Enterprises and governmental agencies process personal data of their clients for, e.g., personalised services and to get access to services as a proxy for them. By the Directives 95/46/EC and 2002/58/EC, the EC has defined data protection and security principles in order to regulate the processing of personal data. User centric identity management empowers clients in controlling the disclosure of their personal data to organisations. For information chains as found in multi-staged processes identity management may lead to a big-brother phenomenon. Clients have to trust organisations that they process personal data according to their privacy and security policies, along the chain of participating parties.
This workshop aims at these challenges and discusses first approaches for privacy enhancing technologies (PET) and their use in current and future business and governmental process models. The workshop itself will be jointly organised by the IST FP6 projects FIDIS and PRIME.
Privacy in Business Processes by Identity Management
1. PrivacyPrivacy in Businessin Business ProcessesProcesses byby
IdentityIdentity ManagementManagement
IST 2006, Helsinki, November 23IST 2006, Helsinki, November 23rdrd, 2006, 2006
Sven Wohlgemuth
Prof. Dr. Günter Müller
Albert-Ludwig University of Freiburg, Germany
Institute of Computer Science and Social Studies
Department of Telematics
http://www.telematik.uni-freiburg.de
2. http://www.telematik.uni-freiburg.de 2Sven Wohlgemuth <wohlgemuth@iig.uni-freiburg.de>
IIG Telematics
Prof. Dr. Günter Müller
Computer science
(7 assistants)
Privacy &
security E-Commerce Economics
(7 assistants)
• iManager: Security and usability by identity management (CeBIT 2003, doIT Software-Award
2003)
• Int. Conference on Emerging Trends in Information and Communication Security (ETRICS)
2006
• Editor of CACM special issue “Privacy and Security in Highly Dynamic Systems”, Sept. 2006
• Electronic Commerce Enquête 2005: Use of IT in German enterprises
• Coordination of German Priority Programme “Security in the Information and Communication
Technology”
• Coordination of FIDIS NoE work package “Privacy in Business Processes”
3. http://www.telematik.uni-freiburg.de 3Sven Wohlgemuth <wohlgemuth@iig.uni-freiburg.de>
43,6%
37,3% 34,4% 34,2%
22,6% 20,9%
44,3%
46,8% 49,8% 47,7%
56,7% 58,4%
12,0%
16,0% 15,8% 18,1% 20,7% 20,7%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
no
medium
high
Costly integration
in processes
Expected neg.
reaction since
privacy
violation
Doubts wrt.
data
protection
laws
Low customer
acceptance
Other legal
doubts
Pot. loss
of reputation
http://www.telematik.uni-freiburg.de/ece.php
SurveySurvey forfor Germany (ECE IV)Germany (ECE IV)
MostMost ImportantImportant BarriersBarriers forfor PersonalizedPersonalized ServicesServices
4. http://www.telematik.uni-freiburg.de 4Sven Wohlgemuth <wohlgemuth@iig.uni-freiburg.de>
I want a car
Car
Service 1
Service 2
Challenge: User-controlled disclosure of personal data
I need money
Money
Profile 1
Profile 2
Jendricke, U., Gerd tom Markotten, D.: Usability meets Security - The Identity-Manager as your Personal Security Assistant for the Internet, ACSAC, 2000
Problem 1: Linkability ofProblem 1: Linkability of ProfilesProfiles
Personalised services:
Conscious data collection
Creating profiles
Tracing an user by
identifying data
U
=
profile
Driving
licence
Stella Freiburger
Classes: ABE
Friedrichstr. 50
D-79098 Freiburg
Germany
IP: 132.15.16.3
Driving
licence
Stella Freiburger
Classes: ABE
Friedrichstr. 50
D-79098 Freiburg
Germany
IP: 132.15.16.3
Driving
licence
Stella Freiburger
Classes: ABE
Friedrichstr. 50
D-79098 Freiburg
Germany
IP: 132.15.16.3
Driving
licence
Stella Freiburger
Classes: ABE
Friedrichstr. 50
D-79098 Freiburg
Germany
IP: 132.15.16.3
Identity management (e.g. Freiburg iManager)
5. http://www.telematik.uni-freiburg.de 5Sven Wohlgemuth <wohlgemuth@iig.uni-freiburg.de>
Wohlgemuth, S., Müller, G.: Privacy with Delegation of Rights by Identity Management, LNCS 3995, 2006
Need medical
help
Therapy
Service 1
Blood analysis of P
Result
Service 2 …
Person
Person
Profile 2
Profile
1+2+…
Big Brother
Loss of control• All-or-nothing delegation
• DREISAM: Protocol for unlinkable delegation of rights on personal data
Problem 2: Delegation ofProblem 2: Delegation of ProfilesProfiles
Challenge: User-controlled disclosure and use of personal data
Driving
licence
Stella Freiburger
Classes: ABE
Friedrichstr. 50
D-79098 Freiburg
Germany
IP: 132.15.16.3
Driving
licence
Stella Freiburger
Classes: ABE
Friedrichstr. 50
D-79098 Freiburg
Germany
IP: 132.15.16.3
Driving
licence
Stella Freiburger
Classes: ABE
Friedrichstr. 50
D-79098 Freiburg
Germany
IP: 132.15.16.3
Driving
licence
Stella Freiburger
Classes: ABE
Friedrichstr. 50
D-79098 Freiburg
Germany
IP: 132.15.16.3
6. http://www.telematik.uni-freiburg.de 6Sven Wohlgemuth <wohlgemuth@iig.uni-freiburg.de>
Service 1
Profile 1
RFID
data
Sensor
data
Policy
data
Video
data
AmI changes collection:
Conscious communication
Unaware
human-machine
communication
User has no control on disclosure
of personal data
…
Sackmann, S., Strüker, J., Accorsi, R.: Personalization in Privacy-Aware Highly Dynamic Systems, CACM 49(9), 2006
Challenge: Avoidance of loss of control on personal data
Problem 3: Unaware Collection of ProfilesProblem 3: Unaware Collection of Profiles
7. http://www.telematik.uni-freiburg.de 7Sven Wohlgemuth <wohlgemuth@iig.uni-freiburg.de>
OurOur Approach:Approach: PrivacyPrivacy EvidenceEvidence
Accorsi, R.: On the Relationship of Privacy and Secure Remote Logging in Dynamic Systems, IFIP/SEC 2006
8. http://www.telematik.uni-freiburg.de 8Sven Wohlgemuth <wohlgemuth@iig.uni-freiburg.de>
Contact me!
Sven Wohlgemuth
E-Mail wohlgemuth@iig.uni-freiburg.de
WWW http://www.telematik.uni-freiburg.de
LookingLooking forfor PartnersPartners
Challenge: Avoidance of loss of control on personal data
Privacy evidences
Flexible privacy policy
Usable secure
interfaces
Delegation
Secure logging & audit
Watch this space!