Protecting the identity of an individual is a shared responsibility between the individual, the organizations with whom the individual will be transacting during her life time, and the state of which the individual is a legal resident. Identity theft occurs when someone uses an individual’s personal information without the knowledge of the individual to commit a crime, such as fraud or theft. Of late identity theft has become one of the fastest growing crimes, not only in western countries but also in developing countries where internet dominates business, financial transactions of big organizations, and social activities of individuals. In this paper we discuss a context based enforcement of authorization to protect the privacy of individuals and secure information about them stored in large identity management systems.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
E. Bertino, E. Ferrari, V. Atluri, “A Flexible Model for the Specification and Enforcement of Role-Based Authorizations in Workflow Management Systems,” In Proceedings of the 2nd ACM Workshop on Role-Based Access Control (RBAC-97), ACM Press, New York, 1997, pp. 6-7.
S. Claußand M. Köhntopp. Identity management and its support of multilateral security. Computer Networks, 37 (2001), 205-219.
N. Damianou, N. Dulay, E. Lupu, and M. Solomon. The Ponder Policy Specification Lan-guage. Proceedings Policy 2001: Workshop on Policies for Distributed Systems and Net-works, Bristol, UK, 29-31, Jan. 2001.
J. DeTreville. Binder, a logic-based security language. Proceedings of the 2002 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, May 2002, 105-113.
R. Ortalo. A Flexible Method for Information System Security Policy Specification. Proceedings of 5th European Symposium on Research in Computer Security, 1998. Louvain-la-Neuve, Belgium, Springer-Verlag.
J. Rumbaugh, et al: The Unified Modeling Language Reference Manual, Addison-Wesley.
Kaiyu Wan, Vasu Alagar. Security Contexts in Autonomic Computing Systems. In Proceedings of Proceedings of 2006 International Conference on Computational Intelligence and Security (CIS2006), November 03-06, 2006, Guangzhou, PRC, page 1523-1527. (also to appear in Lecture Notes in Artificial Intelligence)
Fighting Back Against Identity Theft-U.S. Federal Trade Commission. www.ftc.gov/bcp/edu/microsites/idtheft/
Identity Theft: What is it and What you can do about it?, Office of the Privacy Commissioner of Canada, www.privcom.gc.ca/fs-fi/02_05_d_10_e.asp/
EuropeanConference”Maintainingtheintegrityofidentitiesandpayments:Twochallengesforfraudprevention”. ec.europa.eu/justice home/news/information dossiers/conference integrity/index en.htm/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 International Federation for Information Processing
About this paper
Cite this paper
Vasu Alaga, Kaiyu Wan (2008). Context Based Enforcement of Authorization for Privacy and Security in Identity Management. In: de Leeuw, E., Fischer-Hübner, S., Tseng, J., Borking, J. (eds) Policies and Research in Identity Management. The International Federation for Information Processing, vol 261. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-77996-6_3
Download citation
DOI: https://doi.org/10.1007/978-0-387-77996-6_3
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-77995-9
Online ISBN: 978-0-387-77996-6
eBook Packages: Computer ScienceComputer Science (R0)