myIdP - The Personal Attribute Hub: Prototype and Quality of Claims

Laube, Annett; Hauser, Severin

Home // International Journal On Advances in Intelligent Systems, volume 7, numbers 1 and 2, 2014 // View article

myIdP - The Personal Attribute Hub: Prototype and Quality of Claims

Authors:
Annett Laube
Severin Hauser

Keywords: electronic identity, SuisseID, attribute authority, e-form, quality assessment

Abstract:
The myIdP service is an extension to the Swiss eID infrastructure with the aim to provide a service that handles personal attributes (like address, telephone number, email), which are neither part of the SuisseID identity providers nor of a Claim Assertion Service (CAS), because there is no official authority owning and certifying these data. The myIdP service is a CAS that can reuse data which a user has already given to an application via an Internet transaction. The data is thus validated by the web application before being transferred - as Security Assertion Markup Language (SAML) 2.0 attribute assertion - to the myIdP service. The myIdP service comes in two flavors with different trust relations: the attribute provider and the claim proxy. The attribute provider unites several claims for a given attribute and provides an optional quality assessment before sending it to a requesting web application. A trust relationship must consist between myIdP and the web application. The claim proxy only collects the received claims for a given attribute and transfers them with all details to the requesting application. The application can evaluate the confidence in the data based on the claim details. The model to assess the quality and trustworthiness of the data is based mainly on three factors: freshness of information, quality of the attribute issuer and recurrence of information. The myIdP service is evaluated in a scenario of prefilling e-forms in an eGovernment application.

Pages: 1 to 10

Publication date: June 30, 2014

Published in: journal

ISSN: 1942-2679