INSEAD Library

Includes bibliographical references and index and glossary

Includes chapter by Thierry Nabeth "Identity of identity", p. 19-69

Digitized

The Future of Identity in the Information Challenges and Opportunities Table of Contents 1 Introduction Kai Rannenberg, Denis Royer, and Andre Deuker 1.1 Identity in a Changing World 1.1.1 One Identity or Many? Identity Unification vs. Identity Differentiation 1.1.2 Identity in Different Areas of the Information Society 1.2 The Role of FIDIS 1.3 On This Book 1.3.1 Basic Concepts 1.3.2 Identity and Advanced Technologies 1.3.3 Identity and Society 1.3.4 The Vignettes 1.3.5 The Annexes 1 2 2 3 5 6 6 7 9 10 11 VIGNETTE 1: PUTTING THE MACHINES IN CONTROL 2 Identity of Identity Thierry Nabeth 2.1 Defining the Identity Concept 2.1.1 The Multidisciplinary Challenge 2.1.2 Identity: A Concept Subject to Major Evolutions 2.1.3 Addressing the Challenges 2.1.4 Structure of This Chapter 2.2 Conceptualisation 2.2.1 Formal versus Informal Conceptualisation 2.2.2 Formal (or Explicit) Conceptualisation 2.2.3 Informal Conceptualisation with Narratives 2.2.4 Web 2.0 and Conceptualisation with Wilds, Blogs, Social Bookmarking and Other Tools 2.3 Identity of Identity Defined (Formal Conceptualisation) 2.3.1 The Concepts of Identity and Identification 2.3.2 (Self-)Identity Concepts. Some Models 2.3.3 Terminology of Identity 2.3.4 Profiles of the Person, and Overview 13 19 19 20 21 23 24 24 25 26 29 31 35 36 39 42 44 2.4 Identity Use Cases and Scenarios 2.4.1 Virtual Online Social Environments, Real Identities Issues 2.4.2 Real Life in Virtual Worlds ­ Anthropological Analysis of MMO Games 2.4.3 Enjoy a Bar in 2012 2.4.4 Tracing the Identity of a Money Launderer 2.5 Making Use of the New (Web 2.0) Participatory Tools 59 2.5.1 Web 2.0 Initiatives 2 .5 .2 Discussion 2.6 Conclusion and Outlooks References Appendix: Table of FIDIS Web 2.0 Initiatives 48 49 52 53 56 60 60 61 62 66 VIGNETTE 2: VIRTUALLY LIVING IN VIRTUAL REALITIES 3 Virtual Persons and Identities David-Olivier Jaquet-Chiffelle, Emmanuel Benoist, Rolf Haenni, Florent Wenger, and Harald Zwingelberg 3.1 Modelling New Forms of Identities 3.1.1 Partial Identities and Virtual Identities 3.1.2 The Case of Legal Persons 3.1.3 Identity and Privacy Issues 3.1.4 Unifying Model Based on Virtual Persons 3.1.5 Illustration of Our Model 3.1.6 Conclusion 3.2 Pseudonyms in the Light of Virtual Persons 3.2.1 Johnny Hallyday 3.2.2 Conclusion 3.3 Virtual Persons and the Law 3.3.1 Unborn Human Entities 3.3.2 New Challenges to Technology and Law 3.3.3 Conclusion 3.4 Trust in the Light of Virtual Persons 3.4.1 Research on Trust 3.4.2 Defining Trust 3.4.3 Trust Metrics and Trust Management Systems 3.4.4 Trust in the Light of Virtual Persons 3.4.5 Conclusion References 71 75 76 77 78 79 80 83 84 85 88 91 92 92 95 97 97 98 100 111 115 116 117 VIGNETTE 3: USE AND ABUSE OF BIOMETRIC DATA AND SOCIAL NETWORKS 4 High-Tech ID and Emerging Technologies Martin Meints and Mark Gasson 4.1 Identity Management and Identity Management Systems 4.2 Technologies and Technical Components 4.2.1 Public Key Infrastructure 4.2.2 Electronic Signatures 4.2.3 Biometrics 4.2.4 RFID 4.2.5 Credential Systems 4.3 Supporting Technologies 4.3.1 Trusted Computing 4.3.2 Protocols with Respect to Identity and Identification 4.3.3 Identity Management in Service Oriented Architectures 4.3.4 Digital Rights Management 4.4 Emerging Technologies 4.4.1 Ambient Intelligence 4.4.2 Human ICT Implants 4.5 Use Cases 4.5.1 ID Documents 4.5.2 CardSpace 4.6 Summary and Conclusions References 123 129 130 133 133 136 138 149 154 158 158 162 167 171 172 173 175 176 176 181 183 185 VIGNETTE 4: POWERING THE PROFILE: PLUGGING INTO THE MOBILE GRID 5 Mobility and Identity Denis Royer, André Deuker, and Kai Rannenberg 5.1 GSM -- How Mobile Communication Achieved Its Special Role in Identity Management 5.2 Mobile Identities -- Context Added 5.2.1 Context Extension via LBS and User Control 5.2.2 Mobile Identities in Action -- A Scenario on Emergency Response 5.3 The FIDIS Perspectives on Mobility and Identity 191 195 196 198 198 200 202 5.4 Technological Aspects 5.4.1 Management of Mobile Identities vs. Mobile Identity Management 5.4.2 Positioning Technologies and Methods 5.4.3 Accuracy of Positioning Technologies and Methods 5.4.4 Security and Privacy in Mobile Identity Management 5.5 Legal Aspects 5.5.1 Two European Directives on Data Protection 5.5.2 Location Data, Traffic Data, and Their Relation to Personal Data 5.5.3 Which Directives Apply to Which Types of Data? 5.5.4 Conclusion 5.6 Sociological Aspects 5.6.1 A Socio-technical View on Mobility and Identity 5.6.2 Price of Convenience (PoC) 5.7 Economic Aspects 5.7.1 Market Players 5.7.2 Building User Trust 5.7.3 Related Economic Theories 5.7.4 A Framework for Analysing the Economic Impacts of MIdM in Mobile Services and Applications 5.8 Requirements for Mobile Identity Management Systems 5.9 Outlook and Further Challenges and Questions References 202 203 204 211 211 215 216 217 219 220 221 221 223 225 226 227 230 233 237 238 240 VIGNETTE 5: HUMAN ENHANCEMENT, ROBOTS, AND THE FIGHT FOR HUMAN RIGHTS 6 Approaching Interoperability for Identity Management Systems James Backhouse and Ruth Halperin 6.1 Introduction 6.1.1 Why Interoperability in iDMS: Relevance and Strategic Motivation 6.1.2 Interoperable Delivery of European eGovernment Services IDABC 6.1.3 Organization of This Chapter 6.2 Interoperable Identity Management Systems: Definitions and Framework 243 245 245 245 246 247 247 6.2.1 Conceptualizing Interoperability 6.2.2 The TFI Model 6.3 Stakeholders Perspectives on Interoperable iDMS 6.3.1 Expert Requirements for Interoperability 6.3.2 Citizens Perceptions on Interoperability 6.4 Conclusion References Appendix: Experts 247 250 254 254 258 265 265 267 VIGNETTE 6: MORE CONTROL FOR THE MACHINES 7 Profiling and Aml Mireille Hildebrandt 7.1 Profiling: Definitions, Applications and Risks 7.1.1 What Is Profiling? 7.1.2 Applications of Profiling 7.1.3 Profiling, Democracy and the Rule of Law 7.2 Profiling Technologies as the Enabling Technology for AmI 7.2.1 What about Ambient Intelligence? 7.2.2 AmI and Autonomic Profiling 7.2.3 Autonomic Profiling and Autonomous Action 7.2.4 AmI, Democracy and Rule of Law 7.3 When Idem Meets Ipse: The Identity of the European Citizen 7.3.1 Privacy and Identity 7.3.2 Idem (Sameness) and Ipse (Selfhood) 7.3.3 Freedom from and Freedom to 7.4 A Vision of Ambient Law 7.4.1 AmLaw as Law 7.4.2 Why Should AmI Require Another Type of Law? 7.4.3 From Written to Digital Law in Constitutional Democracy 7.4.4 Legal and Technological PETs and TETs 7.5 Conclusions References 269 273 275 275 278 283 286 286 287 288 290 292 292 293 294 295 296 296 300 302 305 307 VIGNETTE 7: THE ROLE OF FORENSICS IN IDENTITY 8 Identity-Related Crime and Forensics Bert-Jaap Koops and Zeno Geradts 8.1 Introduction 8.2 Identity-Related Crime 8.2.1 The FIDIS Taxonomy of Identity-Related Crime 8.2.2 Aspects of Identity-Related Crime 8.3 Forensic Implications 8.3.1 Forensic Aspects 8.3.2 Example 1: Mobile Networks 8.3.3 Example 2: Biometric Devices 8.3.4 Conclusion 8.4 Forensic Profiling 8.4.1 Introduction 8.4.2 Definition of Forensic Profiling 8.4.3 Linkage Blindness and Limits of Profiling 8.4.4 Data Available 8.4.5 Structuring Evidence and Profiling 8.4.6 Forensic Profiling in an Investigative Perspective 8.4.7 Illicit Drug Profiling 8.4.8 Legal Aspects 8.5 Conclusion Reference VIGNETTE 8: DATING 311 315 315 316 316 322 329 329 331 331 332 333 333 334 334 336 337 337 341 342 344 345 349 351 351 353 354 357 359 359 360 362 362 365 372 9 Privacy and Identity Maike Gilliot, Vashek Matyas, and Sven Wohlgemuth 9.1 Introduction 9.2 Privacy Aware Concepts for ID Numbers 9.2.1 Legal Aspects 9.2.2 Sociological Aspects 9.2.3 Technical Aspects 9.2.4 European Approaches 9.2.5 Conclusions 9.3 Privacy Primitives and Applications 9.3.1 Privacy Primitives 9.3.2 Application Privacy 9.3.3 Summary 9.4 Privacy with Delegation of Personal Data 9.4.1 The One-Sided Trust Model in CRM 9.4.2 Delegation of Rights in CRM 9.4.3 Security Systems and Delegation of Rights 9.4.4 DREISAM: Protocols for Delegation of Rights 9.4.5 Proof-of-Concept Implementation of DREISAM for CRM 9.4.6 Properties of DREISAM 9.4.7 Conclusion 9.5 Towards Transparency References 372 373 374 376 378 381 383 385 385 386 10 Open Challenges -- Towards the (Not So Distant) Future of Identity Kai Rannenberg and Denis Royer 10.1 Identity Reference Architectures 10.1.1 What Is to Be Done? 10.1.2 How Can It Be Done? 10.1.3 What Needs to Be Considered? 10.2 Identity Management and Privacy 10.2.1 What Is to Be Done? 10.2.2 How Can It Be Done? 10.2.3 What Needs to Be Considered? 10.3 Identity Management and Multilateral Security 10.3.1 What Is to Be Done? 10.3.2 How Can It Be Done? 10.3.3 What Needs to Be Considered? 10.4 Identity in the Internet of Things 10.4.1 What Needs to Be Done? 10.4.2 How Can It Be Done? 10.4.3 What Needs to Be Considered? 391 391 392 392 393 393 393 395 396 396 397 397 397 398 398 398 398 Appendix A. List of Deliverables A.1 Communication Infrastructure (WPI) A.2 Taxonomy: Identity of Identity (WP2) A.3 HighTechID: Technologies to Support Identity and Identification (WP3) A.4 Interoperability of Identity and Identification Concepts (WP4) A.5 ID-Theft, Privacy and Security (WP5) 401 401 402 404 409 414 A.6 Forensic Implications (WP6) A.7 Profiling (WP7) A.8 Integration of the NoE (WP8) A.9 Mobility and Identity (WP 11) A.10 Emerging Technologies (WP12) A.11 Privacy Fundamentals (WP13) A.12 Privacy in Business Processes (WP14) A.13 eGovernment (WP16) A.14 Abstract Persons (WP17) 417 418 422 423 425 427 430 432 432 Appendix B. Contributors Appendix C. FIDIS Consortium Appendix D. Proposal for a Common Identity Framework: A User-Centric Identity Metasystem Kim Cameron, Reinhard Posch, and Kai Rannenberg D.1 Introduction D.2 Terminology D.3 Scope D.4 Metasystem Requirements in the Light of Multilateral Security D.5 Abstract Model of the Identity Metasystem D.6 Enabling Technologies D.7 Administration D.8 Standardisation 435 457 477 477 477 480 480 485 495 498 499 Glossary 501