Towards Domain-Specific and Privacy-Preserving Qualified eID in a User-Centric Identity Model

TY - GEN

T1 - Towards Domain-Specific and Privacy-Preserving Qualified eID in a User-Centric Identity Model

AU - Lenz, Thomas

AU - Krnjic, Vesna

PY - 2018/9/6

Y1 - 2018/9/6

N2 - Unique and qualified identification is essential in numerous security-critical areas, like eGovernment, or eBusiness. Therefore, many countries have already deployed eID solutions to confirm identity information of entities and to increase trust into the identity information. Many of these confirmation solutions only support an all-or-nothing disclosure, which means that selective disclosure of single attributes is not possible. Some other work has dealt with this privacy issue by using anonymous credentials or malleable signatures. However, all of these solutions lacks in flexible generation of qualified and provable pseudonyms that based on confirmed eID information. In this paper, we propose an advanced and lightweight model for user-centric and qualified identity information that facilitates selective disclosure and domain-specific altering of single identity attributes in order to protect the citizen's privacy. We illustrate the practical applicability of our model by implementing all components as prototype applications. Finally, we evaluate our model and compare it with other approaches for selective disclosure.

AB - Unique and qualified identification is essential in numerous security-critical areas, like eGovernment, or eBusiness. Therefore, many countries have already deployed eID solutions to confirm identity information of entities and to increase trust into the identity information. Many of these confirmation solutions only support an all-or-nothing disclosure, which means that selective disclosure of single attributes is not possible. Some other work has dealt with this privacy issue by using anonymous credentials or malleable signatures. However, all of these solutions lacks in flexible generation of qualified and provable pseudonyms that based on confirmed eID information. In this paper, we propose an advanced and lightweight model for user-centric and qualified identity information that facilitates selective disclosure and domain-specific altering of single identity attributes in order to protect the citizen's privacy. We illustrate the practical applicability of our model by implementing all components as prototype applications. Finally, we evaluate our model and compare it with other approaches for selective disclosure.

KW - privacy

KW - Digital signatures

KW - Smart devices

KW - Cryptography

KW - Stakeholders

KW - authentication

KW - Data models

U2 - 10.1109/TrustCom/BigDataSE.2018.00160

DO - 10.1109/TrustCom/BigDataSE.2018.00160

M3 - Conference contribution

SN - 978-1-5386-4389-1

SP - 1157

EP - 1163

BT - 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)

PB - IEEE Computer Society

ER -