Privacy Enhancing Techniques for Digital Identity Management

Hasini T Urala Liyanage Dona Gunasinghe (8479665)

23 July 2021

Proving and verifying remotely a user's identity information have become a critical and challenging problem in the online world, with the increased number of sensitive services offered online. The digital identity management ecosystem has been evolving over the years to address this problem. However, the limitations in existing identity management approaches in handling this problem in a privacy preserving and secure manner have caused disruptions to users' digital lives and damages to revenue and reputation of service providers.<br><br>In this dissertation, we analyze different areas of the identity management ecosystem in terms of privacy and security. In our analysis, we observe three critical aspects to take into account when identifying the privacy and security requirements to address in identity management scenarios, namely: i) protecting privacy and security of digital identity and online transactions of users; ii) providing other stakeholders with assurance about user identity information and accountability of transactions; iii) preserving utility (e.g. accuracy, efficiency and deployability).<br>We show that existing authentication models and identity management protocols fail to address critical privacy and security requirements related to all these three aspects, mainly because of inherent conflicts among these requirements. <br>For example, existing authentication protocols, which aim to protect service providers from imposters by involving strong authentication factors, such as biometrics, fail to protect privacy and security of users' biometrics. Protecting an identity management system against counterfeits of identity assets, while preserving unlinkability of the transactions carried out using the identity assets, is another example of conflicting yet critical privacy and security requirements.<br>We demonstrate that careful combinations of cryptographic techniques and other technologies make it feasible to design privacy preserving identity management protocols which address critical and conflicting requirements related to the aforementioned three aspects. Certain techniques, that we have developed for these protocols, are independent contributions with applications beyond the domain of digital identity management. We validate our contributions by providing prototype implementations, experimental evaluations and security proofs.

Uncategorized

Digital Identity Management

Privacy Preserving

Privacy Enhancing Technologies

A conceptual decentralized identity solution for state government

Duclos, Martin

08 December 2023

In recent years, state governments, exemplified by Mississippi, have significantly expanded their online service offerings to reduce costs and improve efficiency. However, this shift has led to challenges in managing digital identities effectively, with multiple fragmented solutions in use. This paper proposes a Self-Sovereign Identity (SSI) framework based on distributed ledger technology. SSI grants individuals control over their digital identities, enhancing privacy and security without relying on a centralized authority. The contributions of this research include increased efficiency, improved privacy and security, enhanced user satisfaction, and reduced costs in state government digital identity management. The paper provides background on digital identity management in the public sector, discusses existing practices, presents the SSI framework as a solution, and outlines potential future research areas.

self-sovereign identity

digital identity management

state government

privacy

security

decentralized

verifiable credentials

Computer Sciences

Databases and Information Systems

Information Security

Systems Architecture

Det mobilanpassade id-kortet : En behovsanalys och modell för framtida utveckling / The smartphone based ID card : A demand analysis and model for future development

Peterson, Lukas, Johansson, Samuel

January 2016

Mycket av plånbokens innehåll och funktion, såsom medlemskort och betallösningar, är idag ersatt av mobila lösningar. Däremot finns det i Sverige ingen mobil lösning för id-kort som kan användas på samma sätt som det fysiska id-kortet. Denna uppsats syftar till att undersöka huruvida svenska myndigheter ser ett behov av en mobilanpassad id-kortslösning och, om detta behov konstateras, föreslå en modell för hur en sådan lösning skulle kunna utformas. För att undersöka detta ämne har tre intervjuer med svenska myndigheter (Elegitimationsnämnden, Polismyndigheten och Transportstyrelsen) samt en litteraturstudie genomförts. Uppsatsens resultat består av tre kunskapsprodukter: en behovsanalys, en kravsammanställning och en infrastrukturmodell. Behovsanalysen undersöker behovet av en mobilanpassad id-kortslösning, sett från de intervjuade myndigheternas perspektiv. Denna analys visar att myndigheterna ser ett behov av en sådan lösning. Kravsammanställningen består av krav på en mobilanpassad id-kortslösning som härletts från de genomförda intervjuerna samt från uppsatsens huvudsakliga teoribas: Kim Camerons The Laws of Identity (2005). Infrastrukturmodellen är utformad efter dessa krav och beskriver hur en mobilanpassad id-kortslösning skulle kunna utformas för att passa in i den svenska infrastrukturen för digital identitetshantering. Modellen är även utformad för att följa Hanseth och Lyytinens (2010) designregler för informationsinfrastrukturutveckling och den visar att utveckling av en mobilanpassad id-kortslösning i Sverige är tekniskt genomförbar. / Much of the contents and functionality of the traditional wallet, such as membership cards and payment solutions, have been replaced by smartphone solutions. Yet, in Sweden there is no smartphone based solution for ID cards that can be used in the same way as the physical ID card. This paper examines whether the Swedish authorities see a need for a smartphone based ID card solution and, if such a need is identified, suggests a model for how such a solution could be designed. To explore this topic, a literature review and three interviews with Swedish authorities (the E-identification Board, the Police Authority and the Transport Agency) have been conducted. The results of this report consists of three knowledge products: a demand analysis, a requirements specification and an infrastructure model. The demand analysis examines the need for a smartphone based ID card solution, as seen from the interviewed authorities' perspective. This analysis indicates that the authorities see a need for such a solution. The requirements specification consists of requirements for a smartphone based ID card solution, derived from the conducted interviews and Kim Cameron's The Laws of Identity (2005). The infrastructure model is designed to meet these requirements and describes how a smartphone based ID card solution could be designed to fit into the Swedish infrastructure for digital identity management. The model is also designed to follow the design rules for information infrastructure development derived by Hanseth and Lyytinen (2010) and shows that the development of a smartphone based ID card solution in Sweden is technically feasible.

digital identity management

digital ID

digitalt ID card

mobile ID card

smartphone ID card

mobile phone

smartphone

information infrastructure development

e-governance

swedish e-ID

digital identitetshantering

digital id-handling

digitalt id-kort

mobilanpassat idkort

mobilt id-kort

mobiltelefon

smartphone

informationsinfrastrukturutveckling

e-förvaltning

svensk e-legitimation