dc.description.abstract | More and more online services require user identification. This increases time to fill out extensive
forms and results in large amounts of login and identification data to remember. At the same time
the number of users that need access to those service while roaming is equally increasing.
However, unfortunately many users are not aware that there is a high risk of loosing privacy when
disclosing information about oneself’s identity in an unregulated way. To counteract this and
to help users in managing and maintaining related identity data, so-called Identity Management
Systems have been developed. While available solutions are mainly built for fixed environments,
dependencies to central storages and processing units make them unsuitable for application into
mobile environments. Thus, a more flexible solution is necessary that supports roaming users with
privacy-sensitive handling of identification processes in online transactions.
On this background, the project goal was an extension of the Identity Management System concept
with mobility aspect. A framework for identity and privacy management on mobile devices, consisting
of a procedural method, privacy and security protocols and a user tool has been specified to
give users full control over their identity data in flexible and privacy-friendly ways. Thereby, the
method has been defined to describe the overall process sequence. The supporting protocols then
have been specified to provide ways for users and Service Providers to agree on applied data management
practices, enable automated disclosures of identity data and guarantee secure and anonymous
transmissions. Finally the tool has been defined to present an application to be installed on mobile
phones that integrates the method and the protocols into a user-centered system architecture.
Based on an engineering paradigm in combination with the first part of a six-step development
strategy, this project covers the background research, requirements and specifications and design
and development. This means that the final rollout of the proposed framework solution needs to
be handed over to programmers in a possible project continuation. Those are then responsible for
subsequent coding, testing and deployment.
After requirements and specifications had been derived, the framework has been successfully developed.
While the user tool is responsible for all procedures on the mobile phone, a particular network
infrastructure design allows secure transmissions by maintaining user anonymity. The solution is
developed and the deployment prepared to such detail that programmers can directly start coding
and testing.
As a conclusion, this project revealed several interesting and new aspects in the combined areas of
identity, privacy and mobility. The solution fully meets all defined functional and non-functional
requirements. As an application on mobile phones, the proposed framework allows privacy-sensitive
handling of identity data in online transactions. Together with mechanisms for data management
and maintenance before and after disclosure, it increases user flexibility, simplifies online identification
and decreases processing time. | en_US |