A Practical Approach to Identity on Digital Ecosystems Using Claim Verification and Trust

Central to the ethos of digital ecosystems (DEs) is that DEs should be distributed and have no central points of failure or control. This essentially mandates a decentralised system, which poses significant challenges for identity. Identity in decentralised environments must be treated very differently to identity in traditional environments, where centralised naming, authentication and authorisation can be assumed, and where identifiers can be considered global and absolute. In the absence of such guarantees we have expanded on the OPAALS identity model to produce a general implementation for the OPAALS DE that uses a combination of identity claim verification protocols and trust to give assurances in place of centralised servers. We outline how the components of this implementation function and give an illustrated workflow of how identity issues are solved on the OPAALS DE in practice.

[1]  Audun Jøsang,et al.  Semantic Constraints for Trust Transitivity , 2005, APCCM.

[2]  Hector Garcia-Molina,et al.  Taxonomy of trust: Categorizing P2P reputation systems , 2006, Comput. Networks.

[3]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[4]  K. Cameron,et al.  The Laws of Identity , 2005 .

[5]  Audun Jøsang,et al.  A survey of trust and reputation systems for online service provision , 2007, Decis. Support Syst..

[6]  Paul Mitchell,et al.  Bio-Inspired Models of Network, Information, and Computing Systems , 2012, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.

[7]  Sabrina De Capitani di Vimercati,et al.  Managing Multiple and Dependable Identities , 2003, IEEE Internet Comput..

[8]  Marit Hansen,et al.  Privacy-enhancing identity management , 2004, Inf. Secur. Tech. Rep..

[9]  Joni da Silva Fraga,et al.  Evaluation of P2P Search Algorithms for Discovering Trust Paths , 2007, EPEW.

[10]  Audun Jøsang,et al.  Trust and Reputation Systems , 2007, FOSAD.

[11]  Hristo Koshutanski,et al.  Distributed Identity Management Model for Digital Ecosystems , 2007, The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007).

[12]  A. Pfitzmann,et al.  Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management – A Consolidated Proposal for Terminology , 2002 .

[13]  Jimmy McGibney,et al.  Distributed Dynamic Protection of Services on Ad Hoc and Peer to Peer Networks , 2007, IPOM.

[14]  Audun Jøsang,et al.  Trust Requirements in Identity Management , 2005, ACSW.

[15]  Daniel J. Weitzner Whose Name Is It, Anyway? Decentralized Identity Systems on the Web , 2007, IEEE Internet Computing.

[16]  Uwe Glässer,et al.  Identity management architecture , 2008, 2008 IEEE International Conference on Intelligence and Security Informatics.

[17]  Jordi Sabater-Mir,et al.  Review on Computational Trust and Reputation Models , 2005, Artificial Intelligence Review.

[18]  Audun Jøsang,et al.  Trust network analysis with subjective logic , 2006, ACSC.

[19]  F. Nachira Towards a Network of Digital Business Ecosystems Fostering the Local Development , 2002 .

[20]  Brendan Jennings,et al.  A Model for identity in digital ecosystems , 2009, 2009 3rd IEEE International Conference on Digital Ecosystems and Technologies.

[21]  A. Jøsang,et al.  User Centric Identity Management , 2005 .

[22]  Eve Maler,et al.  The Venn of Identity: Options and Issues in Federated Identity Management , 2008, IEEE Security & Privacy.

[23]  Gerard Briscoe,et al.  Digital Ecosystems , 2009, ArXiv.

[24]  James Backhouse,et al.  A roadmap for research on identity in the information society , 2008 .

[25]  L. Telesca,et al.  A peer-to-peer multidimensional trust model for digital ecosystems , 2008, 2008 2nd IEEE International Conference on Digital Ecosystems and Technologies.

[26]  Gerard Briscoe,et al.  Digital Ecosystems: Evolving Service-Orientated Architectures , 2006, 2006 1st Bio-Inspired Models of Network, Information and Computing Systems.

[27]  Jean-Marc Seigneur,et al.  A Survey of User-centric Identity Management Technologies , 2007, The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007).