Marit Hansen

Unabhängiges Landeszentrum für Datenschutz

The Workshop Digital Identity Management has evolved during the last decade as one of the most interesting events on identity management issues. Starting from a community with a background mainly in computer science, it has developed towards an interdisciplinary workshop where a lively interactive community discusses identity topics from technical,...

The main contribution of this deliverable to the research field of Privacy-Enhancing Identity Management Throughout Life consists in a comprehensive analysis of requirements. Those requirements comprise high-level requirements regarding issues of transparency, data minimisation, controlled data processing, user-controlled identity management, delega...

Users in the Internet of Things (IoT) use strategies to determine if they should trust a system or service. These strategies are not actively declared, but it can be useful to know which strategy is being used. We provide possible actions that users may perform when using different trust strategies and possible ways these can be captured for user s...

In the 10 years since IEEE Security & Privacy's initial launch, privacy has moved from being a side story occasionally covered in the newspaper to a central issue of our times. With the Internet, through the rise of online social networks, tracking technologies such as cookies and Web beacons, and the sharing of data with third parties, and the gov...

Das Bundesverfassungsgericht hat 2008 im Urteil zur Online-Durchsuchung das Grundrecht auf Gewährleistung von Vertraulichkeit und Integrität informationstechnischer Systeme postuliert. Welche Herausforderungen stellen sich vier Jahre später bei einem heute typischen Einsatz von IT-Systemen, dem Cloud Computing?

In vielen Produktionsanlagen ist der Einsatz von Sensoren und Aktuatoren selbstverständlich, um ein reibungsloses Zusammenspiel bei der Produktfertigung und beim Anlagenbetrieb zu gewährleisten. Ähnliche Komponenten solcher „Cyber-Physical Systems“ werden in jedem neuen Auto verbaut. Eine Forschungsagenda für Deutschland beschreibt die Potenziale u...

Protection goals such as confidentiality, integrity and availability have proved to be successful in evaluating information security risks and choosing appropriate safeguards. The recently developed privacy-specific protection goals unlinkability, transparency and intervenability complement these classic goals and thereby provide cornerstones to de...

Information and Communication Technologies (ICT) expand traditional ways of social interaction and thereby feed back on the society that created them. Users have to navigate their enhanced social context and in doing so legitimately strive to apply familiar concepts such as the notion of residence or the intuitive handling of roles. We introduce th...

The PrimeLife project has worked in various areas of privacy and identity management. Some are mainly relevant for researchers, some for practitioners in the application field, and yet others tackle upcoming policy issues that yield recommendations for policy makers. The following sections point out specific findings and results of the PrimeLife pr...

Standardisation has many goals and facets: Standards are used for consumer protection to achieve a minimum quality of certain products and services. Standards lead to lower cost because of a unified higher volume market. Standards also support interoperability that is vitally needed in ICT.

A project’s legacy consists of three main parts: the product legacy, the process legacy, and the people legacy [CHM03]. Most parts of this book deal with the product legacy, i.e., the tangible outcome of PrimeLife in the form of prototypes, demonstrators, the code base, research papers, contributions to standardisation initiatives, heartbeats and d...

The increasing spread of personal information on the Internet calls for new tools and paradigm to complement the concealment and protection paradigms. One such suggested paradigm is transparency and the associated transparency enhancing tools, making it possible for Data Subjects to track an examine how there data have been used, where it originate...

Many individuals are not aware of who is collecting and handling their personal data for what purpose. Usually privacy policies are too long, too complicated to understand, and reading them is hardly appealing. To improve the awareness and comprehension of individuals on what is happening with their personal data, privacy icons are being proposed....

Much research and development has been done during the past couple of years to assist users in managing their partial identities in the digital world by several types of identity management [BMH05]. A comprehensive privacy-enhancing identity management system would include the following components [CK01]: an Identity Manager (IdM) on the user’s si...

European data protection regulation obliges every service provider to show a privacy policy on his web site. Many privacy policies are too long, too complicated to understand, and reading them is hardly appealing. To enhance the user’s awareness on who is collecting and handling their personal data for what purpose and to depict core information of...

An important critical success factor for PRIME technology will be userfriendly and intelligible user interfaces that convey and enhance trust. Such user interfaces have to meet challenges such as: User-friendly representation of complex PET concepts: PRIME and other privacy-enhancing technologies (PETs) are based on technical concepts or construct...

The PRIME project demonstrates the viability of privacy-enhancing identity management. By this we mean identity management solutions that manage the individual’s identity online and that also empower the individual to actively protect their own privacy. The guiding principle in the PRIME project is to put individuals in control of their personal d...

On September 23rd 2010, Prof. Dr. Andreas Pfitzmann died at the age 52 after a short but serious illness. The focus of his reasoning had been the individual and with him the society, in which he lives. During his life as a researcher Andreas Pfitzmann contributed decisively and groundbreakingly to the technical implementation of the constitutional...

An abstract is not available.

On September 23rd 2010, Prof. Dr. Andreas Pfitzmann died at the age 52 after a short but serious illness. The focus of his reasoning had been the individual and with him the society, in which he lives. During his life as a researcher Andreas Pfitzmann contributed decisively and groundbreakingly to the technical implementation of the constitutional...

In our information society with processing of personal data in almost all areas of life, the legally granted right to privacy is quite hard to preserve. User-controlled identity management systems have been proposed as a means to manage one’s own private sphere. Still there is no functioning concept how privacy protection can be effectively safegua...

Die Dynamik der Technikentwicklung in den vergangenen Jahren konfrontiert Datenschützer immer wieder aufs Neue mit Risiken für die Privatsphäre der Betroffenen — und es sieht so aus, als ob sich dies in den nächsten Jahren und Jahrzehnten nicht ändern wird. Konzepte für einen lebenslangen Datenschutz erfordern ein Umdenken vom kurzatmigen Systement...

Based on the nomenclature of the early papers in the fieldprivacy by data minimization, we develop a terminology which is bothexpressive and precise. More particularly, we define anonymity, unlinkability, linkability,undetectability, unobservability, pseudonymity (pseudonyms and digitalpseudonyms, and their attributes), identifiability, identity, p...

Recent proposals for privacy pictograms show a growing interest of simplifying privacy-related statements. Such pictograms can be useful to enhance the users' understanding of privacy issues and empower to react accordingly. In this text we bring together various mostly independently developed approaches and compare them with each other. We disting...

Identity management has to comprise all areas of life throughout one's whole lifetime to gain full advantages, e.g., ease-of-use for all kinds of digital services, authenticity and authorisation, reputation and user-controlled privacy.To help laying the foundations for identity management applicable to people's whole life, we describe the formation...

Creating and managing individual identities is a central challenge of the digital age. As identity management systems defined here as programs or frameworks that administer the collection, authentication, or use of identity and information linked to identity are implemented in both the public and private sectors, individuals are required to identif...

Welche Auswirkungen Trusted Computing auf die Privatsphäre von Menschen haben wird, lässt sich zum heutigen Zeitpunkt noch nicht abschließend feststellen. Allerdings können aus der Spezifikation, den Best Practice-Vorschlägen sowie den mutmaßlichen Szenarien, in denen Trusted Computing zum Einsatz kommen soll, bereits zahlreiche Chancen, aber auch...

Based on the nomenclature of the early papers in the field, we propose a terminology which is both expressive and precise. More particularly, we define anonymity, unlinkability, unobservability, pseudonymity (pseudonyms and digital pseudonyms, and their attributes), and identity management.

The processing of personal data is a prerequisite of today's participation in the information society, which increasingly implies threats to individuals' privacy. Classical Identity Management Systems (IMS) may even intensify those privacy threats. However, comprehensive user-controlled IMS take a different approach, as they implement privacy princ...

User-controlled identity management systems assist individuals in managing their private sphere. An individuals privacy can be supported by transparency on processing of personal data. After giving an overview on transparency properties as well as its relation to privacy and data protection regulation, this text introduces different transparency to...

In today’s information society, users have lost effective control over their personal spheres. Emerging pervasive computing technologies, where individuals are usually unaware of a constant data collection and processing in their surroundings, will even heighten this problem. It is, however critical, to our society and to democracy to retain and ma...

Interacting in the Internet, individuals should be empowered to use only those subsets of their personal attributes, called partial identities, which are appropriate for the actual situation and context. Refraining from acting under few and easily linkable partial identities is a prerequisite for trustworthy privacy. Traditionally user-controlled i...

In offering services to individuals, enterprises often deal with a lot of personal information, the improper handling of which creates security risks for both the enterprises and individuals concerned. Authentication procedures usually assume specific behavior on the part of individuals, and this perception becomes a critical part of an enterprise'...

The European Union sees the introduction of the ePassport as a step towards rendering passports more secure against forgery while facilitating more reliable border controls. In this paper we take an interdisciplinary approach to the key security and privacy issues arising from the use of ePassports. We further analyse how European data protection l...

Transparency is an important precondition for the users' control over their privacy. It can increase the users' trust in accurate and secure processing of their personal data. This paper presents concepts and implementations of different transparency tools, which are employed in a user-controlled identity management system of the project PRIME – Pr...

Based on the nomenclature of the early papers in the field, we propose a terminology which is both expressive and precise. More particularly, we define anonymity, unlinkability, undetectability, unobservability, pseudonymity (pseudonyms and digital pseudonyms, and their attributes), and identity management. In addition, we describe the relationship...

To enable trustworthy privacy, identity management has to be user-controlled, i.e. each user administrates his/her partial identities being supported by an identity management system running on his/her machines under his/her control. Past work on user-controlled identity management focused on isolated users administrating their partial identities m...

In der Informationsgesellschaft ist das Thema Identität von wesentlicher Bedeutung: Dieser Artikel beschreibt relevante Trends im Lebenszyklus von digitalen Identitäten und greift exemplarisch die beiden Bereiche Authentisierung und Identitätsmanagement heraus, in denen aktuelle Entwicklungen zu berichten sind.

Zusammenfassung Welche Ziele verfolgt die EU-Kommission mit der aktuellen F�rderung in den Gebieten Identit�t und Identit�tsmanagement? Der vorliegende Artikel fasst relevante politische Ziele, aktuelle F�rdervorhaben und zuerwartende Ergebnisse zusammen.

Welche Arten von offiziellen Identitäts-dokumenten gibt es? Wofür werden sie eingesetzt? Welche Technologien finden Verwendung? Dieser Artikel gibt eine Übersicht über europäische Identitäts-dokumente, bewertet den neuen europäischen Reisepass unter Datenschutz-und Sicherheitsgesichtspunkten und fasst aktuelle Trends zusammen.

This booklet is a high quality output for public diffusion. It aims to raise awareness and better understanding of identity issues using a set of very different cases, stories, scenarios and perspectives coming from very different fields of interest. It is based on several technically challenging contributions in FIDIS deliverable 2.2. Seven subjec...

The shift from a paper-based to an electronic-based society has dra- matically reduced the cost of collecting, storing and processing in- dividuals' personal information. As a result, it is becoming more common for businesses to "profile" individuals in order to present more personalized offers as part of their business strategy. While such profile...

This document proposes an inventory of topics and clusters for the Identity domain, which focuses on the identification and definition of the principal concepts and terms that are used in this field. The objective is to provide to both the experts and the non-expert a vocabulary of well-defined terms facilitating the comprehension of the Identity d...

Zusammenfassung Neue Konzepte für datenschutzförderndes Identitätsmanagement stehen im Mittelpunkt des Projekts „PRIME – Privacy and Identity Management for Europe“. Das Projekt hat am 1. März 2004 begonnen und läuft gefördert im 6. EU-Rahmenprogramm für vier Jahre. Ziel ist, Lösungen zu erforschen und zu entwickeln, die es Menschen ermöglichen, di...

Neue Konzepte für datenschutzförderndes Identi-tätsmanagement stehen im Mittelpunkt des Projekts ?PRIME ? Privacy and Identity Management for Europe?. Das Projekt hat am 1. März 2004 begon-nen und läuft gefördert im 6. EU-Rahmenprogramm für vier Jahre. Ziel ist, Lösungen zu erforschen und zu entwickeln, die es Menschen ermöglichen, die Kontrolle üb...

Der Workshop greift Themen der reaktiven IT-Sicherheit wie Intrusion Detection, Incident Management und Forensik auf. Dabei wird untersucht, ob diese Technologien mit den technischen und rechtlichen Zielstellungen des modernisierten Datenschutzes vereinbar sind, ohne andere juristische oder organisatorische Anforderungen, beispielsweise aus dem Ber...

Privacy-Enhancing Technologies (PET) are the technical answer to social and legal privacy requirements. PET become constituents for tools to manage users' personal data. Users can thereby control their individual digital identity, i.e. their individual partial identities in an online world. Existing commercially available identity management system...

N3 - ..\files\pub_del_D05.1.a_ec_wp05.1_V2_final.pdf N4 - N5 -

The research project "AN.ON - Anonymity online" focuses on developing and providing a Web anonymising service. This service provides anonymity and unobservability against external observers, the user's ISP and the operators of the service themselves. AN.ON is being promoted by the German Federal Ministry of Economic Affairs for three years (2001-20...

Zusammenfassung Vor dem Hintergrund aktueller Entwicklungen in Politik, Wirtschaft und Verwaltung gewinnt sowohl die Nutzung als auch das Management elektronischer Identitäten zunehmend an Be-deutung. Um die Erörterung dieses wichtigen Themas zu erleichtern, werden in diesem Bei-trag wesentliche Begriffe des Identitätsmanagements in Form eines Glos...

Today’s software often does not fulfil basic security or privacy requirements. Some people regard the Open Source paradigm as the solution to this problem. First, we carefully explain the security and privacy aspects of Open Source, which in particular offer the possibility for a dramatic increase in trustworthiness for and autonomy of the user. We...

We show our approach in developing an identity management system with respect to multilateral security. After examining digital pseudonyms and credentials as basic concepts of such a system, we give an introduction to technologies for multilateral security and describe an architecture which enables multilaterally secure communication. By means of d...

Ein Identitätsmanagementsystem ermöglicht Nutzern, Art und Umfang der Herausgabe personenbezogener Daten zu kontrollieren. Damit ist es ein wichtiger Baustein für Datenschutz und mehrseitige Sicherheit. Wir beschreiben Anforderungen und Lösungen für ein umfassendes, datenschutzförderndes Identitätsmanagementsystem, das auf Pseudonymen beruht und ei...

Based on the nomenclature of the early papers in the field, we propose a set of terminology which is both expressive and precise. More particularly, we define anonymity, unlinkability, unobservability, and pseudonymity (pseudonyms and digital pseudonyms, and their attributes). We hope that the adoption of this terminology might help to achieve bett...

Das Programm der sechsten Fachtagung der Fachgruppe "Verlässliche IT-Systeme" der Ge­ sellschaft für Informatik steht für einen - schleichenden - Paradigmenwechsel in der IT­ Sicherheit: Nicht grundsätzlich neue Lösungen, Verfahren, Protokolle oder Ansätze prägen das Bild, sondern die Komplexität heutiger IT-Systeme wird zunehmend zur Herausforderu...

Identity management is a powerful mechanism to enhance user-privacy. In this paper we will examine the idea of an identity management system built atop of an anonymous-communication network. First, we will develop some basic approaches to realize identity management, and we will introduce the Platform for Privacy Preferences Project (P3P) as a stan...

Based on the nomenclature of the early papers in the field, we propose a set of terminology which is both expressive and precise. More particularly, we define anonymity, unlinkability, unobservability, and pseudonymity (pseudonyms and digital pseudonyms, and their attributes). We hope that the adoption of this terminology might help to achieve bett...

Dass der traditionelle Datenschutz in der Krise ist, liegt auf der Hand. Ob man deshalb in larmoyanten Pessimismus verfallen muss oder gar wie Scott McNealy zynisch verkünden darf: „ You have zero privacy anyway. Get over it! “, sei dahingestellt. Denkbar ist auch, dass den Menschen aus der Informationstechnik ganz neue Instrumente zum Schutz ihrer...

Bei der Nutzung des Internet hinterlässt jeder Teilnehmer Spuren. Einige Nutzer-informationen werden bewusst und freiwillig im Internet zur Verfügung gestellt, über andere Daten wissen viele Teilnehmer nicht Bescheid. Es muss unterschieden werden, wer jeweils Zugriff auf die Datenspuren hat und welche Kenntnisse daraus erlangt werden können. Nicht...

Este documento explica por qué el SPIT (Spam sobre telefonía IP) es más difícil de filtrar que el spam convencional mediante correos electrónicos, indica panoramas y posibles medidas para evitarlo y presenta un prototipo para un sistema de gestión de disponibilidad para filtrar SPIT que se está desarrollando actualmente en el proyecto SPIT-AL.

Kurzfassung: Bei jeder Nutzung des Internet hinterläßt der Teilnehmer Spuren. Solche Datenspuren können auf allen Stationen des Übertragungsweges gespeichert und ausgewertet werden. Es existieren jedoch technische Verfahren, die es dem Nutzer ermöglichen, anonym und unbeobachtbar zu kommunizieren . Das vorliegende Konzept beschreibt eine Variante d...