16.3 Privacy Attacks
 1:n Relationships Privacy: User is able to to determine on the disclosure and use of his own personal data. I want a holiday trip, here are my attributes User Holiday trip Service 1Service 1 1:n To known service U = profile 11.09.2006
  • 7. Driving licence? Car? Car Car Stella Freiburger VW Beetle IP: 132.15.16.3 Driving
 licence Stella Freiburger Classes: ABE
 Friedrichstr. 50
 D-79098 Freiburg
 Germany
 IP: 132.15.16.3 Vacation trip? Privacy Attacks
 1:n:m Relationships I want a holiday trip, here are my attributes U wants a car, Here is what I know of U User CarHoliday trip Service 1Service 1 1:n 1:n:m To known service To unknown service(s)U = profile Service 2Service 2 user profiles
  • 8. Driving licence? Informational self-determination? Driving
 Licence Stella Freibuger
 Classes: ABE
 Friedrichstr. 50
 D-79098 Freiburg
 Germany
 IP: 132.15.16.3 Holiday Stella Freiburger VW Beetle ... IP: 132.15.16.3 Car? Car Car Stella Freiburger VW Beetle IP: 132.15.16.3 Driving
 licence Stella Freiburger Classes: ABE
 Friedrichstr. 50
 D-79098 Freiburg
 Germany
 IP: 132.15.16.3 Vacation trip? Privacy Attacks
 1:n:m Relationships I want a holiday trip, here are my attributes U wants a car, Here is what I know of U User CarHoliday trip Service 1Service 1 1:n 1:n:m To known service To unknown service(s)U = profile Service 2Service 2 user profiles
  • 9. FIDIS - Future of Identity in the Information Society (No. 507512) 7 II. Problem: Data Economy Identity management and multi-staged business processes □ Single Sign On: central or several CA
 (Microsoft .NET Passport or Liberty Alliance) □ Partial identities
 (Freiburg iManager) □ Anonymous credentials
 (IBM idemix) 11.09.2006
  • 10. FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 8 Case 1: Single Sign-On
 1:n:m Relationships 3: Authentification 1: Request for booking 1: Request for car 2: Redirection 4: Connect 5: Request for pers. data: driving licence 7: Allow / deny access 8: Booking confirmation 6: Pers. data: driving licence
  • 11. FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 8 Case 1: Single Sign-On
 1:n:m Relationships • Proxy needs secret token of user for authentication ➔ Linkability + Misuse • CA is in every authentication involved ➔ Linkability 3: Authentification 1: Request for booking 1: Request for car 2: Redirection 4: Connect 5: Request for pers. data: driving licence 7: Allow / deny access 8: Booking confirmation 6: Pers. data: driving licence
  • 12. FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 9 Stella 543ag I am Stella Dig. driving licence I am 543ag Booking confirmation • Non-Transferability Mechanismen:
 All credentials and pseudonyms are based on one secret key kMax Car for 543ag Car CA certifies personal data and issues anonymous credentials skStella Case 2: Anonymous Credentials
 1:n:m Relationships
  • 13. FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 9 Stella 543ag I am Stella Dig. driving licence I am 543ag Booking confirmation • Non-Transferability Mechanismen:
 All credentials and pseudonyms are based on one secret key kMax Car for 543ag Car • Proxy requires secret key kStella for showing credential ! Delegation of all credentials: misuse is possible ! Fraud: Revealing anonymity of the user kStella CA certifies personal data and issues anonymous credentials skStella Case 2: Anonymous Credentials
 1:n:m Relationships
  • 14. Additional criteria for 1:n:m relationships: Delegation of rights on personal data • Integrity of an authorization • Delegation of „least privilege” • Preventing misuse of delegated authorizations • Restricting re-delegation of delegated authorizations • Revoking delegated authorizations • Distinguishing user and proxy Criteria for 1:n relationships: • Showing personal data depending on service • Non-linkability of transactions • Authentication without revealing identifying data • Non-repudiation of user‘s transactions • Revealing identity of cheating users Criteria for 1:n and 1:n:m Relationships
  • 15. FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 11 Idea: Authorization for purpose-based transfer of personal data as a credential
 (Proxy Credential) Unobservability by: – Anonymous credentials – Pseudonyms – CA signs Proxy Credential Purpose-based: – Logging of delegation and use by
 CA and end service Limit: – User cannot enforce restrictions
 of a delegated authorization – Observability if servíce needs
 identifying data of the user Wohlgemuth, S., Müller, G.: Privacy with Delegation of Rights by Identity Management, ETRICS 2006. DREISAM
 Unlinkable Delegation of Rights
  • 16. (Mechanisms of PKI + anonymous credentials) • Integrity of an authorization • Delegation of „least privilege“ • Preventing misuse of delegated authorizations • Restricting re-delegation of delegated authorizations • Revoking delegated authorizations • Distinguishing user and proxy DREISAM: Evaluation Criteria for a self-determined disclosure of personal data: • Showing personal data depending on service • Non-linkabiltiy of transactions • Authentication without revealing identifying data • Non-repudiation of user‘s transactions • Revealing identity of cheating users (Partial identity) (Pseudonyms and anonymity service) (Zero-Knowledge Proof) (Protocol run of showing a credential) (De-anonymization party) (Anonymous credential + CA) (One-show anony. credential + Audit) (Audit) (Proxy Credential) (Protocol of showing a credential + CA)
  • 17. Verifying Use of Personal Data:
 Certified Service □ Information flow: Verified sandbox at service provider □ Peer: Attestated service access points of sandbox □ Presumption: TPM and CA infrastructure service OS hardware service OS hardware Service ProviderUser service OS hardware service OS hardware Privacy CA SoftwareCA Hohl, A., Lowis, L., Zugenmaier, A.: Look who's talking - Authenticated Service Access Points. travel agency untrusted area trusted end device
  • 18. FIDIS - Future of Identity in the Information Society (No. 507512) 16.05.16 14 III. WP 14: Areas of Work I want a holiday trip, here are my attributes U wants a car, Here is what I know of U User CarHoliday trip Service 1 1:n 1:n:m To known service To unknown service(s)U = profile Service 2 user profiles Identity management Identity management extended by protocols, TC, … D14.2: Study on privacy in business processes by identity management D14.3: Study on the suitability of trusted computing to support
 privacy policies in business processes Identification of privacy requirements for identity management relating to the use of disclosed personal data Objective:
  • 19. FIDIS - Future of Identity in the Information Society (No. 507512) 15 • Non-Programmed Norms Safe harbor, regulations EU, self-determination politeness, respect • Programmed Norms P3P, EPAL, … • Privacy Tools - Distrust in partner - Control service‘s system
 behavior or knowledge about it - User-controlled only Approach of WP14 Privacy Principles Privacy Policy Privacy Tools Prevent misuse (Access Control) Identify misuse (Audit) Prevent profiling (Anonymity services) Minimize profiling (IMS) 11.09.2006
  • 20. FIDIS - Future of Identity in the Information Society (No. 507512) 16 Workshop Agenda – Monday Session 1 14:15-16:15 14:15-14:45 Sven Wohlgemuth (ALU-FR): Privacy in Business Processes by User-centric Identity Management 14:45-15:15 Mireille Hildebrandt (VUB): The user-centric narrative of AmI: smart marketing or citizen empowerment? 15:15-15:45 Günter Karjoth (IBM): Achieving Transparency by Applying an Enterprise Privacy Architecture 15:45-16:15 Simone Fischer-Hübner (KU): The "Data Track" for increasing transparency for end users 16:15-16:30 Coffee Break Session 2 16:30-18:30 16:30-17:00 Ammar Alkassar (SIRRIX): Employing Trusted Computing for User-Friendly Business-Processes 17:00-17:30 Stefan Köpsell (TUD): Overview of Trusted Computing and possible Applications for Business Processes with Delegates 17:30-18:00 Richard Cissée (TUB): Privacy-preserving Information Filtering 18:00-18:30 Sven Wohlgemuth (ALU-FR): Further steps to D14.2, D14.3 and to 4th work plan 11.09.2006
  • 21. FIDIS - Future of Identity in the Information Society (No. 507512) 17 Workshop Agenda – Tuesday Session 3 13:45-15:15 13:45-14:15 Martin Meints (ICPP): Compliance in Enterprises - how can Trends in IT-Security successfully be transfered to Data Protection? 14:15-14:45 Laurent Bussard (Microsoft): TBA 14:45-15:15 Pieter Ribbers (Tilburg University): Privacy and Business Processes: the approach in PRIME 11.09.2006