Identity Management Requirements in Future Internet
Resumo
The characteristics of the Future Internet and the emerging technologies result in new requirements, in which user security issues are highlighted. Identity Management requirements are linked to the development of systems able to prevent unauthorized use of digital identities, information overload, and to enhance user privacy. This paper highlights the Identity Management requirements in Future Internet context, based on its characteristics. Security and privacy were identified as key factors since they determine the overall trustworthiness of a system in terms of confidentiality, integrity and availability. Further, we introduce a discussion, in which we present the relationship between the Identity Management requirements and a future Internet scenario.Referências
Akinyele, J. A., Lehmann, C. U., Green, M. D., Pagano, M. W., Peterson, Z. N. J., and Rubin, A. D. (2010). Self-protecting electronic medical records using attribute-based encryption. IACR Cryptology ePrint Archive, 2010.
Alpár, G., Hoepman, J., and Siljee, J. (2011). The identity crisis security, privacy and usability issues in identity management. Identity Management on Mobile Devices, abs/1101.0427.
Benaloh, J., Chase, M., Horvitz, E., and Lauter, K. (2009). Patient controlled encryption: ensuring privacy of electronic medical records. In Proceedings of the 2009 ACM workshop on Cloud computing security, CCSW ’09, pages 103–114, New York, NY, USA. ACM.
Bosworth, K., Lee, M. G. G., Jaweed, S., and Wright, T. (2005). Entities, identities, identifiers and credentials what does it all mean? BT Technology Journal, 23(4).
Cao, Y. and Yang, L. (2010). A survey of identity management technology. In Information Theory and Information Security (ICITIS), 2010 IEEE International Conference on, pages 287–293.
Chim, T., Yiu, S., Hui, L., and Li, V. (2011). SPECS: secure and privacy enhancing communications schemes for VANETs. Ad Hoc Network, 9:189 – 203.
Dhamija, R. and Dusseault, L. (2008). The seven flaws of dentity management: usability and security challenges. IEEE Security and Privacy, 6:24–29.
Gomez-Skarmeta, A. F., Martinez-Julia, P., Girao, J., and Sarma, A. (2010). Identity based architecture for secure communication in Future Internet. In The 6th ACM Workshop on Digital Identity Management, pages 45–48, Chicago, Illinois, USA.
ITU-T (2009). NGN Identity Management framework. Recommendation ITU-T Y.2720. December.
Levin, A., Sutherland, E., and Choe, Y. (2009). The Future Internet. Technical report, International Communication Union ITU.
Paul, S., Pan, J., and Jain, R. (2011). Architectures for the future networks and the next generation internet: a survey. Computer Communications, 34:2–42.
Sabena, F., Dehghantanha, A., and Seddon, A. P. (2010). A review of vulnerabilities in identity management using biometrics. In International Conference on Future Networks, pages 42–49.
Salsano, S., Polidoro, A., Mingardi, C., Niccolini, S., and Veltri, L. (2008). Sip-based mobility management in next generation networks. IEEE Wireless Communications, 15(2):92–99.
Sarma, A. and Girao, J. (2009). Identities in the Future Internet of Things. Wireless Personal Communication, 49:353–363.
Van Rooy, D. and Bus, J. (2010). Trust and privacy in the future internet, a research perspective. Identity in the Information Society, 3:397–404. 10.1007/s12394-0100058-7.
Wan, M., Liu, Y., Zhou, H., and Zhang, H. (2010). A chord-based handoff authentication scheme under id/locator separation architecture. In Advanced Intelligence and Awarenss Internet (AIAI 2010), 2010 International Conference on, pages 309–314.
Weber, S., Martucci, L., Ries, S., and Mühlhäuser, M. (2010). Towards trustworthy identity and access management for the Future Internet. In Trustworthy IoPTS: The 4th International Workshop on Trustworthy Internet of People Things and Services, Tokyo, Japan.
Alpár, G., Hoepman, J., and Siljee, J. (2011). The identity crisis security, privacy and usability issues in identity management. Identity Management on Mobile Devices, abs/1101.0427.
Benaloh, J., Chase, M., Horvitz, E., and Lauter, K. (2009). Patient controlled encryption: ensuring privacy of electronic medical records. In Proceedings of the 2009 ACM workshop on Cloud computing security, CCSW ’09, pages 103–114, New York, NY, USA. ACM.
Bosworth, K., Lee, M. G. G., Jaweed, S., and Wright, T. (2005). Entities, identities, identifiers and credentials what does it all mean? BT Technology Journal, 23(4).
Cao, Y. and Yang, L. (2010). A survey of identity management technology. In Information Theory and Information Security (ICITIS), 2010 IEEE International Conference on, pages 287–293.
Chim, T., Yiu, S., Hui, L., and Li, V. (2011). SPECS: secure and privacy enhancing communications schemes for VANETs. Ad Hoc Network, 9:189 – 203.
Dhamija, R. and Dusseault, L. (2008). The seven flaws of dentity management: usability and security challenges. IEEE Security and Privacy, 6:24–29.
Gomez-Skarmeta, A. F., Martinez-Julia, P., Girao, J., and Sarma, A. (2010). Identity based architecture for secure communication in Future Internet. In The 6th ACM Workshop on Digital Identity Management, pages 45–48, Chicago, Illinois, USA.
ITU-T (2009). NGN Identity Management framework. Recommendation ITU-T Y.2720. December.
Levin, A., Sutherland, E., and Choe, Y. (2009). The Future Internet. Technical report, International Communication Union ITU.
Paul, S., Pan, J., and Jain, R. (2011). Architectures for the future networks and the next generation internet: a survey. Computer Communications, 34:2–42.
Sabena, F., Dehghantanha, A., and Seddon, A. P. (2010). A review of vulnerabilities in identity management using biometrics. In International Conference on Future Networks, pages 42–49.
Salsano, S., Polidoro, A., Mingardi, C., Niccolini, S., and Veltri, L. (2008). Sip-based mobility management in next generation networks. IEEE Wireless Communications, 15(2):92–99.
Sarma, A. and Girao, J. (2009). Identities in the Future Internet of Things. Wireless Personal Communication, 49:353–363.
Van Rooy, D. and Bus, J. (2010). Trust and privacy in the future internet, a research perspective. Identity in the Information Society, 3:397–404. 10.1007/s12394-0100058-7.
Wan, M., Liu, Y., Zhou, H., and Zhang, H. (2010). A chord-based handoff authentication scheme under id/locator separation architecture. In Advanced Intelligence and Awarenss Internet (AIAI 2010), 2010 International Conference on, pages 309–314.
Weber, S., Martucci, L., Ries, S., and Mühlhäuser, M. (2010). Towards trustworthy identity and access management for the Future Internet. In Trustworthy IoPTS: The 4th International Workshop on Trustworthy Internet of People Things and Services, Tokyo, Japan.
Publicado
19/11/2012
Como Citar
TORRES, Jenny; MACEDO, Ricardo; NOGUEIRA, Michele; PUJOLLE, Guy.
Identity Management Requirements in Future Internet. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 12. , 2012, Curitiba.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2012
.
p. 317-323.
DOI: https://doi.org/10.5753/sbseg.2012.20556.
