You spend 10 minutes filling out the form and since you’re new to the site, the online store asks you to choose your own unique password for the next time you shop at the site. You’re then passed on to a security page which wants to check you’re the legitimate owner of the bank card. Your password is requested.
If you haven’t forgotten the password for the security check with your bank (you may have more than one credit card and the password isn’t the same as your online banking password or your cash card pin), then you’ll probably have forgotten your password to the online store the next time you shop there. Re-requesting all these user names and passwords slows us down from spending our own money or making a quick consultation on the internet.
Simplifying the process
This is a source of frustration which Vincent Etchebarne, innovative services developer at France Telecom’s Orange, understands. “When people go on the internet, they must systematically fill in forms asking for their name and address. Our idea was to memorise all that information and make it mobile so it could be accessed at any PC, whether you were in an internet café or at home,” he says.
The challenge was to find a technical way to save and manage a customer’s information – while keeping it secure from fraudsters on the lookout to steal our personal information. In 2005, Orange partnered up with three other European telecoms operators – TeliaSonera, Telenor and the then Amena (now Orange) to develop a solution. The investigation became a EUREKA project called Fidelity, which stands for Federated Identity Management based on LIBERTY. The operators partnered with telecoms software and hardware developers Ericsson, Axalto and Italtel, three SMEs (Moviquity, TB-Security and Linus) and the University of Oslo, which had specialist knowledge of development and integration in IT systems.
They decided to test a system where telecoms operators could act as “identity providers”. They would have a customer’s personal information and would give the necessary information to third parties after receiving the customer’s permission. “A hotel site, for instance, will ask Orange for your details and then Orange will ask you if you’re happy about sharing your details with the hotel,” explains Etchebarne.
One of the advantages of the system is that customers can save time through having one password with their identity provider. A customer could visit a new website and it would be their identity provider who would handle the virtual paperwork on their behalf.
The secure solution
To make the process secure, the EUREKA partners decided the identity providers would operate within what they called a circle of trust – a circle to which the service providers (internet stores or online news webpages, for example) would also belong, along with attribute providers which securely host the customers’ personal attributes to be shared with service providers. The circle of trust would be a formal partnership where the members would sign a contract agreeing to certain terms such as how information should be exchanged, kept and deleted from databases at a customer’s request.
“Since a contract exists, a customer can ask at any time to have their personal data removed from the records of a company,” says Etchebarne. Customers can also decide to only give limited information to a company. They could decide to just give the information a company or organisation needs to provide them with the service.
“The system gives customers much more control,” says Etchebarne. “Because everything linked, if you change your address, you just change it with your identity provider, not with every website you use.”
Although a customer would have a single password with their identity provider, for extra security, when she visits a website and gives her permission for it to receive her personal data, she would be given a unique security identifier for that website. “In the future, the weather site would be able to recognise it is me from the identifier,” says Etchebarne. “It knows where I live and every time I access the site automatically posts the weather for where I live. It won’t know my name or address. It only needs to know where I live.”
One of the most innovative aspects of FIDELITY is that a customer who is with one identity provider in one circle of trust can also use service providers in other circles of trust. Etchebarne says the identity providers would sign agreements with each other in a similar way to the way in which mobile operators sign roaming deals so that customers continue using their phones abroad on another network.
A bright future
Since concluding the trials during the project which ended at the end of 2006, the FIDELITY partners have started putting the project to commercial use. Orange, for instance, has clinched a contract with the French government to build a web portal through which citizens will be able to access all their public services and share their data with the civil service departments. It will use the FIDELITY system on the portal.
Shar McKenzie | alfa
New software speeds origami structure designs
12.10.2017 | Georgia Institute of Technology
Seeing the next dimension of computer chips
11.10.2017 | Osaka University
University of Maryland researchers contribute to historic detection of gravitational waves and light created by event
On August 17, 2017, at 12:41:04 UTC, scientists made the first direct observation of a merger between two neutron stars--the dense, collapsed cores that remain...
Seven new papers describe the first-ever detection of light from a gravitational wave source. The event, caused by two neutron stars colliding and merging together, was dubbed GW170817 because it sent ripples through space-time that reached Earth on 2017 August 17. Around the world, hundreds of excited astronomers mobilized quickly and were able to observe the event using numerous telescopes, providing a wealth of new data.
Previous detections of gravitational waves have all involved the merger of two black holes, a feat that won the 2017 Nobel Prize in Physics earlier this month....
Material defects in end products can quickly result in failures in many areas of industry, and have a massive impact on the safe use of their products. This is why, in the field of quality assurance, intelligent, nondestructive sensor systems play a key role. They allow testing components and parts in a rapid and cost-efficient manner without destroying the actual product or changing its surface. Experts from the Fraunhofer IZFP in Saarbrücken will be presenting two exhibits at the Blechexpo in Stuttgart from 7–10 November 2017 that allow fast, reliable, and automated characterization of materials and detection of defects (Hall 5, Booth 5306).
When quality testing uses time-consuming destructive test methods, it can result in enormous costs due to damaging or destroying the products. And given that...
Using a new cooling technique MPQ scientists succeed at observing collisions in a dense beam of cold and slow dipolar molecules.
How do chemical reactions proceed at extremely low temperatures? The answer requires the investigation of molecular samples that are cold, dense, and slow at...
Scientists from the Max Planck Institute of Quantum Optics, using high precision laser spectroscopy of atomic hydrogen, confirm the surprisingly small value of the proton radius determined from muonic hydrogen.
It was one of the breakthroughs of the year 2010: Laser spectroscopy of muonic hydrogen resulted in a value for the proton charge radius that was significantly...
17.10.2017 | Event News
10.10.2017 | Event News
10.10.2017 | Event News
19.10.2017 | Materials Sciences
19.10.2017 | Materials Sciences
19.10.2017 | Physics and Astronomy