Identities are present in the interactions between individuals and organizations.
Online shopping requires credit card information, while e-government services require social security or passport numbers. The involvement of identities, however, makes them susceptible to theft and misuse.
The most prominent approach for maintaining the privacy of individuals is the enforcement of privacy policies that regulate the flow and use of identity information.
This approach suffers two drawbacks that severely limit its effectiveness. First, recent research in data-mining facilitates the fusion of partial identities into complete identities. That holds true even if the attributes examined are not, normally considered, to be identifying. Second, policies are prone to human error, allowing for identity information to be released accidentally.
This thesis presents a system that enables an individual to interact with organizations, without allowing these organizations to link the interactions of that individual together. The system does not release individuals' identities to
organizations. Instead, certified artificial identities are used to guarantee that individuals possess the required attributes to successfully participate in the interactions. The system limits the fusion of partial identities and minimizes the effects of human error. The concept of using certified artificial identities has been
extensively researched. The system, however, tackles several unaddressed scenarios.
The system works not only for interactions that involve an individual and an organization, but also for interactions
that involve a set of individuals connected by structured relations. The individuals should prove the existence of relations among
them to organizations, yet organizations cannot profile the actions of these individuals. Further, the system allows organizations to be anonymous, while proving their attributes to individuals. Reputation-based trust is incorporated to help individuals make informed decisions whether to deal with a particular organization.
The system is used to design applications in e-commerce, access control, reputation management, and cloud computing. The thesis describes the applications in detail. / Thesis (Ph.D, Computing) -- Queen's University, 2010-04-07 11:17:37.68
Identifer | oai:union.ndltd.org:LACETR/oai:collectionscanada.gc.ca:OKQ.1974/5520 |
Date | 08 April 2010 |
Creators | Hussain, Mohammed |
Contributors | Queen's University (Kingston, Ont.). Theses (Queen's University (Kingston, Ont.)) |
Source Sets | Library and Archives Canada ETDs Repository / Centre d'archives des thèses électroniques de Bibliothèque et Archives Canada |
Language | English, English |
Detected Language | English |
Type | Thesis |
Rights | This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner. |
Relation | Canadian theses |
Page generated in 0.5048 seconds