Towards a privacy-preserving inspection process for authentication solutions with conditional identification
Vorschaubild nicht verfügbar
ISSN der Zeitschrift
Gesellschaft für Informatik e.V.
Anonymous, yet accountable authentication solutions such as privacyenhancing attribute-based credentials do not only provide various privacy features, but also contain an option of conditional identification of specific attributes of the user. While the technical functionality of this so-called inspection is available, it has not yet been examined how the inspection operation can be embedded in the organizational framework of a service provider and which inspection grounds have to be considered. This text proposes a model inspection process with clearly defined roles and workflows derived from legal obligations and guidelines from European primary law and the EU data protection regime. Thereby implementation of privacy-preserving authentication solutions in practice is facilitated, as it has been shown in a pilot of an online communication platform in a Swedish school.