Summary
Technological development has undeniably pervaded every aspect of our lives, and the ways in which we now use our identity related information has not escaped the impact of this change. We are increasingly called upon to adopt new technology, usually more through obligation than choice, to function in everyday society, and with this new era of supposed convenience has come new risks and challenges. In this chapter we examine the roots of identity management and the systems we use to support this activity, ways in which we can strive to keep our digital information secure such as Public Key encryption and digital signatures and the evolving yet somewhat controversial role of biometrics in identification and authentication.
With an eye on the ever changing landscape of identity related technologies, we further explore emerging technologies which seem likely to impact on us in the near to mid-term future. These include RFID which has more recently come to the fore of the public consciousness, Ambient Intelligence environments which offer convenience at the potential cost of privacy and human implants which surprisingly have already been developed in a medical context and look set to be the next major step in our ever burgeoning relationship with technology.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Adler, A. (2003), ‘Can images be regenerated from biometric templates?’, Biometrics Conference, Washington.
Alkassar, A. and Husseiki, R. (eds.) (2008), FIDIS Deliverable D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management, Download: http://www.fidis. net/fileadmin/fidis/deliverables/fidis-wp3-del3.9_Study_on_the_Impact_of_Trusted_Computing_on_Identity_and_Identity_Management.pdf.
Alrodhan, W. A. and Mitchell, C. J. (2007), ‘Addressing privacy issues in CardSpace’, Third International Symposium on Information Assurance and Security (IAS 2007), IEEE Computer Society, pp. 285–291.
Article 29 Data Protection Working Party (Art29DPWP) (2003), Working Document on Biometrics, WP 80, Brussels. http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2003/wp80_en.pdf.
Article 29 Data Protection Working Party (Art29DPWP) (2004), Opinion on More Harmonised Information Provisions, WP 100, Brussels. http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2004/wp100_en.pdf.
Article 29 Data Protection Working Party (Art29DPWP) (2005), Working document on data protection issues related to RFID technology, WP 105, Brussels. http://www.eu.int/comm/justice_home/fsj/privacy/docs/wpdocs/2005/wp105_en.pdf.
Ballinger, K., Bissett, B., Box, D., Curbera, F., Ferguson, D., Graham, S., Liu, C. K., Ley-mann, F., Lovering, B., McCollum, R., Nadalin, A., Orchard, D., Parastatidis, S., von Riegen, C., Schlimmer, J., Shewchuk, J., Smith, B., Truty, G., Vedamuthu, A., Weer-awarana, S., Wilson, K., Yendluri, P. (2006), Web Services Metadata Exchange (WS-MetadataExchange), BEA Systems Inc., Computer Associates International, Inc., International Business Machines Corporation, Microsoft Corporation, Inc., SAP AG, Sun Microsystems, and webMethods. Specification Version 1.1.
Baran, P. (1964), ‘On Distributed Communications: IX. Security, Secrecy, and Tamper-Free Considerations,’ Memorandum RM-3765-PR, The Rand Corporation, 1700 Main St, Santa Monica, California, 90406. Reprinted in Hoffman L. J. (ed.): Security and Privacy in Computer Systems; Melville Publishing Company, Los Angeles, California, 1973, pp. 99–123. http://www.rand.org/pubs/research_memoranda/RM3765/.
Bauer, M., Meints, M., Hansen, M. (eds.) (2005), FIDIS Deliverable D3.1 Structured Overview on Prototypes and Concepts of Identity Management Systems, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp3-del3.1.overview_on_IMS.final.pdf.
Becker, M. Y., Gordon, A. D., Fournet, C. (2006), SecPAL: Design and Semantics of a Decentralized Authorization Language, Technical Report MSR-TR-2006-120, Microsoft Research, Redmond.
Bizer, J. and Spiekermann, S. (2006), TAUCIS — Technikfolgenabschätzung Ubiquitäres Computing und Informationelle Selbstbestimmung, study commissioned by the German Federal Ministry of Education and Research, Berlin. https://www.datenschutzzentrum.de/taucis/ita_taucis.pdf
Buitelaar, J.C., Meints, M., van Alsenoy, B. (eds.) (2008), FIDIS Deliverable D16.1: Conceptual Framework for Identity Management in eGovernment, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp16-del16.1-conceptual_framework_for_identity_management_in_egovernment.pdf.
Cabrera, L. F. and Kurt, C. (2005), Web Services Architecture and Its Specifications: Essentials for Understanding WS-*, Microsoft Press, Redmond.
Cameron, K. (2005), The Laws of Identity, published as weblog. http://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf.
Cavoukian, A. and Stoianov, A. (2007), Biometric Encryption, Ontario, Canada. http://www.ipc.on.ca/images/Resources/up-1bio_encryp.pdf.
Coulouris, G., Dollimore, J., Kindberg, T. (2005), Distributed Systems. Concepts and Design, Addison Wesley.
De Cock, D., Wolf, C., Preneel, B. (2006), ‘The Belgian Electronic Identity Card (Overview)’, in Sicherheit 2005: Sicherheit—Schutz und Zuverlässigkeit, Beiträge der 3. Jahrestagung des Fachbereiches Sicherheit der Gesellschaft für Informatik e.V. (GI), Lecture Notes in Informatics (LNI), Bonner Köllen Verlag, Bonn, pp. 298–301. http://www. cosic.esat.kuleuven.be/publications/article-769.pdf.
Fischer-Hübner, S. and Hedbom, H. (eds.) (2008), FIDIS Deliverable D12.3: A Holistic Privacy Framework for RFID Applications, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp12-del12.3.A_Holistic_Privacy_Framework_for_RFID_Appli-cations_v2.pdf.
Gasson, M. and Warwick, K. (eds.) (2007), FIDIS Deliverable D12.2: Study on Emerging AmI Technologies, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp12-d12.2_Study_on_Emerging_AmI_Technologies.pdf.
Gasson, M., Meints, M., Warwick, K. (eds.) (2005), FIDIS Deliverable D3.2 A Study on PKI and Biometrics, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp3-del3.2.study_on_PKI_and_biometrics.pdf.
Geradts, Z. and Sommer, P. (eds.) (2006), FIDIS Deliverable D6.1: Forensic Implications of Identity Management Systems, Download: http://www.fidis.net/fileadmin/fidis/deli-verables/fidis-wp6-del6.1.forensic_implications_of_identity_management_systems.pdf.
Grimm, R., Puchta, S., Müller, M., Bizer, J., Möller, J., Will, A., Müller, A., Jazdejewski, S., (2005), Privacy4DRM, Study commissioned by the German Federal Ministry of Education and Research, Berlin. https://www.datenschutzzentrum.de/drm/privacy4drm.pdf.
Goodner, M., Hondo, M., Nadalin, A., McIntosh, M. Schmidt, D. (2007), Understanding WS-Federation, Technical Report, IBM and Microsoft Corporation.
Geuer-Pollmann, C. and Claessens, J. (2005), ‘Web services and web service security standards’, Information Security Technical Report, Vol. 10, pp. 15–24.
Hansen, M. and Alkassar, A. (eds.) (2008), FIDIS Deliverable D3.8 Study on protocols with respect to identity and identification — an insight on network protocols and privacy-aware communication, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp3-del3.8_Study_on_protocols_with_respect_to_identity_and_identification.pdf.
Hansen, M., Krasemann, H., Krause, C., Rost, M., Genghini, R. (2003), Identity Management Systems (IMS): Identification and Comparison Study, Kiel. https://www.daten-schutzzentrum.de/idmanage/study/ICPP_SNG_IMS-Study.pdf.
Hansen, M. and Möller, J. (2005), ‘Digital Rights Management zwischen Sicherheit und informationeller Selbstbestimmung’, in: Bundesamt für Sicherheit in der Informations-technik (BSI, ed.): IT-Sicherheit geht alle an!, proc. of the 9. German IT-Security congress of the BSI, pp. 159–171. http://www.datenschutzzentrum.de/vortraege/050510_hansen-moeller_bsi.htm
Heinz, B., Krißler, J., Rütten, C. (2007), ‘Fingerspitzengefühl’, c't Magazin für Computer-technik 12, pp. 98–101.
Hildebrandt, M. and Gutwirth, S. (eds.) (2008), Profiling the European Citizen. Springer.
Hildebrandt, M. and Koop, B. (eds.) (2007), FIDIS Deliverable D7.9: A Vision of Ambient Law, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp7-d7.9_A_Vision_of_Ambient_Law.pdf.
Hildebrandt, M. and Meints, M. (eds.) (2006), FIDIS Deliverable D7.7: RFID, Profiling, and AmI, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp7-del7.7.RFID_Profiling_AMI.pdf.
Hill, C. J. (2001), Risk of Masquerade Arising from the Storage of Biometrics, Department of Computer Science, Australian National University, Canberra/Australia.
Humphrey, M., Park, S., Feng, J., Beekwilder, N., Wasson, G., Hogg, J., LaMacchia, B., Dillaway, B. (2007), ‘Fine-grained access control for GridFTP using SecPAL’, 8th IEEE/ACM International Conference on Grid Computing, IEEE Computer Society, pp. 217–225.
Iliev, A. and Smith, S. W. (2005), ‘Protecting Client Privacy with Trusted Computing at the Server’, IEEE Security and Privacy 3 (2), pp. 20–28.
Jacobs, I. (2002), Architectural Principles of the World Wide Web, W3C Working Draft, 30 August 2002 (outdated). http://www.w3.org/TR/2002/WD-webarch-20020830/.
Jain, A. K., Nandakumar, K., Nagar, A. (2008), ‘Biometric Template Security’, to appear in EURASIP Journal on Advances in Signal Processing. http://biometrics.cse.msu.edu/Publications/SecureBiometrics/JainNandakumarNagar_TemplateSecuritySurvey_EURASIP08.pdf.
Kerckhoffs, A. (1883), ‘La cryptographie militaire’, Journal des sciences militaires IX, pp. 5–38 and pp. 161–191.
Kindt, E. (2007), ‘Biometric applications and the data protection legislation,’ Datenschutz und Datensicherheit 31 (3), pp. 166–170.
Kindt, E. and Müller, L. (eds.) (2007), FIDIS Deliverable D3.10: Biometrics in identity management, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp3-del3.10.biometrics_in_identity_management.pdf.
Kosta, E.and Gasson, M. (eds.) (2008), FIDIS Deliverable D12.6: A Study on ICT Implants, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp12-del12.6.A_Study_on_ICT_Implants.pdf.
Kosta, E., Gasson, M., Hansen, M., Meints, M. (2007), ‘An analysis of security and privacy issues relating to RFID enabled ePassports’, in New Approaches for Security, Privacy and Trust in Complex Environments, proc. of the IFIP SEC2007, Springer, New York pp. 467–472.
Kumaraguru, P., Cranor, L., Lobo, J., Calo, S. (2007), ‘A Survey of Privacy Policy Languages’, SOUPS 2007, Pittsburgh, PA, USA. http://cups.cs.cmu.edu/soups/2007/work-shop/Privacy_Policy_Languages.pdf.
Lawrence, K., Kaler, C., Nadalin, A., Goodner, M., Gudgin, M., Barbir, A., Granqvist, H. (2008), WS-SecurityPolicy 1.3, OASIS Editor Draft 1.
Lawrence, K., Kaler, C., Nadalin, A., Kaler, C., Monzillo, R., Hallam-Baker, P. (2006), Web Services Security: SOAP Message Security 1.1 (WS-Security 2004), OASIS Specification.
Lessig, L. (1999), Code and other laws of cyberspace, Basic Books, New York.
Maler, E. and Reed, D. (2008), ‘The Venn of Identity: Options and Issues in Federated Identity Management’, IEEE Security & Privacy 6, pp. 16–23.
McGee, E. M., Maguire, G. Q. (2007), ‘Becoming borg to become immortal: regulating brain implant technologies,’ Camb Q Healthc Ethics 16 (3), pp. 291–302.
Meints, M. and Hansen, M. (eds.) (2006), FIDIS Deliverable D3.6: Study on ID Documents, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp3-del3.6.study_on_id_documents.pdf.
Meints, M. and Hansen, M. (2008), ‘Der ePass—eine Sicherheits- und Datenschutzanalyse’, in: Proceedings of the Sicherheit 2008, 2–4 of April 2008 in Saarbrücken, Gesellschaft für Informatik, Bonn, pp. 31–43.
Müller, G. and Wohlgemuth, S. (eds.) (2007), FIDIS Deliverable D14.2: Study on Privacy in Business Processes by Identity Management, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp14-del14.2-study_on_privacy_in_business_processes_by_identity_management.pdf.
Müller, G and Wohlgemuth, S. (eds.) (2008), FIDIS Deliverable D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp14-del14.3_Study_on_the_Suit-ability_of_Trusted_Computing_to_support_Privacy_in_Business_Processes.pdf.
Nadalin, A., Goodner, M., Gudgin, M., Barbir, A., Granqvist, H. (2008), OASIS WS-Trust 1.4, OASIS.
Pettersson, J. S. and Meints, M. (eds.) (2009), FIDIS Deliverable D3.12: Study on Usability of Identity Management Systems, to appear March 2009.
Pfitzmann, A. and Hansen, M., Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management, TU Dresden, Dresden, February 2008. http://dud.inf.tu-dresden.de/literatur/Anon_Terminology_v0.31.pdf.
Pfitzmann, A. (2008), Security in IT Networks: Multilateral Security in Distributed and by Distributed Systems, TU Dresden, Dresden. http://dud.inf.tu-dresden.de/%7Epfitza/SecCryptI_II.pdf
Rannenberg, K., Pfitzmann, A., Müller, G. (1999), ‘IT Security and Multilateral Security’, in: Müller, G. and Rannenberg, K. (eds.): Multilateral Security in Communications, vol. 3: Technology, Infrastructure, Economy, Addison-Wesley, München, pp. 21–29.
Schneier, B. (1999), ‘Attack Trees’, Dr. Dobbs Journal. http://www.schneier.com/paper-attacktrees-ddj-ft.html#rf7.
Schreurs, W., Hildebrandt, M., Gasson, M., Warwick, K. (eds.) (2005), FIDIS Deliverable D7.3: Report on Actual and Possible Profiling Techniques in the Field of Ambient Intelligence, Download: http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp7-del7.3.ami_profiling.pdf.
Tanenbaum, A. S. (2003), Computer Networks, forth edition, Prentice Hall, Upper Saddle River, NJ.
Zhou, X., Kevenaar, T., Kelkboom, E., Busch, C., van der Veen, M., Nouak, A., (2007), ‘Privacy Enhancing Technology for a 3D-Face Recognition System’, BIOSIG 2007: Biometrics and Electronic Signatures, pp. 3–14. http://www.3dface.org/files/papers/zhou-CAST2007-TemplateProtection.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Meints, M., Gasson, M. (2009). High-Tech ID and Emerging Technologies. In: Rannenberg, K., Royer, D., Deuker, A. (eds) The Future of Identity in the Information Society. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01820-6_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-01820-6_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88480-4
Online ISBN: 978-3-642-01820-6
eBook Packages: Business and EconomicsBusiness and Management (R0)