1 / 26

PrimeLife Project Overview & Policies

1 st NESSI Project Summit April 12-13, 2010. PrimeLife Project Overview & Policies. A research project funded by the European Commission’s 7 th Framework Programme. Project Overview. Providing Privacy throughout Life : Prime Life ! Making Privacy Real: Prime Live !

griffin-le
Télécharger la présentation

PrimeLife Project Overview & Policies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 1st NESSI Project SummitApril 12-13, 2010 PrimeLife Project Overview & Policies A research project funded by the European Commission’s7th Framework Programme <Footer>

  2. Project Overview

  3. Providing Privacy throughout Life: PrimeLife! Making Privacy Real: PrimeLive! Advancing the State-of-the-Art in Privacy and Identity Management … building up on results and expertise of PRIME EC-Funding:~€10 Million in FP7 from March 2008 to Feb 2011 15 Partners from Enterprise, Academia and Government Some Facts on PrimeLife

  4. Vision: Privacy, Trust and ID Management In the Information Society, users can act and interact in a safe and secure way while retaining control of their private spheres.

  5. What's the Problem?

  6. “Neil Armstrong’s Footsteps are still there”(Robin Wilton, Sun Microsystems) Photo:cc-nc-by jahdakine

  7. Computers don’t forget • Storage becomes ever cheaper • Data mining ever better

  8. People

  9. People Who Like to Talk

  10. People Who Like to Talk • Distributing information is easier • Controlling it much harder • Establish trust and security even harder

  11. PrimeLife’s Objectives • Bringing Sustainable Privacy and Identity Management to Future Networks and Services • Fundamentally understanding privacy-enhancing identity management ‘for life’ • Bringing Privacy to the future web • Develop and make tools for privacy friendly identity management widely available – privacy live!

  12. Activity 2: Mechanisms Activity 1: Privacy in Life Requirements, Evaluation Scenarios, Evaluation Activity 5: Policies Research, Prototypes Activity 4: Usability Requirements, Evaluation Technology Open Source, Dissemination Requirements, Evaluation Activity 6: Infrastructures Activity 3: Privacy Live Research, Prototypes Activity 7: Management PrimeLife’s 7 Activities

  13. Policies

  14. Scenario Personal Data (PD) Non-certified Certified: cards Resources Non-personal content, services,… Collected personal data Data Controller Data Subject request resource request personal data personal data resource requestpersonal data requestcard personal data card DownstreamData Controller Issuer

  15. PolicyEngine PolicyEngine Structure of PrimeLife Policy Language (PPL) Personal Data (PD) Non-certified Certified: cards Resources Non-personal content, services,… Collected personal data Data Controller Data Subject request resource request personal data personal data resource Specific Policy: over specific personal data (e.g. birth date) • Access control policy (ACP): who can access (e.g. PrivacySeal silver) • Data handling preferences (DHPrefs): how is to be treated when revealed • Authorizations (e.g. marketing purposes, forwarded to PrivacySeal gold) • Obligations (e.g. delete after 2y) Generic Preferences: DHPrefs over implicitly revealed personal data(e.g. IP address, cookies,…) • Authorizations (e.g. admin purposes) • Obligations (e.g. delete after 2y) Specific Policy: over specific resource (e.g. BuyService) • Access control policy (ACP): who can access • cards to possess (e.g. ID card) • personal data to reveal (e.g. nationality) • conditions to satisfy (e.g. age>18) • Data handling policy (DHP): how revealed personal data will be treated • Authorizations (e.g. marketing purposes) • Obligations (e.g. delete after 1y) Generic Policy: DHP over implicitly revealed personal data(e.g. IP address, cookies,…) • Authorizations (e.g. admin purposes) • Obligations (e.g. delete after 1y) SAML XACML

  16. Card-based access control • Card contains • list of attribute-value pairs • pre-evidence: technology-specific meta-data to • protect attribute integrity • prove card ownership • Card issuer vouches for attributes wrt owner (identity/authority) • Hierarchy of card types: define attributes contained • Policy: requirements on owned cards own p::Passport issued-by admin.ch; c::Creditcard issued-by visa.comreveal c.numberwhere p.name = c.name ^ p.bdate < today-18Y • Authentication = claim over owned cards + evidence, e.g., • Instantiating technologies include X.509, SAML, CardSpace, OpenID, Kerberos, trusted LDAP, Identity Mixer, U-Prove,…

  17. Features Access control requirements language supporting • Privacy preservation • for user: minimal claim to be disclosed (selectively) reveal attribute ↔ predicate satisfied • Privacy aware matching: Bloom filters approach • Multi-card claims but prevent “card mixing” through reference pointer to individual cards • Technology independence but supporting advanced features, esp. anonymous credentials

  18. Authorizations and obligations • General principle: provide • wrapper for user-extensible vocabularies • basic pre-defined vocabulary • Authorizations • “use for purpose” • user-extensible ontology of purposes, • basic pre-defined ontology available • “forward under policy” = downstream access control • Obligations • general structure: do action when trigger (from start to end) • pre-defined actions: • delete data • anonymize data • notify data subject • write to (secure) log • pre-defined triggers: • at time, periodic • data access, data deletion • data loss, obligation violation • aliens landing on earth

  19. Infrastructure

  20. Problem Statement – Issues: • Purpose Specification • Disclosure Limitation • Obligations • Identify Recipients • Policy Management Data Provider Data Consumer • Collection Limitation • Retention Period • Rules This is a data-centric viewpoint, i.e. deals with the handling of data. It is different from service providers and consumers.

  21. ECV PORTAL – Overview: Claim Issuer USER ECV PORTAL Head Hunter THE ECV Scenario

  22. ECV Portal: Head Hunter USER MATCH Claim Issuer eCV Jobs

  23. Claim Issuing: Send Request Requests a Claim CLAIM ISSUER USER ECV PORTAL + Policy Claim

  24. Standardization A research project funded by the European Commission’s7th Framework Programme <Footer>

  25. W3C Workshop on Access Control Application Scenarios • Goal: Push results on Access Control into Standardization • Coordination with PRIMCluster successful • Over 20 Participants from Projects and Industry from US and EU • Chaired by Hal Lockhart, Chair of TC XACML in OASIS (Oracle) • In cooperation with W3C PLING

  26. Workshop results • Report published suggesting: • Submission of changes to the core Specs for XACML 3.X • Attributes should be submitted as a profile • No resolution for: • Data handling • XACML Internet integration • Multiple Decision points and policy integration

More Related