Skip to main content
Springer Nature Link
Log in

Traceable and Automatic Compliance of Privacy Policies in Federated Digital Identity Management

  • Conference paper
Privacy Enhancing Technologies (PET 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4258))

Included in the following conference series:

  • 6092 Accesses

Abstract

Digital identity is defined as the digital representation of the information known about a specific individual or organization. An emerging approach for protecting identities of individuals while at the same time enhancing user convenience is to focus on inter-organization management of identity information. This is referred to as federated identity management. In this paper we develop an approach to support privacy controlled sharing of identity attributes and harmonization of privacy policies in federated environments. Policy harmonizations mechanisms make it possible to determine whether or not the transfer of identity attributes from one entity to another violate the privacy policies stated by the former. We also provide mechanisms for tracing the release of user’s identity attributes within the federation. Such approach entails a form of accountability since an entity non-compliant with the users original privacy preferences can be identified. Finally, a comprehensive security analysis details security properties is also offered.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. The Platform for Privacy Preferences 1.0 (P3P1.1) specification, http://www.w3.org/TR/P3P/

  2. EPAL 1.0 Specification, http://www.zurich.ibm.com/security/enterpriseprivacy/epal/

  3. Spantzel, A.B., Squicciarini, A.C., Bertino, E.: Integrating federated digital identity management and trust negotiation. In: Review for the IEEE Security and Privacy Magazine (2005)

    Google Scholar 

  4. Gruber, T.R.: A translation approach to portable ontology specifications. Knowledge Acquisition 5(2), 199–220 (1993)

    Article  Google Scholar 

  5. Doan, A., Madhavan, J., Domingos, P., Halevy, A.: Ontology Matching: A Machine Learning Approach (2003)

    Google Scholar 

  6. Uschold, M., Gruninger, M.: Ontologies: Principles, Methods, and Applications. Knowledge Engineering Review 11(2), 93–155 (1996)

    Article  Google Scholar 

  7. Maedche, A., Motik, B., NunoSilva, Volz, R.: MAFRA – a MApping FRAmework for distributed ontologies. In: Gómez-Pérez, A., Benjamins, V.R. (eds.) EKAW 2002. LNCS (LNAI), vol. 2473, pp. 235–241. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. P3P Preference Exchange Language 1.0 (APPEL1.0), http://www.w3.org/TR/P3Ppreferences/

  9. Alliance, L.: Liberty architecture framework for supporting privacy preference expression languages (ppel’s) (2003)

    Google Scholar 

  10. Liberty Alliance Project, http://www.projectliberty.org

  11. Shibboleth, Internet2, http://shibboleth.internet2.edu

  12. Cranor, L.F.: P3P: Making privacy policies more useful 1, 50–55 (2003)

    Google Scholar 

  13. Ashley, P., Satoshi Hada, G.K., Schunter, M.: E-P3P Privacy Policies and Privacy Authorization. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES) (2001)

    Google Scholar 

  14. Stufflebeam, W.H., Antón, A.I., He, Q., Jain, N.: Specifying privacy policies with P3P and EPAL: lessons learned. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES), p. 35 (2004)

    Google Scholar 

  15. Switchaai Federation, http://www.switch.ch/aai/documents.html

  16. InCommon Federation, http://www.incommonfederation.org/

  17. HAKA Federation Finland Federation, http://www.csc.fi/suomi/funet/middleware/

  18. Overhage, S., Thomas, P.: Ws-specification: Specifying web services using uddi improvements. In: Aksit, M., Mezini, M., Unland, R. (eds.) NODe 2002. LNCS, vol. 2591, pp. 100–119. Springer, Heidelberg (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, Purdue University,  

    Anna Squicciarini, Abhilasha Bhargav-Spantzel, Alexei Czeskis & Elisa Bertino

Authors
  1. Anna Squicciarini
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abhilasha Bhargav-Spantzel
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alexei Czeskis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Elisa Bertino
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microsoft Research, Cambridge, UK

    George Danezis

  2. Palo Alto Research Center, 3333 Coyote Hill Rd, 94304, Palo Alto, CA, USA

    Philippe Golle

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Squicciarini, A., Bhargav-Spantzel, A., Czeskis, A., Bertino, E. (2006). Traceable and Automatic Compliance of Privacy Policies in Federated Digital Identity Management. In: Danezis, G., Golle, P. (eds) Privacy Enhancing Technologies. PET 2006. Lecture Notes in Computer Science, vol 4258. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11957454_5

Download citation

  • DOI: https://doi.org/10.1007/11957454_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-68790-0

  • Online ISBN: 978-3-540-68793-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics