Auflistung nach Schlagwort "digital identity"
1 - 10 von 11
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragEconomically Viable Identity Ecosystems: Value Capture and Market Strategies(Open Identity Summit 2024, 2024) Kubach, Michael; Roßnagel, HeikoPrevailing digital identity solutions are facing widespread dissatisfaction, prompting political and business stakeholders to advocate for the development of novel identity (ID) ecosystems. This paper diverges from the traditional focus on the usability, security, and privacy shortcomings of current solutions, directing attention instead to the economic dimensions that are critical for the successful adoption of digital identity management (IdM) systems. The analysis extends beyond the incentives for end-user adoption, considering the roles, motivations, and ability of other key stakeholders to capture value through the ecosystem, particularly service providers, who are anticipated to be the primary financial contributors to ID services. This examination leads to the pivotal inquiry of whether a market for digital identities can materialize and what strategies for market entry could be viable, especially in scenarios involving public sector participation.
- KonferenzbeitragElectronic identity mass compromize: Options for recovery(Open Identity Summit 2023, 2023) Fritsch, LotharA National Digital Identity Framework should be designed in a proactive manner, should focus on a resilience-oriented approach, and should be aimed at limiting the risks that may originate from identity data management [IT18]. What is the preparedness of digital identity providers for recovery from compromise that affects large numbers of identities? Failures or attacks may destroy authenticators, data or trust chains that are the foundations of large identity ecosystems. The re-issuance of digital identities, of authenticators or the re-enrollment of the user base should get planned as contingency measures. Important parameters will be recovery time, complexity of re-registering subjects, distribution of effort between certification authorities, registrars and relying parties, and the availability of alternative technologies and staff resources. The article will, based on a review of standards and requirements documents, present evidence for a shortage of recovery readiness that endangers relying parties and identity ecosystems. From a review of standards and practice, we extract recovery procedures as far as they are planned for.
- KonferenzbeitragEmerging biometric modalities and their use: Loopholes in the terminology of the GDPR and resulting privacy risks(BIOSIG 2021 - Proceedings of the 20th International Conference of the Biometrics Special Interest Group, 2021) Bisztray, Tamás; Gruschka, Nils; Bourlai, Thirimachos; Fritsch, LotharTechnological advancements allow biometric applications to be more omnipresent than in any other time before. This paper argues that in the current EU data protection regulation, classification applications using biometric data receive less protection compared to biometric recognition. We analyse preconditions in the regulatory language and explore how this has the potential to be the source of unique privacy risks for processing operations classifying individuals based on soft traits like emotions. This can have high impact on personal freedoms and human rights and, therefore, should be subject to data protection impact assessment.
- KonferenzbeitragEstablishing Trust in SSI Verifiers(Open Identity Summit 2023, 2023) Chadwick, David W.; Kubach, Michael; Sette, Ioram; Johnson Jeyakumar, Isaac HendersonWe present a conceptual model that enables a user/holder with a wallet holding W3C Verifiable Credentials (VCs) to determine if the verifier is trusted to conform to GDPR so that it might be given the user’s personal identifying information contained in their VCs. We describe the implementation of this model using the TRAIN trust infrastructure and how wallets might interoperate with verifiers using different trust infrastructures. This leverages the OIDC GAIN proof of concept network currently being built using the draft OIDC Federation specification. We briefly describe the experiments that we have undertaken to date and the research that is still outstanding
- KonferenzbeitragIdToken: a new decentralized approach to digital identi-ty(Open Identity Summit 2020, 2020) Talamo, Edoardo; Pennacchi, AlmaThe ability to store and share digital data offers benefits that the digitization of information has become a growing trend but has raised questions about the security of personal data. There have been countless high-profile hacks and personal information leaks. Furthermore users don’t (and shouldn’t) always trust an external server of a third party to store their personal data. Blockchain tries to offer a compelling solution to the problem of combining accessibility with privacy and security. Records can be held securely, using end-to-end encryption, and yet openly authenticated so that data can still be trusted as reliable. This project goes deeper in this solution thanks to an innovative idea and development of a new kind of blockchain non fungible token specifically created to store and manage digital identities and sensible data. It has the potential to resolve issues blockchain alone was starting to approach and improves security, privacy and accessibility.
- KonferenzbeitragA lightweight trust management infrastructure for self-sovereign identity(Open Identity Summit 2021, 2021) Kubach, Michael; Roßnagel, HeikoDecentralized approaches towards digital identity management, often summarized under the currently popular term Self-sovereign identity (SSI) are being associated with high hopes for a bright future of identity management (IdM). Numerous private, open source as well as publicly funded research initiatives pursue this approach with the aim to finally bring universally usable, trustworthy, interoperable, secure, and privacy friendly digital identities for everyone and all use cases. However, a major challenge that so far has been only rudimentary addressed, is the trust management in these decentralized identity ecosystems. This paper first elaborates this problem before presenting an approach for a trust management infrastructure in SSI ecosystems that is based on already completed work for trust management in digital transactions.
- KonferenzbeitragA novel approach to establish trust in verifiable credential issuers in Self-sovereign identity ecosystems using TRAIN(Open Identity Summit 2022, 2022) Johnson Jeyakumar, Isaac H.; Chadwick, David W.; Kubach, MichaelSelf-sovereign identity (SSI) promises to bring decentralized privacy friendly identity management (IdM) ecosystems to everyone. Yet, trust management in SSI remains challenging. In particular, it lacks a holistic approach that combines trust and governance frameworks. A practical and scalable mechanism is needed for verifiers to externally verify their trust in credential issuers. This paper illustrates how TRAIN (Trust mAnagement INfrastructure), an approach based on established components like ETSI trust lists and the Domain Name System (DNS), can be used as a trust registry component to provide a holistic approach for trust management in SSI ecosystems. TRAIN facilitates individual trust decisions through the discovery of trust lists in SSI ecosystems, along with published credential schemas, so that verifiers can perform informed trust decisions about issued credentials.
- KonferenzbeitragOn the Market for Self-Sovereign Identity: Structure and Stakeholders(Open Identity Summit 2021, 2021) Kubach, Michael; Sellung, RachelleFor SSI solutions to make a significant impact, they need to be designed to cater to the requirements of the market to be adopted. Therefore, this paper proposes a structure of the market for SSI solutions, analyses its stakeholders, and surveys its current state.
- KonferenzbeitragPrivacy by Design Architecture Composed of Identity Agents Decentralizing Control over Digital Identity(Open Identity Summit 2020, 2020) Toth, Kalman C.; Cavoukian, Ann; Anderson-Priddy, AlanProposed is an identity architecture that satisfies the principles of privacy by design, decentralizes control over digital identity from providers to users, mitigates breach and impersonation risks, and reduces dependency on remote access passwords. The architecture is composed of interoperating identity agents that work on behalf of their owners and deploy digital identities that are virtualized to look and behave like identities found in one’s wallet and contacts list. Encapsulating authentication data, identity agents strongly bind owners to their digital identities and private keys enabling them to prove who they are, protect their private data, secure transactions, conduct identity proofing, and reliably delegate consent. Identity agents also off-load application services from identity-related and privacy-related tasks. A gestalt privacy by design process has been used to discover the architecture’s privacy requirements and design elements and systematically reason about how the design elements satisfy the privacy requirements. Identity-related functionality has been intentionally compartmentalized within identity agents to focus development on creating trustworthy software. A reference model for development derived from the described identity architecture is proposed.
- KonferenzbeitragResearch on User Experience for Digital IdentityWallets: State-of-the-Art and Recommendations(Open Identity Summit 2023, 2023) Sellung, Rachelle; Kubach, MichaelDigital identity wallets are central components for Decentralised and Self-Sovereign Identity (SSI) approaches. They are the interface for users to manage their identities and gain access to services. Hence, the usability and user experience of these wallets is pivotal for the adoption of those popular and privacy friendly identity management concepts. As research on the user experience of wallets is still in its infancy, this paper aims to provide a first overview of recent research – published and from completed and ongoing research projects. Findings are summarized and recommendations for developers are derived.