Abstract
Identity management has arisen as a major and urgent challenge for internet-based communications and information services. Internet services involve complex networks of relationships among users and providers – human and automated – acting in many different capacities under interconnected and dynamic contexts. There is a pressing need for frameworks and models to support the analysis and design of complex social relationships and identities in order to ensure the effective use of existing protection technologies and control mechanisms. Systematic methods are needed to guide the design, operation, administration, and maintenance of internet services, in order to address complex issues of security, privacy, trust and risk, as well as interactions in functionality. All of these rely on sophisticated concepts for identity and techniques for identity management.
We propose using a requirements modeling framework GRL to facilitate identity management for Internet Services. Using this modeling approach, we are able to represent different types of identities, social dependencies between identity users and owners, service users and providers, and third party mediators. We may also analyze the strategic rationales of business players/stakeholders in the context of identity management. This modeling approach will help identity management technology vendors to provide customizable solutions, user organizations to form integrated identity management solution, system operators and administrators to accommodate changes, and policy auditors to enforce information protection principles, e.g., Fair Information Practice Principles.
This research was conducted at the University of Toronto.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Buell, D.A., Sandu, R. (eds.): Special Issue on: Identity Management. IEEE Internet Computing, pp. 26–52 (November/December 2003)
Chung, L., Nixon, B.A., Yu, E., Mylopoulos, J.: Non-Functional Requirements in Software Engineering. Kluwer Academic Publishers, Dordrecht (2000)
Damiani, E., Vimercati, S.D.C., Damarati, P.: Managing Multiple and Dependable Identities. IEEE Internet Computing, 29–37 (November/December 2003)
Gans, G., Jarke, M., Kethers, S., Lakemayer, G., Ellrich, E., Funken, C.: Requirements Modeling for Organization Networks: A (Dis-)Trust –Based Approach. In: Int. Symp. Requirements Engineering (2001)
Lamsweerde, A.: Requirements Engineering in Year 2000 – A Research Perspective. In: Proceeding of 22nd International Conference on Software Engineering(ICSE 2000), Limerick. ACM Press, New York (2000), also available at ftp.info.ucl.ac.be/pub/publi/2000/icse2000-avl.pdf
Liu, L., Yu, E., Mylopoulos, J.: Security and Privacy Requirements Analysis within a Social Setting. In: Proceedings of International Conference on Requirements Engineering (RE 2003), Monterey, California, September 2003, pp. 151–161 (2003)
Liu, L., Yu, E.: Designing Information Systems in Social Context: A Goal and Scenario Modelling Approach. Information Systems 29(2), 187–203 (2003)
The National Electronic Commerce Coordinating Council. Identity Management: A White Paper, available at http://www.ec3.org/Downloads/2002/id_management.pdf
OASIS SAML 1.0 Domain Model, available at http://www.oasis-open.org/committees/security/docs/draft-sstc-use-domain-05.pdf
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Schneier, B.: Beyond Fear, Thinking Sensibly About Security in an Uncertain World. Copernicus Books (2003)
Yu, E.: Towards Modeling and Reasoning Support for Early-Phase Requirements Engineering. In: Proceedings of the 3rd IEEE International Symposium on Requirements Engineering (RE 1997), Washington D.C., USA, January 6-8, pp. 226–235 (1997)
Yu, E., Cysneiros, L.: Designing for Privacy and Other Competing Requirements. In: 2nd Symposium on Requirements Engineering for Information Security (SREIS 2002), Raleigh, North Carolina, October 16 (2002)
Yu, E., Liu, L.: Modeling Trust for System Design Using the i* Strategic Actors Framework. In: Falcone, R., Singh, M., Tan, Y.-H. (eds.) AA-WS 2000. LNCS (LNAI), vol. 2246, pp. 175–194. Springer, Heidelberg (2001)
Yu, E., Liu, L., Li, Y.: Modeling Strategic Actor Relationships to Support Intellectual Property Management. In: Kunii, H.S., Jajodia, S., Sølvberg, A. (eds.) ER 2001. LNCS, vol. 2224, pp. 164–178. Springer, Heidelberg (2001)
Yu, E.: Information Systems. In: Singh, M.P. (ed.) Practical Handbook of Internet Computing. CRC Press, Boca Raton (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liu, L., Yu, E. (2004). Intentional Modeling to Support Identity Management. In: Atzeni, P., Chu, W., Lu, H., Zhou, S., Ling, TW. (eds) Conceptual Modeling – ER 2004. ER 2004. Lecture Notes in Computer Science, vol 3288. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30464-7_42
Download citation
DOI: https://doi.org/10.1007/978-3-540-30464-7_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23723-5
Online ISBN: 978-3-540-30464-7
eBook Packages: Springer Book Archive