Research Article
A Privacy Enabled Service Authorization Based on a User-centric Virtual Identity Management System
@INPROCEEDINGS{10.1109/CHINACOM.2007.4469418, author={Zhikui Chen}, title={A Privacy Enabled Service Authorization Based on a User-centric Virtual Identity Management System}, proceedings={2nd International ICST Conference on Communications and Networking in China}, publisher={IEEE}, proceedings_a={CHINACOM}, year={2008}, month={3}, keywords={Privacy policy security Virtual Identity}, doi={10.1109/CHINACOM.2007.4469418} }- Zhikui Chen
Year: 2008
A Privacy Enabled Service Authorization Based on a User-centric Virtual Identity Management System
CHINACOM
IEEE
DOI: 10.1109/CHINACOM.2007.4469418
Abstract
User trust and empowerment (in terms of their personal data control) are areas that must be addressed thoroughly when talking about identity and business models for distributed communication systems. Protecting the privacy of users is a challenging problem for identity management systems, which can only be achieved if it gives users complete control over their identity data. However, none of the existing solutions offers this possibility. Based on a user-centric virtual identity defined by EU IST project Daidalos, this paper proposes an effective infrastructure to authorize the privacy-enabled pervasive service, which protects the context-driven access policies for online services in order to avoid attacks by malicious eavesdroppers. In the proposed infrastructure, SMAL and Diameter are used to securely protect and deliver authenticated and authorized entities and XACML is used to authorize the user-level privacy policy. The proposed infrastructure is partially integrated into the Daidalos demonstration platform.
