OverviewIn the project DRIM we research on basics, techniques and usage scenarios for Privacy Enhancing Identity Management. Partly based on previous work, the project has developed some software libraries, which can be downloaded from this website. The goal of the project is the developement of a functional identity management prototype. The prototype will be tested and evaluated in different usage scenarios. The following picture shows the general architecture of an identity management scheme.
What is Privacy Enhancing Identity Management?Generally, identity management means managing the users personal data on his own PC/PDA/Mobile Phone. The identity management concept aims at supporting the user to act in different situations under different identities. By default, a third party can not link such an identity to a user. So, it is more difficult for third parties like web services or advertisement companies to build extensive profiles about a user without user's consent.
"Management" summarizes the following actions:
Wherefore is identity management useful?
When a user communicates on the Internet, the communication is visible on the net, and of course to the communication partner. Using unique identificators (e.g. IP-addresses, Cookies, ...), transactions can easily be linked to users, and extensive user profiles can be established. Today, users can hardly prevent building such profiles. Surveys show that this is a serious reason for low acceptance of Internet services.
By incorporating pseudonyms, digital certificates and trustee services, Privacy Enhancing Identity Mmanagement can be a solution for the problem shown. Users act on the internet under pseudonyms, but (authenticated) personal data can be linked to the pseudonym by certificates. So, service providers can get authenticated user data without neccessarily knowing the user's real identity. Incorporating trustee services, disclosing user identity is possible in substantial cases.
The system suffices user's as well as service provider's needs.
Sebastian Clauß, Marit Köhntopp: Identity Management and Its Support of Multilateral Security; in: Computer Networks 37 (2001), Special Issue on Electronic Business Systems; Elsevier, North-Holland 2001; 205-219
Marit Hansen collected an extensive set of publications about identity management.
More information about identity management can be found at the Independent Center for Privacy Protection Schleswig-Holstein .
Fax: +49 (0) 351 463-38255
News3. February 2004
DRIM has been presented at Dresden. [Presentation (german)]
17. July 2003
The diploma thesis which is the base for [IDMAN] has been awared the Innovationspreis 2002 of the Industrieclub Sachsen e.V. [Press Information (german)]
We presented ourselves on CeBIT in Hannover, in hall 11/booth D31.