Home // ICSNC 2013, The Eighth International Conference on Systems and Networks Communications // View article

A Privacy-Enhanced User-Centric Identity and Access Management Based on Notary

Authors:
Hendri Nogueira
Rick Lopes de Souza
Ricardo Felipe Custódio

Keywords: User-centric; Identity Management; Notary; Attributes; Privacy-Enhancing; IBC

Abstract:
Identity and Access Management (IAM) systems aim to control of users' attributes for authentication, authorization and accountability processes. Public Key Certificates (PKCs), like the X.509 standard, use asymmetric key pairs to support digital signatures, authentication processes and to increase the trust in the communication. Nevertheless, the PKC does not concern itself with the management of users' attributes and their privacy to be used as an IAM system. We present a privacy-enhanced identity and access management architecture, addressing the user's management of his attributes and the privacy. With the user-centric paradigm and through the use of Identity-Based Cryptography (IBC), the model architecture is composed by a user-centric public key infrastructure. The asymmetric key pair enables the user to determine the control and the anonymity of his own attributes and the Notarial Authority validates the attributes claimed by the user. Our model aims for total control for the user in authentication and authorization procedures. Users can decide which attributes they want to disclose and which identity to use (e.g., real identity, pseudonym, anonymity).

Pages: 159 to 164

Copyright: Copyright (c) IARIA, 2013

Publication date: October 27, 2013

Published in: conference

ISSN: 2163-9027

ISBN: 978-1-61208-305-6

Location: Venice, Italy

Dates: from October 27, 2013 to October 31, 2013