Sciweavers

IADIS
2004

Authorization of User Profile Access in Identity Management

14 years 1 months ago
Authorization of User Profile Access in Identity Management
Distributed management of user profiles and identities allow reuse of profile information for different personalization services but also raises privacy issues. Users need a possibility to control access to their personal information in a sophisticated, yet flexible way. Our approach divides the authorization of user profile access into two phases: first a negotiation of access rights based on privacy policies and preferences, and second the actual access of profile information. The core of the proposed solution is a so-called Access Ticket, which specifies the access rights of a particular service to parts of a user profile. The approach combines access control mechanisms and privacy enhancing technologies, in addition with new concepts such as identity levels. KEYWORDS authorization, user profile, identity management, access control, privacy.
Wolfgang Woerndl
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2004
Where IADIS
Authors Wolfgang Woerndl
Comments (0)