The platform for privacy preferences
Communications of the ACM
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
Anonymity, unobservability, and pseudeonymity — a proposal for terminology
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
ACM SIGAda Ada Letters
Privacy in browser-based attribute exchange
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
A pseudonymous communications infrastructure for the internet
A pseudonymous communications infrastructure for the internet
First experiences using XACML for access control in distributed systems
Proceedings of the 2003 ACM workshop on XML security
A Network Access Control Approach Based on the AAA Architecture and Authorization Attributes
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Computer
Privacy and identity management for everyone
Proceedings of the 2005 workshop on Digital identity management
Managing privacy preferences for federated identity management
Proceedings of the 2005 workshop on Digital identity management
Identities Management for E-Commerce and Collaboration Applications
International Journal of Electronic Commerce
A taxonomy of single sign-on systems
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
Platform for enterprise privacy practices: privacy-enabled management of customer data
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Using XACML for privacy control in SAML-based identity federations
CMS'05 Proceedings of the 9th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
A privacy protection model in ID management using access control
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
An architecture for privacy-aware inter-domain identity management
DSOM'05 Proceedings of the 16th IFIP/IEEE Ambient Networks international conference on Distributed Systems: operations and Management
| Hi-index | 0.00 |
Depending on whether the users or the providers are performing it, Identity Management (IM) traditionally has different meanings. For users, IM means to choose between one's own identities and roles, in order to make selected personal information available to providers under privacy aspects. For providers, IM typically consists of centralized identity data repositories and their use by the offered services. Methods and tools for both aspects of IM have developed almost orthogonally, failing to consider their interoperability and complementary purposes. We analyze the similarities between both IM aspects and demonstrate how both sides can benefit from the use of a common policy language for personal information release and service provisioning. We derive criteria for this common policy language, demonstrate XACML's suitability and discuss our prototype for the Shibboleth IM system.