Strangers can build a fairly complete picture of our movements, transactions and relationships from the cyber-trail we leave behind. This has major implications for what has become a pervasive tool to society, business and administrations.
Privacy and identity management are fast becoming fundamental to future developments on the internet. Hard-won trust in e-commerce and in using e-government services, for example, could quickly erode if security issues are not properly addressed.
Two basic rules govern how people can better protect themselves online, according to specialists. First, we need to “separate contexts” so that observers cannot accumulate sensitive data – basically, by making it much harder for cyber-spies to join the online dots of our lives. Second, and crucially, we have to really keep track of what we do disclose.
These rules form the basis of the concepts and prototypes developed within the PRIME project. Perhaps borrowing from the Joan Armatrading song, PRIME’s mantra is “Me, myself and I! Manage your identities safely”.
“Our main aim is for people to gain autonomy over their personal data, so they can make informed decisions on what information they provide online,” says project partner Marit Hansen of Germany’s Independent Centre for Privacy Protection (ULD, the Data Protection Authority for Land Schleswig-Holstein).
Like a good poker player who never fully reveals his hand, good identity management (IDM) means choosing and developing appropriate partial identities. For example, OnionCoffee is a PRIME software module written in Java to help end-users exchange information anonymously over the internet.
The EU-funded project has put together a toolbox, console (interface for managing identity online) and middleware (software to glue components together) to help individuals and organisations wrest control of their online identities.
The toolbox or building blocks make good use of tutorials, application modules and documentation, including a White Paper published in 2007. The tools PRIME developed marry the need for accountability (i.e. proving you are 18 to enter certain websites) with the need for anonymity.
A key component is the use of “private credentials” derived from certificates issued by, say, professional ID providers, such as online payment operators, on different pseudonyms for the same person.
“Multiple private credentials can be created from a single certificate,” says Hansen. Using cryptography, there is nothing tying them so the person's anonymity is assured. If the system is abused – i.e. fraudulent and/or antisocial behaviour – the anonymity built into the private credentials can be revoked, and appropriate action taken against the individual, she warns.Sticky policies
“Sticky policies” can also be written into IDM applications so that the policy literally travels on the back of the data being transferred. This means, if data is passed on (legally) to third parties, the policy stays with the data, thus protecting the source’s privacy (i.e. that means you and I).
So using a combination of pseudonyms and PRIME private credentials, data provided through e-commerce, e-health, or e-government applications are secured against future misuse. In principle, this also works in web-mail accounts and online social networking, which is one of the extended scenarios dealt with in the follow-up EU-funded project PrimeLife, starting in 2008.PET project
Data Track also records the privacy policies of the service providers, and lets you query how your data has been used after the fact. It also helps you (re)use appropriate accounts – logins and passwords – in different contexts, keeping them apart (unless otherwise instructed).
PRIME has developed its tools and applications in the sprit of the EU’s ‘privacy enhancing technologies’ (PET) initiative. According to the European Commission, wider development and use of PETs should boost efforts to protect citizens’ privacy. The project is also actively engaged in standard setting, such as ISO and W3C, in identity management.
Since 2004, PRIME has pioneered this multiple-context approach to digital IDM, suggests Hansen. Today, as online security concerns have grown, there is an even stronger case for its approach, as well as an untapped market for its components, especially with digital signature providers and mobile data handlers.
“The market is ripe for better data protection and privacy solutions, especially as more mobile data transactions take place, and we are well placed to capitalise on this,” confirms Hansen. “In fact, we’re very interested in commercial or marketing partnerships to make this happen.”
PRIME has already spun-off a location-based service system to Germany’s T-Mobile and plans to refine some of its tools and platforms, particularly in data structuring and workflow, in PrimeLife, which was recently presented at the CISTRANA Topical Seminar on ICT Security.
Christian Nielsen | alfa
21.08.2017 | Albert-Ludwigs-Universität Freiburg im Breisgau
AI implications: Engineer's model lays groundwork for machine-learning device
18.08.2017 | Washington University in St. Louis
Whether you call it effervescent, fizzy, or sparkling, carbonated water is making a comeback as a beverage. Aside from quenching thirst, researchers at the University of Illinois at Urbana-Champaign have discovered a new use for these "bubbly" concoctions that will have major impact on the manufacturer of the world's thinnest, flattest, and one most useful materials -- graphene.
As graphene's popularity grows as an advanced "wonder" material, the speed and quality at which it can be manufactured will be paramount. With that in mind,...
Physicists at the University of Bonn have managed to create optical hollows and more complex patterns into which the light of a Bose-Einstein condensate flows. The creation of such highly low-loss structures for light is a prerequisite for complex light circuits, such as for quantum information processing for a new generation of computers. The researchers are now presenting their results in the journal Nature Photonics.
Light particles (photons) occur as tiny, indivisible portions. Many thousands of these light portions can be merged to form a single super-photon if they are...
For the first time, scientists have shown that circular RNA is linked to brain function. When a RNA molecule called Cdr1as was deleted from the genome of mice, the animals had problems filtering out unnecessary information – like patients suffering from neuropsychiatric disorders.
While hundreds of circular RNAs (circRNAs) are abundant in mammalian brains, one big question has remained unanswered: What are they actually good for? In the...
An experimental small satellite has successfully collected and delivered data on a key measurement for predicting changes in Earth's climate.
The Radiometer Assessment using Vertically Aligned Nanotubes (RAVAN) CubeSat was launched into low-Earth orbit on Nov. 11, 2016, in order to test new...
A study led by scientists of the Max Planck Institute for the Structure and Dynamics of Matter (MPSD) at the Center for Free-Electron Laser Science in Hamburg presents evidence of the coexistence of superconductivity and “charge-density-waves” in compounds of the poorly-studied family of bismuthates. This observation opens up new perspectives for a deeper understanding of the phenomenon of high-temperature superconductivity, a topic which is at the core of condensed matter research since more than 30 years. The paper by Nicoletti et al has been published in the PNAS.
Since the beginning of the 20th century, superconductivity had been observed in some metals at temperatures only a few degrees above the absolute zero (minus...
16.08.2017 | Event News
04.08.2017 | Event News
26.07.2017 | Event News
24.08.2017 | Life Sciences
24.08.2017 | Life Sciences
24.08.2017 | Medical Engineering