Privacy-preserving attribute aggregation in eID federations
Autor: | Walter Priesnitz Filho, Thomas Zefferer, Carlos Ribeiro |
---|---|
Rok vydání: | 2019 |
Předmět: |
Authentication
Information retrieval Computer Networks and Communications Process (engineering) Computer science Interoperability 020206 networking & telecommunications 02 engineering and technology Service provider Identity management Locality-sensitive hashing Hardware and Architecture 0202 electrical engineering electronic engineering information engineering Identity (object-oriented programming) media_common.cataloged_instance 020201 artificial intelligence & image processing European union Ontology alignment Software media_common |
Zdroj: | Future Generation Computer Systems. 92:1-16 |
ISSN: | 0167-739X |
Popis: | Personalized electronic services, e.g. from the e-government domain, need to reliably identify and authenticate users. During user-authentication processes, the electronic identity of the respective user is determined and required additional attributes, e.g. name and date of birth, linked to this identity are collected. This attribute-collection process can become complex, especially if required attributes are distributed over various attribute providers that are organized in a federated identity-management system. In many cases, these identity management systems rely on different ontologies and make use of different languages. Hence, identity federations, such as the one currently established across the European Union, require effective solutions to collect user attributes from different heterogeneous sources and aggregate them to a holistic user facet. At the same time, these solutions need to comply with minimum disclosure rules to preserve users’ privacy. In this article, we propose and introduce a solution for privacy-preserving attribute aggregation. Our solution combines attributes from different domains using ontology alignment and makes use of locality sensitive hashing functions to preserve users’ privacy. Evaluation results obtained from conducted experiments demonstrate our solution’s advantages for both, service providers and users. While service providers can be provided with a larger set of attributes, users remain in full control of their data and can decide on which of their attributes shall be revealed. |
Databáze: | OpenAIRE |
Externí odkaz: |