Konferenzbeitrag
Privacy by Design Architecture Composed of Identity Agents Decentralizing Control over Digital Identity
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Zusatzinformation
Datum
2020
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Quelle
Verlag
Gesellschaft für Informatik e.V.
Zusammenfassung
Proposed is an identity architecture that satisfies the principles of privacy by
design, decentralizes control over digital identity from providers to users, mitigates
breach and impersonation risks, and reduces dependency on remote access passwords.
The architecture is composed of interoperating identity agents that work on behalf of
their owners and deploy digital identities that are virtualized to look and behave like
identities found in one’s wallet and contacts list. Encapsulating authentication data,
identity agents strongly bind owners to their digital identities and private keys enabling
them to prove who they are, protect their private data, secure transactions, conduct
identity proofing, and reliably delegate consent. Identity agents also off-load application
services from identity-related and privacy-related tasks. A gestalt privacy by design
process has been used to discover the architecture’s privacy requirements and design
elements and systematically reason about how the design elements satisfy the privacy
requirements. Identity-related functionality has been intentionally compartmentalized
within identity agents to focus development on creating trustworthy software. A
reference model for development derived from the described identity architecture is
proposed.