IDMAN - Identity Manager

Identitätsmanagement bedeutet, daß eine Person grundsätzlich wählen kann, wie anonym bzw. mit welchen persönlichen Informationen und wie zurechenbar sie gegenüber ihren Kommunikationspartnern in Erscheinung tritt.
[Marit Köhntopp, Andreas Pfitzmann: Informationelle Selbstbestimmung durch Identitätsmanagement; Kiel, 2001]

Identity management means, that a person basically can choose, how anonymously respectively with which personal information and how accountable he or she appears to his or her communication partner.

Requirements and Constraints

Identity management may be seen different points of view. At the end of this section is summarized, which of the presented points below are considered in the resulting realization, that is described in the next two sections.

Number of partners involved in the communication: Communicating with: Direction of the communication: Time of receipt:

We only take into account bidirectional communications with one partner based on the protocol TCP/IP. These are typical for client/server-based applications like e-Commerce and access to information in the WWW.

Architecture

Pseudonyms, by the means of the presented architecture, are pairs of cryptographic keys used for identification and digital signature. They are linked with usage constraints (onetime, always, depending on role or partner), related data and usage dates.
Each communication partner uses one pseudonym for a single communication with the other. Depending on the usage constraints and circumstances another pseudonym may be chosen for later communication to the same partner.

Parts: Layers:
  1. Application
  2. Manager
  3. Security mechanisms
  4. Network
Duties of the Manager:

Prototype

Dependencies between packages
Dependencies between packages

Realizes: Uses:

Recent Version

Changes

System requirements

You may download libs.zip (ca. 6.4MB), which contains all libraries needed for the identity management tools.

Documentation

References

Current Developer