The use of partial identities aims to ensure a privacy-preserving solution with minimal disclosure of PII. The proposed system endows users and smart objects with means to control and manage their private data, by defining partial identities, as a subset of identity attributes from their whole virtual identity. In particular, the proposed IdM system follows a claims-based approach, which is built on top of the Identity Mixer (Idemix) technology (from IBM) to provide additional means to deal with IoT scenarios where interacting entities can be smart objects, in addition to traditional computers. In order to address the challenges arising from the extension of identity management to any thing in our environment, this work proposes a holistic IdM system based on different emerging cryptographic technologies and approaches. Additionally, while technologies such as the Security Assertion Markup Language (SAML) or OpenID allow a selective disclosure of PII, these approaches are based on the presence of a Trusted Third Party (TTP) that needs to be queried during interaction between two entities or services, making the adoption of a real M2M approach difficult to be accomplished. Furthermore, such smart objects could lack user interface, and consequently, human interaction should be maintained at the minimum. However, in IoT, a huge amount of smart objects are enabled to interact with each other, so an explicit user consent for each interaction is not feasible, due to scalability reasons. Indeed, minimizing the disclosure of Personally Identifiable Information (PII) is a basic requirement to realize the Privacy by Design (PbD) notions. Traditional privacy-preserving identity management solutions allow end users to manage their personal data for accessing certain services, by providing user consent mechanisms. In this sense, smart objects should be autonomous and independent entities with their own attributes and identity management mechanisms, which will allow them to preserve its owner’s privacy during their operation. Consequently, there is a strong need for not only adapting identity management (IdM) mechanisms to deal with user’s identities, as it has been studied so far, but also allowing the management of smart objects’ identities. In such a distributed and dynamic environment, devices and services are exposed to additional threats that can compromise their data and, ultimately, the personal and private identity of the involved end users. M2M is considered as a key aspect for a broad adoption of the IoT, since M2M enables a direct communication among such smart objects in an autonomous way. In IoT, billions of interconnected “things” distributed across remote areas serve as a baseline for providing innovative services, which can be accessed not only through the Cloud, but also in a Machine to Machine (M2M) fashion. In order to deal with these applications, the Internet of Things (IoT) is based on the notion of global connectivity to generate, process, and exchange large amounts of sensitive and critical data, which makes them appealing for attackers.
Nowadays, a plethora of embedded and mobile devices can be accessed ubiquitously in different scenarios, such as transport systems, critical infrastructures, or smart cities. Moreover, the IdM system has been successfully implemented, deployed, and tested in the scope of SocIoTal European research project. The IdM system has been specially tailored for the Internet of Things bearing in mind the management of both users’ and smart objects’ identity.
#Idm for mac 2017 Offline
This symbiosis endows the IdM system with advanced features such as privacy-preserving, minimal disclosure, zero-knowledge proofs, unlikability, confidentiality, pseudonymity, strong authentication, user consent, and offline M2M transactions. It combines a cryptographic approach for claim-based authentication using the Idemix anonymous credential system, together with classic IdM mechanisms by relying on the FIWARE IdM (Keyrock). To address this issue, the identity management system defined herein provides a novel holistic and privacy-preserving solution aiming to cope with heterogeneous scenarios that requires both traditional online access control and authentication, along with claim-based approach for M2M (machine to machine) interactions required in IoT. Security and privacy concerns are becoming an important barrier for large scale adoption and deployment of the Internet of Things.
0 kommentar(er)
