Identity Management through “Profiles”: Prototyping an Online Information Segregation Service

  • Julio Angulo
  • Erik Wästlund
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8006)


Whereas in real everyday life individuals have an intuitive approach at deciding which information to disseminate to others, in the digital world it becomes difficult to keep control over the information that is distributed to different online services. In this paper we present the design of a user interface for a system that can help users decide which pieces of information to distribute to which type of service providers by allowing them to segregate their information attributes into various personalized profiles. Iterative usability evaluations showed that users understand and appreciate the possibility to segregate information, and revealed possible improvements, implications and limitations of such an interface.


Usability identity management privacy preferences partial identities audience segregation digital transactions 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alpár, G., Hoepman, J.H., Siljee, J.: The identity crisis. Security, privacy and usability issues in identity management. Computer Research Repository (CoRR) (2011)Google Scholar
  2. 2.
    Angulo, J., Fischer-Hübner, S., Pulls, T., König, U.: HCI for Policy Display and Administration. In: PrimeLife - Privacy and Identity Management for Life in Europe,  ch. 14, p. 261. Springer (June 2011)Google Scholar
  3. 3.
    Angulo, J., Fischer-Hübner, S., Pulls, T., Wästlund, E.: Towards usable privacy policy display & management. Information Management & Computer Security 20(1), 4–17 (2012)CrossRefGoogle Scholar
  4. 4.
    Angulo, J., Wästlund, E.: Identity Management for online transactions - Using “Profiles” to segregate personal information. Tech. rep., Karlstad University, Karlstad, Sweden (April 2012),
  5. 5.
    Ardagna, C.A., Bussard, L., Di, S.D.C., Neven, G., Paraboschi, S., Pedrini, E., Preiss, S., Raggett, D., Samarati, P., Trabelsi, S., Verdicchio, M.: Primelife policy language. In: Proceedings of the W3C Workshop on Access Control Application Scenarios, Luxembourg (November 2009)Google Scholar
  6. 6.
    van den Berg, B., Pötzsch, S., Leenes, R., Borcea-Pfitzmann, K., Beato, F.: Privacy in social software. In: Camenisch, J., Fischer-Hübner, S., Rannenberg, K. (eds.) Privacy and Identity Management for Life, pp. 33–60. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    van den Berg, B., Leenes, R.E.: Audience Segregation in Social Network Sites. In: Proceedings for the Second IEEE International Conference on Social Computing/Second IEEE International Conference on Privacy, Security, Risk and Trust, pp. 1111–1117. SocialCom/PASSAT, SSRN, Minneapolis, USA (2010)Google Scholar
  8. 8.
    Camenisch, J., Fischer-Hübner, S., Rannenberg, K.: PrimeLife - Privacy and Identity Management for Life in Europe, 1st edn., vol. 14. Springer (June 2011)Google Scholar
  9. 9.
    Camenisch, J., van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 21–30. ACM (2002)Google Scholar
  10. 10.
    Clauß, S., Kriegelstein, T.: Datenschutzfreundliches identitätsmanagement. Datenschutz und Datensicherheit 27(5) (2003),
  11. 11.
    Cranor, L.F., Guduru, P., Arjula, M.: User interfaces for privacy agents. ACM Trans. Comput.-Hum. Interact. 13(2), 135–178 (2006)CrossRefGoogle Scholar
  12. 12.
    DiMicco, J.M., Millen, D.R.: Identity management: multiple presentations of self in facebook. In: Proceedings of the 2007 International ACM Conference on Supporting Group Work, GROUP 2007, pp. 383–386. ACM, Sanibel Island (2007)CrossRefGoogle Scholar
  13. 13.
    Eap, T.M., Hatala, M., Gasevic, D.: Enabling user control with personal identity management. In: IEEE International Conference on Services Computing, SCC 2007, pp. 60–67. IEEE, Salt Lake City (2007)Google Scholar
  14. 14.
    Fischer-Hübner, S., Pettersson, J., Bergmann, M., Hansen, M., Pearson, S., Mont, M.: Human-Computer Interaction. In: Camenisch, J., Leenes, R., Sommer, D. (eds.) Digital Privacy. LNCS, vol. 6545, pp. 569–595. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  15. 15.
    Goffman, E.: The presentation of self in everyday life. Doubleday (1959)Google Scholar
  16. 16.
    Gonçalves, J.: Groupster: Narrowcasting on Social Networking Sites. Master’s thesis, Madeira Interactive Technologies Institute, University of Madeira (2011)Google Scholar
  17. 17.
    Grimmelmann, J.: Saving Facebook. Iowa Law Review 94(4), 1137–1206 (2009)Google Scholar
  18. 18.
    Gross, R., Acquisti, A.: Information revelation and privacy in online social networks. In: Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, WPES 2005, pp. 71–80. ACM, New York (2005)CrossRefGoogle Scholar
  19. 19.
    Jøsang, A., Zomai, M.A., Suriadi, S.: Usability and privacy in identity management architectures. In: ACSW Frontiers, pp. 143–152 (2007)Google Scholar
  20. 20.
    Kairam, S., Brzozowski, M., Huffaker, D., Chi, E.: Talking in circles: selective sharing in google+. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2012, pp. 1065–1074. ACM, New York (2012)Google Scholar
  21. 21.
    Löwgren, J., Stolterman, E.: Thoughtful Interaction Design: A Design Perspective on Information Technology. MIT Press (2007)Google Scholar
  22. 22.
    Madejski, M., Johnson, M., Bellovin, S.M.: The failure of online social network privacy settings. Tech. rep., Columbia University (2011),
  23. 23.
    Pettersson, J.S., Fischer-Hübner, S., Danielsson, N., Nilsson, J., Bergmann, M., Clauss, S., Kriegelstein, T., Krasemann, H.: Making PRIME usable. In: Proceedings of the 2005 Symposium on Usable Privacy and Security, SOUPS 2005, pp. 53–64. ACM, New York (2005)CrossRefGoogle Scholar
  24. 24.
    Polson, P.G., Lewis, C., Rieman, J., Wharton, C.: Cognitive walkthroughs: a method for theory-based evaluation of user interfaces. International Journal of Man-Machine Studies 36(5), 741–773 (1992)CrossRefGoogle Scholar
  25. 25.
    Pulls, T.: Privacy-friendly cloud storage for the data track. In: Jøsang, A., Carlsson, B. (eds.) NordSec 2012. LNCS, vol. 7617, pp. 231–246. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  26. 26.
    Dhamija, R., Dusseault, L.: The Seven Flaws of Identity Management: Usablity and Security Challenges. IEEE Security & Privacy Magazine 6(2), 24–29 (2008)CrossRefGoogle Scholar
  27. 27.
    Reagle, J., Cranor, L.F.: The platform for privacy preferences. Commun. ACM 42(2), 48–55 (1999)CrossRefGoogle Scholar
  28. 28.
    Rubin, J., Chisnell, D.: Handbook of usability testing : how to plan, design, and conduct effective tests. Wiley Publ., Indianapolis, Ind. (2008)Google Scholar
  29. 29.
    Tootoonchian, A., Saroiu, S., Ganjali, Y., Wolman, A.: Lockr: better privacy for social networks. In: Liebeherr, J., Ventre, G., Biersack, E.W., Keshav, S. (eds.) CoNEXT, pp. 169–180. ACM (2009)Google Scholar
  30. 30.
    Wästlund, E., Wolkerstorfer, P., Köffel, C.: PET-USES: Privacy-enhancing technology – users’ self-estimation scale. In: Bezzi, M., Duquenoy, P., Fischer-Hübner, S., Hansen, M., Zhang, G. (eds.) IFIP AICT 320. IFIP AICT, vol. 320, pp. 266–274. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  31. 31.
    Watson, J., Besmer, A., Lipford, H.R.: +your circles: sharing behavior on google+. In: Proceedings of the Symposium on Usable Privacy and Security, SOUPS 2012, pp. 12:1–12:9. ACM, New York (2012)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Julio Angulo
    • 1
  • Erik Wästlund
    • 1
  1. 1.Karlstad UniversityKarlstadSweden

Personalised recommendations