Advertisement

Abstract

Identity management is defined as the set of processes related to identity and access information for the whole identity life cycle in a system. In the open internet users need new methods for identity management that supply reliable authentication and sufficient user control. Currently applied methods often lack a proper level of security (e.g., passwords) and privacy (e.g., diverse processing of personal data).

A personal smart card and a personal smart phone can communicate using near-field communication (NFC). This allows users to apply their smart phone as a personal semi-trusted smart-card reader. For applications such as authentication, this Trusted Couple can then be used in a secure and intuitive way, like a remote card reader. As attribute-based credentials (ABCs) can efficiently be implemented on tamper-resistant smart cards with the current technology, we can achieve a more privacy-friendly and more flexible way of not only authentication but also role-based access control or management of personal information. In this paper we describe how a Trusted Couple can solve security, privacy, and usability problems in identity management.

Keywords

attribute-based credential smart card NFC mobile phone identity management 

References

  1. 1.
    Alpár, G., Batina, L., Verdult, R.: Using NFC Phones for Proving Credentials. In: Schmitt, J.B. (ed.) MMB & DFT 2012. LNCS, vol. 7201, pp. 317–330. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  2. 2.
    Alpár, G., Hoepman, J.-H., Siljee, J.: The Identity Crisis. Security, Privacy and Usability Issues in Identity Management. Journal of Information System Security 8(3) (2013)Google Scholar
  3. 3.
    Alpár, G., Jacobs, B.: Credential Design in Attribute-Based Identity Management. In: Leenes, R. (ed.) TILTing Perspectives (2013)Google Scholar
  4. 4.
    Bhargav-Spantzel, A., Camenisch, J., Gross, T., Sommer, D.: User centricity: a taxonomy and open issues. Journal of Computer Security 15(5), 493–527 (2007)Google Scholar
  5. 5.
    Bichsel, P., Camenisch, J., De Decker, B., Lapon, J., Naessens, V., Sommer, D.: Data-minimizing authentication goes mobile. In: De Decker, B., Chadwick, D.W. (eds.) CMS 2012. LNCS, vol. 7394, pp. 55–71. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  6. 6.
    Brands, S.A.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)Google Scholar
  7. 7.
    Camenisch, J., Krontiris, I., Lehmann, A., Neven, G., Paquin, C., Rannenberg, K., Zwingelberg, H.: D2.1 Architecture for Attribute-based Credential Technologies. Technical report, ABC4Trust (2011)Google Scholar
  8. 8.
    Camenisch, J.L., Lysyanskaya, A.: An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Camenisch, J.L., Lysyanskaya, A.: A Signature Scheme with Efficient Protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Cameron, K.: Laws of identity (May 2005), http://www.identityblog.com/stories/2004/12/09/thelaws.html
  11. 11.
    Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Communications of the ACM 28, 1030–1044 (1985)CrossRefGoogle Scholar
  12. 12.
    Dhamija, R., Dusseault, L.: The seven flaws of identity management: Usability and security challenges. IEEE Security & Privacy 6(2), 24–29 (2008)CrossRefGoogle Scholar
  13. 13.
    Jøsang, A., Zomai, M.A., Suriadi, S.: Usability and privacy in identity management architectures. In: Proceedings of the Fifth Australasian Symposium on ACSW Frontiers, vol. 68, pp. 143–152. Australian Computer Society, Inc. (2007)Google Scholar
  14. 14.
    Maler, E., Reed, D.: The Venn of Identity: Options and Issues in Federated Identity Management. IEEE Security & Privacy 6(2), 16–23 (2008)CrossRefGoogle Scholar
  15. 15.
    Morgner, F., Oepen, D., Müller, W., Redlich, J.-P.: Mobile Smart Card Reader Using NFC-Enabled Smartphones. In: Schmidt, A.U., Russello, G., Krontiris, I., Lian, S. (eds.) MobiSec 2012. LNICST, vol. 107, pp. 24–37. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  16. 16.
    Mostowski, W., Vullers, P.: Efficient U-Prove implementation for anonymous credentials on smart cards. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds.) SecureComm 2011. LNICST, vol. 96, pp. 243–260. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  17. 17.
    Nissenbaum, H.: Privacy as Contextual Integrity. Washington Law Review 79(1), 119–158 (2004)Google Scholar
  18. 18.
    Pfitzmann, A., Borcea-Pfitzmann, K.: Lifelong privacy: Privacy and identity management for life. In: Bezzi, M., Duquenoy, P., Fischer-Hübner, S., Hansen, M., Zhang, G. (eds.) Privacy and Identity. IFIP AICT, vol. 320, pp. 1–17. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  19. 19.
    IBM Research Zürich Security Team. Specification of the Identity Mixer cryptographic library, version 2.3.4. Technical report, IBM Research, Zürich (February 2012)Google Scholar
  20. 20.
    Vullers, P., Alpár, G.: Efficient Selective Disclosure on Smart Cards Using Idemix. In: Fischer-Hübner, S., de Leeuw, E., Mitchell, C. (eds.) IDMAN 2013. IFIP AICT, vol. 396, pp. 53–67. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  21. 21.
    NFC World. Forecast, http://www.nfcworld.com/technology/forecast/ (last accessed: September 10, 2013)

Copyright information

© IFIP International Federation for Information Processing 2014

Authors and Affiliations

  • Gergely Alpár
    • 1
    • 2
  • Maarten H. Everts
    • 2
  1. 1.Institute for Computing and Information SciencesRadboud University NijmegenThe Netherlands
  2. 2.TNOThe Netherlands

Personalised recommendations