Auflistung nach:
Auflistung Open Identity Summit nach Schlagwort "Access Control"
1 - 5 von 5
Treffer pro Seite
Sortieroptionen
- TextdokumentDerived Partial Identities Generated from App Permissions(Open Identity Summit 2017, 2017) Fritsch, Lothar; Momen, NurulThis article presents a model of partial identities derived from app permissions that is based on Pfitzmann and Hansen’s terminology for privacy [PH10]. The article first shows how app permissions accommodate the accumulation of identity attributes for partial digital identities by building a model for identity attribute retrieval through permissions. Then, it presents an experimental survey of partial identity access for selected app groups. By applying the identity attribute retrieval model on the permission access log from the experiment, we show how apps’ permission usage is providing to identity profiling.
- KonferenzbeitragGaining Back the Control Over Identity Attributes: Access Management Systems Based on Self-Sovereign Identity(Open Identity Summit 2024, 2024) Keil, Kenneth-Raphael; Bochnia, Ricardo; Gudymenko, Ivan; Köpsell, Stefan; Anke, JürgenDigital employee cards used for door access control offer benefits, but concerns about traceability, profiling and performance monitoring have led to opposition from workers’ councils and employees. However, the emerging identity management approach, Self-Sovereign Identity (SSI), can address these concerns by giving control over disclosed identity attributes back to the end user. This paper analyzes a real-world access management scenario in a hospital building and applies the SSI paradigm to address the identified issues. The analysis assumes a semi-honest observing attacker sniffing on the payload and the transport layer. The SSI-based proof of concept is shown to have a high potential to protect against traceability and profiling. However, in addition to the careful technical implementation of SSI, it is important to consider non-technical factors such as governance for a holistic solution. We propose potential strategies to further minimize privacy risks associated with SSI-based employee identity management using mediators.
- KonferenzbeitragPermission and Privacy Challenges in Alternate-Tenant Smart Spaces(Open Identity Summit 2021, 2021) Jesus, Vitor; Silva, Catarina; Barraca, João Paulo; Rosner, Gilad; Nehme, Antonio; Waqas, Muhammad; L. Aguiar, RuiWe explore a ‘Smart-BnB scenario’ whereby someone (an Owner) advertises a smart property on a web platform. Renters use the platform for short periods, and may fully enjoy the property, including its smart features such as sensors. This scenario should further ensure the Renter’s privacy, so we use consent receipts and selective sharing. This paper describes a demonstrator of how smart environments can operate in a privacy respecting manner.
- TextdokumentPolicy-based Access Control for the IoT and Smart Cities(Open Identity Summit 2019, 2019) Omolola, Olamide; More, Stefan; Fasllija, Edona; Wagner, Georg; Alber, LukasThe Internet of Things (IoT) can revolutionise the interaction between users and technology. This interaction generates sensitive and personal data. Therefore, access to the information they provide should be restricted to only authorised users. However, the limited storage and memory in IoT make it impractical to deploy traditional mechanisms to control access. In this paper, we propose a new access control mechanism based on trust policies adapted from LIGHTest. The proposed protocol also handles delegations in the IoT context elegantly. We provide the protocol overview and discuss its practical applications in the IoT environment.
- KonferenzbeitragToken Based Authorization(Open Identity Summit 2020, 2020) Baruzzi, Giovanni A.A secure, scalable, fine grained and flexible access control is extremely important for the digital society. The approaches used until now (RBAC, Groups in an LDAP Directory, XACML) alone may not be able to deliver to this challenge. Building from past experiences in the Industry, we propose an Access Management Framework where the central role is played by a token containing all the information needed to implement fine grained access control. This Authorization Token should be signed by the approver and embedded into a “claim” to the application at session time. The application, after checking the validity of the token will control access to the desired resource. In this way we can achieve fine granular access control, scalability and independence from network topologies.