Privacy by Design Identity Architecture Using Agents and Digital Identities
Pages 73 - 94
Abstract
Today’s web is comprised of a patchwork of identity solutions because neither identity nor privacy were designed-in when it was created. This paper proposes an integrative identity architecture that satisfies the principles of privacy by design from inception. Comprised of identity agents and digital identities that are tightly held by their owners, the architecture decentralizes control over identity from providers to users. Owners can manage their digital identities and private data such that liability risks are reduced for service providers without compromising ease-of-use. Identity agents and digital identities enable owners to prove who they are when required, protect their private and identifying data, and securely collaborate. Digital identities are virtualized to look and behave like credentials found in one’s wallet thereby facilitating technology adoption and reducing dependency on remote access passwords. A gestalt privacy by design process has been used to discover and validate the architecture’s privacy requirements and design elements, systematically reasoning about how the design satisfies the requirements. The process can be applied to organically improve the architecture and create a reference model for open source development. This paper also relates the architecture to W3C’s models for verifiable credentials and decentralized identifiers, summarizes the architecture’s features, capabilities and benefits, and suggests areas for further study.
References
[1]
Cavoukian, A.: Privacy by Design, The 7 Foundational Principles. https://www.ipc.on.ca/wp-content/uploads/Resources/7foundationalprinciples.pdf
[2]
Brooker, K.: Tim Berners-Lee tells us his radical new plan to upend the World Wide Web, FastCompany, 29 September 2018
[3]
Cameron, K.: The Laws of Identity, May 2005. http://myinstantid.com/laws.pdf
[4]
Cavoukian, A.: Consumers bear the cost of their privacy protection, Globe and Mail, 7 September 2018
[5]
Jones, H.: Accelerating the future of privacy through smartdata agents, Cognitive World, AI & Big Data, 3 November 2018
[6]
Allen, C.: The path to self-sovereign identity, 27 April 2016. http://coindesk.com
[7]
Sovrin Foundation, Sovrin: A Protocol and Token for Self-Sovereign Identity and Decentralized Trust, Version 1, January 2018. https://sovrin.org
[8]
World Wide Web Consortium (W3C), verifiable credentials data model 1.0: expressing verifiable information on the Web, W3C recommendation, 19 November 2019
[9]
World Wide Web Consortium (W3C), Decentralized Identifiers (DIDs) v1.0: Core Data Model and Syntaxes, WC3 Working Draft 09 December 2019
[10]
Asokan, N., Niemi, V., Laitinen, P.: On the usefulness of proof of possession. In: 2nd Annual PKI Workshop, 28–29 April 2003, pp. 136–141 (2003)
[11]
Toth, K.C., Anderson-Priddy, A.: Architecture for self-sovereign digital identity. Computer Applications for Industry and Engineering, New Orleans, LA, 8–10 October 2018
[12]
Toth KC and Anderson-Priddy A Self-sovereign digital identity: a paradigm shift for identity IEEE Secur. Priv. 2019 17 3 17-27
[13]
Toth, K.C., Anderson-Priddy, A.: Privacy by design using agents and sovereign identities. In: Information Security and Privacy Protection Conference (IFIP-SEC), Work in Progress and Emerging Technology Track, Lisbon, Portugal, 25–27 June 2019 (2019)
[14]
Rescorla, E.: Diffie-Hellman key agreement method, RTFM Inc., June 1999
[15]
Robles, K.: BlockchainMe, tool for creating verifiable IDs on the blockchain, 2 December 2016. https://github.com/kiarafrobles/blockchainMe
[16]
NIST Special Publication 800–63A, Digital Identity Guidelines, Enrollment and Identity Proofing, January 2017. 10.6028/NIST.SP.800-63a
[17]
Cohn-Gordon, K., et al.: A formal analysis of the signal messaging protocol, November 2017. https://eprint.iacr.org/2016/1013.pdf
Index Terms
- Privacy by Design Identity Architecture Using Agents and Digital Identities
Index terms have been assigned to the content through auto-classification.
Recommendations
The Evolution of Online Identity
The author proposes that we must significantly improve how we authenticate ourselves on various computer systems to address growing security and privacy threats. As part of that process, we must adopt an identity metasystem that relies on in-person ...
Enhancing and Evaluating Identity Privacy and Authentication Strength by Utilizing the Identity Ecosystem
WPES'18: Proceedings of the 2018 Workshop on Privacy in the Electronic SocietyThis paper presents a novel research model of identity and the use of this model to answer some interesting research questions. Information travels in the cyber world, not only bringing us convenience and prosperity but also jeopardy. Protecting this ...
Privacy in Digital Identity Systems: Models, Assessment, and User Adoption
Electronic GovernmentAbstractThe use of privacy protection measures is of particular importance for existing and upcoming users’ digital identities. Thus, the recently adopted EU Regulation on Electronic identification and trust services (eIDAS) explicitly allows the use of ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Jun 2020
217 pages
ISBN:978-3-030-55195-7
DOI:10.1007/978-3-030-55196-4
© Springer Nature Switzerland AG 2020.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 04 June 2020
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 22 Dec 2024