Skip to main content
SpringerLink
Log in

Identity Management Architecture

  • Chapter
  • First Online:
Book cover Security Informatics

Part of the book series: Annals of Information Systems ((AOIS,volume 9))

Abstract

Identity management plays a crucial role in many application contexts, including e-government, e-commerce, business intelligence, investigation, and homeland security. The variety of approaches to and techniques for identity management, while addressing some of the challenges, has introduced new problems especially concerning interoperability and privacy. As such, any attempt to consolidate such diverse views and approaches to identity management in a systematic fashion requires a precise and rigorous unifying semantic framework. We propose here a firm semantic foundation for the systematic study of identity management and improved accuracy in reasoning about key properties in identity management system design. The proposed framework is built upon essential concepts of identity management and serves as a starting point for bringing together different approaches in a coherent and consistent manner.

Everything is vague to a degree you do not realize

till you have tried to make it precise.

Bertrand Russell, 1918

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    This research project is funded by the Ministry of Labour & Citizens’ Services of British Columbia, Canada.

  2. 2.

    According to a 2007 report, identity theft loss in the United States declined to $49.3 billion in 2006, due to an increased vigilance among consumers and businesses [13].

  3. 3.

    In reality, one commonly uses combinations of characteristics in order to distinguish an entity from other entities, so that it becomes identifiable based on a certain set of attributes; however, it seems virtually impossible to find any such set that is generally suitable as a placeholder for an entity’s identity in an absolute sense as assumed here.

  4. 4.

    For the purpose of the first abstract model we do not distinguish between personal identifiers and pseudonyms.

  5. 5.

    Several contexts may come together under the umbrella of a domain. For instance, several contexts exist within the health domain, including hospital records, health care providers, etc.

  6. 6.

    It is important to note that the oracle is not necessarily a function.

  7. 7.

    We define here a more general case with n identities/partial identities.

  8. 8.

    In practice, different heuristic approaches and AI-based techniques are used to extract this information [17, 13, 25].

  9. 9.

    For a comprehensive list of references on ASM theory and applications, we refer the reader to the ASM Research Center at http://www.asmcenter.org.

  10. 10.

    10 Courtesy of S. Sproule and N. Archer.

  11. 11.

    We are not concerned with the authentication of the attribute set and assume the attributes are authenticated.

  12. 12.

    Note that if matching results in several identities, a logical inconsistency exists (see Case 2 in Fig. 2), which has to be resolved separately. Hence, we restrict here to one identity only.

  13. 13.

    Other factors, such as the specific context where identification occurs, should also be considered in authorization. However, for simplicity we use this broader definition of authorization.

References

  1. E. Börger and R. Stärk. Abstract State Machines: A Method for High-Level System Design and Analysis. Springer-Verlag, Berlin, 2003.

    MATH  Google Scholar 

  2. K. Cameron. The Laws of Identity [online], December 2005. Available: http://www.identityblog.com/?p=354.

  3. J. L. Camp. Digital identity. Technology and Society Magazine, IEEE, 23:34–41, 2004.

    Article  Google Scholar 

  4. L. J. Camp, et al. Identity in Digital Government: a research report of the Digital Government Civic Scenario Workshop, 2003. Research Report.

    Google Scholar 

  5. A. Cavoukian. 7 Laws of Identity: The Case for Privacy-Embedded Laws of Identity in the Digital Age, 2006.

    Google Scholar 

  6. S. Clauß and M. Köhntopp. Identity Management and its Support of Multilateral Security. Computer Networks, 37(2):205–219, 2001.

    Article  Google Scholar 

  7. E. Damiani, S. D. C. di Vimercati, and P. Samarati. Managing multiple and dependable identities. Internet Computing, IEEE, 7:29–37, 2003.

    Article  Google Scholar 

  8. R. Farahbod, U. Glässer, and M. Vajihollahi. An Abstract Machine Architecture for Web Service Based Business Process Management. International Journal of Business Process Integration and Management, 1:279–291, 2007.

    Article  Google Scholar 

  9. Future of Identity in the Information Society – FIDIS (January 2008 – last visited) Website. [online]. Available: http://www.fidis.net.

  10. U. Glässer and M. Vajihollahi. Identity Management Architecture. Technical Report SFU-CMPT-TR-2008-02, Simon Fraser University, February 2008.

    Google Scholar 

  11. J. Harper. Identity Crisis: How Identification Is Overused and Misunderstood. Cato Institute, 2006.

    Google Scholar 

  12. Independent Centre for Privacy Protection Schleswig-Holstein, Germany and Studio Genghini & Associati, Italy. Identity Management Systems (IMS): Identification and Comparison Study, 2003.

    Google Scholar 

  13. Javelin Strategy and Research, 2007 Identity Fraud Survey Report, February, 2007.

    Google Scholar 

  14. J. Jonas. Threat and fraud intelligence, Las Vegas style. Security & Privacy Magazine, IEEE, 4:28–34, 2006.

    Article  Google Scholar 

  15. Liberty Alliance. Liberty Alliance Identity Federation Framework (ID-FF) 1.2 Specifications, December 2007.

    Google Scholar 

  16. Liberty Alliance Project (January 2008 – last visited) Website. [online]. Available: http://www.projectliberty.org

  17. J. Phiri and J. Agbinya. Modelling and Information Fusion in Digital Identity Management Systems. In Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies, 2006. ICN/ICONS/MCL 2006, 181–187, 2006.

    Google Scholar 

  18. PISA – Privacy Incorporated Software Agent. Information Security, Privacy and Trust. (February 2008 – last visited) [online]. Available: http://www.iit-iti.nrc-cnrc.gc.ca/projectsprojets/pisa e.html.

  19. PRIME – Privacy and Identity Management for Europe. (January 2008 – last visited) Website. [online]. Available: http://www.prime-project.eu.

  20. Public Safety and Emergency Preparedness Canada. Report on Identity Theft, October 2004.

    Google Scholar 

  21. C. D. Raab. Perspectives on ‘personal identity’. BT Technology Journal, 23:15–24, 2005.

    Article  Google Scholar 

  22. C. Satchell, G. Shanks, S. Howard, and J. Murphy. Beyond security: Implications for the future of federated digital identity management systems. In OZCHI’06: Proceedings of the 20th Conference of the Computer–Human Interaction Special Interest Group (CHISIG) of Australia on Computer–Human Interaction: Design: Activities, Artefacts and Environments, ACM, New York, 313–316, 2006.

    Google Scholar 

  23. S. Sproule and N. Archer. Defining identity theft. In Eighth World Congress on the Management of eBusiness (WCMeB 2007), 20–31, 2007.

    Google Scholar 

  24. G. van Blarkom, J. Borking, J. Giezen, R. Coolen, and P. Verhaar. Handbook of Privacy and Privacy-Enhancing Technologies – The Case of Intelligent Software Agents. College bescherming persoonsgegevens, 2003.

    Google Scholar 

  25. G. Wang, H. Chen, J. Xu, and H. Atabakhsh. Automatically detecting criminal identity deception: an adaptive detection algorithm. IEEE Transactions on Systems, Man and Cybernetics, Part A, 36:988–999, 2006.

    Article  Google Scholar 

  26. G. A. Wang, H. Atabakhsh, T. Petersen, and H. Chen. Discovering identity problems: A case study. In LNCS: Intelligence and Security Informatics. Springer, Berlin/Heidelberg, 2005.

    Google Scholar 

  27. G. A. Wang, H. Chen, and H. Atabakhsh. A probabilistic model for approximate identity matching. In J. A. B. Fortes and A. Macintosh, editors, Proceedings of the 7th Annual International Conference on Digital Government Research, DG.O 2006, San Diego, CA, May 21–24, 2006, 462–463. Digital Government Research Center, 2006.

    Google Scholar 

  28. W. Wang, Y. Yuan, and N. Archer. A contextual framework for combating identity theft. Security & Privacy Magazine, IEEE, 4:30–38, 2006.

    Article  Google Scholar 

  29. P. J. Windley. Digital Identity, chapter Federating Identity. O’Reilly, Sebastopol, CA, 118–142, 2005.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Software Technology Lab, School of Computing Science, Simon Fraser University, Burnaby, Canada

    Uwe Glässer & Mona Vajihollahi

Authors
  1. Uwe Glässer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mona Vajihollahi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Uwe Glässer or Mona Vajihollahi .

Editor information

Editors and Affiliations

  1. College of Information Science &, Drexel University, Chestnut St. 3141, Philadelphia, 19104-2875, U.S.A.

    Christopher C. Yang

  2. School of Business, University of Hong Kong, Pokfulam Road, Hong Kong, Hong Kong/PR China

    Michael Chau

  3. Dept. Information Management, Central Police University, Gueishan, Taoyuan, 33334, Taiwan R.O.C.

    Jau-Hwang Wang

  4. Eller College of Management , University of Arizona , E. Helen St. 1130, Tucson, 85721, U.S.A.

    Hsinchun Chen

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer Science+Business Media, LLC

About this chapter

Cite this chapter

Glässer, U., Vajihollahi, M. (2010). Identity Management Architecture. In: Yang, C., Chau, M., Wang, JH., Chen, H. (eds) Security Informatics. Annals of Information Systems, vol 9. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-1325-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-1-4419-1325-8_6

  • Published:

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-1-4419-1324-1

  • Online ISBN: 978-1-4419-1325-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation