Privacy-preserving Infrastructure for. Social Identity Management



Similar documents
E-Commerce Design and Implementation Tutorial

Customer Intimacy Analytics

Targeted Advertising and Consumer Privacy Concerns Experimental Studies in an Internet Context

for High Performance Computing

User Guidance in Business Process Modelling

Buyout and Distressed Private Equity: Performance and Value Creation

An Enterprise Modeling Framework for Banks using. Algebraic Graph Transformation

Multi-Channel Distribution Strategies in the Financial Services Industry

Satellite-UMTS - Specification of Protocols and Traffic Performance Analysis

Implementation requirements for knowledge management components into ERP Systems: Comparison of software producers and companies

COUNTERACTING PHISHING THROUGH HCI: DETECTING ATTACKS AND WARNING USERS

Fabrice Mogo Nem. Engineering Networks Holistic approach for multidiscipiinary Product Lifecycle Management. Band 9

Cost-Benefit Analysis of Videoconferencing and Telepresence Systems in Virtual Project Environments: a Holistic Approach. D i p l o m a r b e i t

THE ROLE OF SMALL MANUFACTURING ENTERPRISES IN SUSTAINABLE REGIONAL DEVELOPMENT

A Process Model for Data Warehouses Integration to Enable Business Intelligence: An Applicability Check for the Airline Sector.

Requirements and Challenges for the Migration from EDIFACT-Invoices to XML-Based Invoices. Master Thesis

BIOMETRIC AUTHENTICATION AND AUTHORISATION INFRASTRUCTURES

1 Business Modeling. 1.1 Event-driven Process Chain (EPC) Seite 2

Table of Contents. CHAPTER 1 Web-Based Systems 1. CHAPTER 2 Web Engineering 12. CHAPTER 3 A Web Engineering Process 24

Boom and Bust Cycles in Scientific Literature A Toolbased Big-Data Analysis

Three Contributions to Experimental Economics

Evaluation of Selection Methods for Global Mobility Management Software

Design Document Version 0.0

Analysis of Business Models for Electric Vehicles Usage

Towards Visual EAM Analytics: Explorative Research Study with Master Students

53. IWK Internationales Wissenschaftliches Kolloquium International Scientific Colloquium

Optimized Scheduling in Real-Time Environments with Column Generation

Requirements Engineering for Web Applications

User-centered Requirements Elicitation for Business Intelligence Solutions

6,011,024 Jan. 4, 2000

Comparing Social Media Sites: A Facebook Case Study about Employer Branding. Bachelorarbeit

Julia Fischer, Stefan Naumann, Markus Dick {-.-, s.naumann, m.dick} (at) umwelt-campus.de

Nr.: Fakultät für Informatik Otto-von-Guericke-Universität Magdeburg

Software Engineering Reference Framework

SharePoint Training DVD Videos

Enhancing the Fusion Method to Fusion B Requirements Engineering and Formal Specification

How To Develop A Business Model For Big Data Driven Innovation

A CONCEPTUAL MODEL FOR REQUIREMENTS ENGINEERING AND MANAGEMENT FOR CHANGE-INTENSIVE SOFTWARE

Module F13 The TOGAF Certification for People Program

A Framework for Software Product Line Engineering

For More Information Please Contact

THE OPEN UNIVERSITY OF TANZANIA FACULTY OF SCIENCE TECHNOLOGY AND ENVIRONMENTAL STUDIES BACHELOR OF SIENCE IN DATA MANAGEMENT

Tool-Based Business Process Modeling using the SOM Approach

Components and Functions of Crowdsourcing Systems

University of Regensburg

EBS Universität für Wirtschaft und Recht EBS Business School. In order to obtain the academic degree of Doctor rerum politicarum (Dr. rer. pol.

Requirements Engineering: A Roadmap

Arbeitspapiere. Herausgeber: Univ.-Professor Dr. Helge Löbler. Neural Networks as Competitors for methods Of data reduction and classification in SPSS

Scalable End-User Access to Big Data HELLENIC REPUBLIC National and Kapodistrian University of Athens

ECM Governance Policies

Project Proposal Seminar Thesis

10231B: Designing a Microsoft SharePoint 2010 Infrastructure

Course Outline. Business Analysis & SAP BI (SAP Business Information Warehouse)

MicroStrategy Mobile QuickStrike

Understanding and Supporting Intersubjective Meaning Making in Socio-Technical Systems: A Cognitive Psychology Perspective

Effective Change Implementation with the Systemic Organizational Simulation

Context-Aware Role Based Access Control Using User Relationship

11 Tips to make the requirements definition process more effective and results more usable

White Paper The Identity & Access Management (R)evolution

Mobile Claims Management. IT-Based Innovation in Motor Insurance

Microsoft Dynamics AX Windows 8 App Starter Kit. App Development Guide Version 1.0

Common Capabilities for Service Oriented Infrastructures In A Grid & Cloud Computing

The Role of the Software Architect

Zoho CRM and Google Apps Synchronization

Universität Hamburg Master of International Business Administration INTERNET MARKETING STRATEGIES OF THE TRAVEL INDUSTRY:

EHR Standards Landscape

Content management and protection using Trusted Computing and MPEG-21 technologies

Contributions To Ontology-Driven Requirements Engineering

Vancouver Chapter Study Group. BABOK Chapter 1 Introduction. Jorge Vega

Information and Infrastructure Viewpoints

Service Design: Using a GSRM Meta-Model. Ed Buchinski Treasury Board of Canada Secretariat UN/CEFACT TBG-19 Oct. 5 th, 2006

and Deployment Roadmap for Satellite Ground Systems

School of Advanced Studies Doctor Of Education In Educational Leadership With A Specialization In Educational Technology. EDD/ET 003 Requirements

Modeling Temporal Data in Electronic Health Record Systems

A Personalized Emotional Intelligent Tutoring System. Based on AI Planning

Master Data Management Architecture

Object-Oriented Systems Analysis and Design

MASTER OF ARTS IN ADVANCED DESIGN

Twincore - Zentrum für Experimentelle und Klinische Infektionsforschung Institut für Molekulare Bakteriologie

E-Commerce Opportunities for a Commercial Vehicle Industry System Supplier. Bachelorarbeit

A Framework of Context-Sensitive Visualization for User-Centered Interactive Systems

Affiliate Marketing Technology, Opportunities and Challenges

Transcription:

Privacy-preserving Infrastructure for Social Identity Management Dissertation zur Erlangung des Grades eines Doktors der Wirtschaftswissenschaften (Dr. rer. pol.) eingereicht an der Fakultät für Wirtschaftswissenschaften der Universität Regensburg vorgelegt von Michael Netter Berichterstatter: Prof. Dr. Günther Pernul Prof. Dr. Guido Schrycu Tag der Disputation: 25. Juli 2013

Berichte aus der Wirtschaftsinformatik Michael Netter Privacy-preserving Infrastructure for Social Identity Management Shaker Verlag Aachen 2013

Contents 1 Introduction 1 1.1 Motivation and Background 1 1.2 Research Questions 3 1.3 Research Methodology 5 1.3.1 IS Research Paradigms 5 1.3.2 Design Science 6 1.3.3 Design Research Process 8 1.4 Research Overview 10 1.5 Chapter Structure 13 1.6 List of Publications 15 1 Fundamentals 17 2 Social Web 19 2.1 Web 2.0 21 2.2 Social Software 22 2.2.1 Characteristics and Existing Challenges 23 2.2.2 The PADGETS Project 24 2.2.2.1 Concept. Methodology, and Platform 24 2.2.2.2 Security and Privacy as a Major Focus 20 2.3 Social Network Sites 27 2.3.1 Defining Social Network Sites 28 2.3.2 Evolution of SNSs in Practice and Research 29 2.3.3 SNS Characteristics 31 2.3.3.1 SNS Architectures 31 2.3.3.2 SNS Stakeholders 33 2.4 SNSs in the Context of this Work 35 3 Privacy 37 3.1 Privacy Paradigms 38 3.1.1 Legal Perspective 39 Michael Netter, 2013 Dissertation

3 1 2 Irrhliical Perspective 4Q A 1 A SKCI.II Perspective 40.1. P11 \ a c \ Ad\i isaiies 41 \ 2 1 SNS Service Providers 41 i 2 2 SNS l'srrs 42 A it i'l i Va< \ Object i Vc* 42 X 3. 1 Au.ut'iirss 43 3 3.2 ('KHI ml 44 3.1 liamewmk t«u SNS Privacy 44 A. 1.1 Privacy Prote< tion Sirategies from the Viewpoint of SNS Users 44 i l l. I Privacy Protection Against Other SXS Users 45 3.1.1.2 Privacy Protection Against SNS Service Providers.. 46.'i l l? Flamini; Privacy for this Work 47 I Identity Management 49 1 1 Digital Identity Management 50 1.1.1 Basic Building Blocks of Identities 50 1.1.'J Identity Models 52 1.1.'i IdM Fund ions and Technologies 53 I.I. I MM Types 55 1.2 Social Identity Management 56 1.2.1 Theoretical Foundations of SIdM 57 1.3 SIdM Concepts on SXSs 59 1.3.1 Identity Management on SNSs 59 1.3.2 Relationship Management on SNSs 62 1.3.3 Access Management on SNSs 65 1.3.1 Context on SXSs 68 II Requirement Elicitation and Related Work 71 5 Requirements for a Privacy-preserving SIdM Infrastructure 73 5.1 Requirement Elicitation 74 5.1.1 Identity Management Requirements 74 5.1.2 Relationship Management Requirements 75 5.1.3 Access Management Requirements 76 5.1.4 Infrastructural Requirements 77 5.2 Literature Review and Comparision 78 5.2.1 Methodology 78 5.2.1.1 Input 78 5.2.1.2 Processing 79 5.2.1.3 Output 80 Dissertation Michael Netter, 2013

5.2.2 Results of the Comparison 80 5.2.2.1 Limitations 80 5.2.2.2 Identity Management Shortcomings 81 5.2.2.3 Relationship Management Shortcomings 81 5.2.2.4 Access Management Shortcomings 82 5.2.2.5 Infrastructural Shortcomings 83 6 Impact of SNS-mediated Communication on SIdM 85 6.1 Visibility Dimensions and Information Sharing Domains 86 6.1.1 Default Information Spreading 87 6.1.2 Active Information Sharing 88 6.1.3 Past Information Availability 88 6.2 Conception and Design of the Study 89 6.2.1 Setup Phase 90 6.2.2 Default Information Spreading Questionnaire 91 6.2.3 Active Information Sharing Questionnaire 92 6.2.4 Past Information Availability Questionnaire 93 6.3 Results of the Study 94 6.3.1 Demographics and Data Statistics 94 6.3.2 Default Information Spreading 95 6.3.3 Active Information Sharing 97 6.3.4 Past Information Availability 99 6.3.5 Discussion of Results 100 III Proposed Privacy-preserving Social Identity Management Infrastructure 103 7 Privacy-preserving SIdM Fundamentals and Concepts 105 7.1 Information Systems Improvement 106 7.1.1 Theoretical Considerations 106 7.1.2 Principles 107 7.2 Pillars of a PPSIdM Infrastructure 108 7.2.1 Autonomous and User-controlled Environment 109 7.2.2 SIdM Tools Ill 7.3 SIdM Process Model 112 7.3.1 Identity Management Process 114 7.3.2 Relationship Management Process 115 7.3.3 Access Management Process 116 7.3.4 Translation Process 116 7.3.5 SNS Integration Process 117 Michael Netter, 2013 Dissertation

8 Privacy-preserving SIdM Infrastructure 119 ^ I ( herview 119 V2 PPSIdM Provider Characteristics 122 V2.I FRI.-ba.sed Identities 122 V2.2 Contart Authentication and Authorization 123 V2.3 SNS Integration Concept 125 VI?. I SNS Integration Workflow 126 v2."> Summary 126 v3 Identity Facet Manager Component 128 S.X.I Design Principles 128 V.Ì.2 Stanis Quo 129 V3..3 A (ìeneric Model for Social Identity Representation 130 V3.1 Summary 132 V 1 Assisted Audiences Component 132 V l.l Data Analysis Fundamentals 133 V1/2 Import 136 VI.3 Clustering 136 V 1.3.1 Relationship-based Assisted Audiences 136 V 1.3.2 Access Policy-based Assisted Audiences 139 S. 1.3.3 Combining Both Approaches 141 V 1.1 Manual Refinement 142 Vl.-"j Summary 142 S.:> CA-RBAC Component 142 5.5.1 Status Quo 142 8.5.2 Dynamic and Context-aware Access Control 143 8.5.3 Conceptualization of Context on SNSs 145 8.5.4 Defining Contextual Constraints 146 8.5.5 Conceptual Overview of CA-RBAC 147 8.5.6 Example of Sharing of Personal Information using CA-RBAC. 149 8.5.7 Summary 150 8.6 Access Policy Visualization Component 150 8.6.1 Status Quo and Current Challenges 151 8.6.2 Theoretical Considerations 152 8.6.3 Information Visualization 153 8.6.4 Access Control Policy Visualization 154 8.6.4.1 Disclosure Browser 155 8.6.4.2 Access Policy Grid 156 8.6.5 Summary 159 Dissertation Michael Netter. 2013

v 9 Prototype 161 9.1 Architectural Overview 162 9.2 User Interface 162 9.3 Components 165 9.3.1 Identity Facet Manager 165 9.3.2 Assisted Audiences 167 9.3.3 CA-RBAC 170 9.3.4 Access Policy Visualization 171 9.3.5 Web Services 174 9.3.6 Browser Plugin 170 IV Evaluation and Conclusions 179 10 Evaluation 181 10.1 Scenario-based Evaluation 182 10.1.1 Identity Facet and Attribute Management 184 10.1.2 Relationship Management 186 10.1.3 Access Management 188 10.1.4 Translation Phase 191 10.1.4.1 Intra-Identity Facet Review 191 10.1.4.2 Inter-Identity Facet Review 192 10.1.5 Existing SNS Landscape Integration 194 10.1.6 CA-RBAC Evaluation from the Perspective of Contacts 197 10.2 Requirements Framework Comparison 198 11 Conclusions 205 Appendices 209 A AX Schema Attribute Types 211 B OAuth Application Scenario Responses 215 Bibliography 217 Michael Netter, 2013 Dissertati on

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information