Anonymous, Liberal, User-Centric Anonymous, Liberal, User-Centric Electronic Identity Electronic Identity ––

New Systematic Design of e-ID New Systematic Design of e-ID InfrastructureInfrastructure

Libor NeumannLibor NeumannAANECT a.s.NECT a.s.

www.oasis-open.org

Motivation Big ideas, current needs

Single European Information Space Pan-European e-gov services E-Government 2.0

Current challenges Lack of interoperability Underestimated privacy threats Unaccepted complexity by the end-user Lack of personification

E-ID (authentication) is key enabler

New e-ID design

Searching of e-ID solution Systematic analysis Design from scratch

System design methodology was used New way of thinking about e-ID New principles, new methods

ALUCID® - Anonymous, Liberal, and User-Centric electronic IDentity

Anonymous identity Anonymous identity – Nonsense?

Real life examples of anonymous identity Dog and its master Mother and her baby Program variable in virtual memory

ALUCID® separates distinguishing between subjects from naming of subjects (claims)

Identifiers and credentials are very large random (or pseudorandom) numbers with limited validity in time.

Names (claims) can be protected application data

Open Standard Interfaces

Local Communication Channel

Logical Communication

Remote Communication

Channel

Internet

Near Area Communication

Open Standard Interfaces

Communication

Program

ALUCID® technology

subjects

User

Service Provider

SecureStableLink

N a m e S u rn a m eR e g is te r

in d e x

Jo h n D o e 1 7 2 5 8 4D o n a ld D u c k 5 8 9 2 4 1H e rry P o t te r 2 5 9 8 6 3… … …

U s e r D a ta b a s e

Personal Electronic Identity Gadget

ALUCID® Identity

Machine

XML

XML

WS: XML+http

Missing entities No login names, no passwords. No forgotten

password, no phished password, … No user certificate. No recertification, no extra

charges, no names on the network,… No identity provider. No user communication

with an identity provider, no personal information managed by third party, …

No government-issued identity. No “numbering” of citizens, no misuse of state-issued identifiers,…

No biometric data without access control. No cloned biometric data from e-ID use, no remote verification of biometric data origin,...

End-user Extremely simple use – have a PEIG® (Personal

Electronic Identity Gadget) and activate/deactivate it.

User freedoms: Selecting a product, producer, form, size, features,… Selecting an activation method No obligation to use that PEIG Possibility to use more than one PEIG Possibility to change his/her mind in future

Direct access to personified services Service provider takes care of his/her security Virtually private Internet (“My Internet”) Universal use of PEIG

End-user point of view

Service Provider A

PEIG®

UserService

Provider B

Service Provider C

End-User scenario The user scenario should be:

The user selects a PEIG®. It is sold empty. The user teaches his or her PEIG to recognize him

or her when activated. The user connects the first time to the service

provider and uses the activated PEIG. The user can (but need not) give his or her personal

data to the service provider The user will be able to open his or her personified

service directly if he or she activates his or her PEIG. The same procedure can be used with any other

service provider supporting ALUCID®.

Prototype demo

Thank you for your attention Libor.Neumann@anect.com