Kontextbasierter Privatsphärenschutz zum Arrangieren der beruflichen und privaten Identität Ein Ergebnisbericht des PICOS Projekts SECMGT Digitale Identitäten / Identitätsmanagement 2012-06-15 Frankfurt Stephan Heim Deutsche Telekom Chair of Mobile Business & Multilateral Security Goethe University Frankfurt, Germany www.m-chair.net
Agenda Mobile Communities as a workplace trend Privacy & Identity Management in Communities Privacy & Identity Management for Community Services (PICOS) Implemented privacy: PICOS prototype Gamer App Sub-Communities and Private Site Blurring and Privacy Advisor Partial Identities and Privacy Policies Communities of gamers and knowledge workers Conclusion and Outlook 2
Mobile Communities as a trend The favorite activity of 50% of the mobile surfers is: Social Networks! Source: bit.ly/some_nutzerzahlen_2012
Workplace trends The workplace of the future will be characterised by the Open Innovation concept. Everybody talks to everybody. The boundaries of the enterprise become blurred. The enterprise community trend is a major workplace trend: Innovation processes are supported by communities. Communities have an important share in the diffusion of innovation. Rising enterprise use of social tools 4
Social is relevant also for enterprises... 5
Mobile Communities User behaviour at work (places) is changing: Ubiquitous access to community tools at the workplace during leisure time Information & content sharing Blurring between private life and job Significant importance of privacy & identity management in (mobile) communities 6
Mobile Communities Mobile Communities will make today s professional and private life more dynamic Mobile Communities reach across professional and private areas, provoking privacy conflicts Mobile Communities utilizing Social Media technologies require the implementation of privacy functions Employees must be supported in handling sensible company and private data in Social Media 7
Privacy & Identity Management for Community Services www.picos-project.eu 8
Privacy & Identity Management for Community Services (PICOS) Research on mobile communities How to improve trust and privacy in such communities? A set of interdisciplinary requirements for trustworthy, privacy-friendly community transactions Development of concepts to address the identified requirements 9
Motivation On-line social communities (e.g. Facebook, LinkedIn) used ever more Sharing of personal information (e.g. interests, pictures, places, etc.) Mobile community services Allow to participate in the community any time, any place (e.g. Facebook Places, MySpace) Make use of context information (e.g. location, time) Enable a deeper integration of people s virtual (mobile) and real world communities (e.g. Loopt, Foursquare, Junaio, Aka-Aki, match2blue) To finance such community services the infrastructure needs to be open for marketing activities of advertisers. New approach to privacy and identity management in community services needed To meet stakeholders different needs (e.g. users need to control data flows) Driven by users, applications, and examples 10
Approach A new approach to privacy and identity management for mobile communities Driven by users, applications, and examples Major Steps: Analysis of related contemporary research Gathering of requirements from exemplary mobile communities Designing of a community platform architecture including concepts to address the gathered requirements Implementing the architecture and concepts prototypically in a community platform and community applications Testing/evaluating of concepts in user trials 11
Privacy & Identity Management for Community Services (PICOS) Demonstrate the provision of state-of-the-art privacy and trust technology to community applications Develop application prototypes to demonstrate the use of PICOS concepts in practice Exemplary Communities: Anglers Online Gamers Taxi Drivers 12
The Angler Community Prototype Prototypical implementation for trials Advanced privacy and identity management features optimized for mobile communities Partial Identities Blurring Sub-Communities Private Rooms Privacy Policies Privacy Advisor Implementing Privacy: PICOS prototype AnglerApp 13
Implementing Privacy: 2nd PICOS prototype GamerApp The Gamer Community Prototype Prototypical implementation New and enhanced user-centric concepts for mobile communities (e.g. Private Site, My Files, Policy Manager) Advanced privacy and identity management features Partial Identities Blurring Private Site Sub-Communities My Files Policy Manager Privacy Advisor... 14
Sub-Communities Smaller communities of like-minded users (e.g. group of gamers organised in a clan, knowledge exchange on game dynamics) Allow topic related exchange of content May be private or public Private Sub-Communities are only accessible for a limited group of users 15
Invisible in previous defined areas PICOS Features Private Site User can set private site on the map to hide one s own position, without being completely invisible to others to allow only selected people to view the current position within a previous defined area Users specify which other users are able to see their position 16
Communities of gamers and knowledge workers Community concepts Sub-Community Private Site Gamer Community Enterprise Group of gamers (e.g. Clan or Gilde ) Project-specific or department-specific sub-communities Make yourself visible / invisible to your Clan members when you enter a certain zone Manage your visibility during private and work hours 17
Blurring of location data Location is obfuscated on a map to hide one s own (exact) position, without being completely invisible to others allow only selected people to view the exact position Users specify whether other users are able to see their exact position or blurred position Different levels of blurring to control degree of obfuscation (e.g., 1, 2, or 5 km) Blurring 18
Provides privacy related guidance to users e.g. regarding sharing of location info or publishing of sensitive personal data Context sensitive Privacy Advisor provides hints in situations when personal information of users is involved (e.g. profile editing) Aims to help users managing their privacy to create awareness of privacy related aspects within mobile communities 19
Communities of gamers and knowledge workers Community concepts Blurring Privacy Advisor Gamer Community Blurring of location data Provides privacy related guidance to users (e.g. location info) Enterprise Blurring of department affiliation Guidance on disclosure/sharing of company-related information 20
Partial Identities Different Partial Identities for different usage contexts e.g. for usage in different sub-communities to reflect various roles of users Limited set of personal information disclosed for each Partial Identity 21
Enables users to selectively define Policies in order to control who is allowed to see certain personal information User can determine which information is available to other users in a defined situation Different types of Policies Policies can be defined for users presence, location, and profile attributes Privacy Policies 22
Communities of gamers and knowledge workers Community concepts Partial Identities Privacy Policies Gamer Community Enterprise Allows the gamer to separate different usage contexts (e.g. ranking or fun account) Enable creative processes not affected by organisational hierarchy Enables the gamer to control the availability of personal information (e.g. presence, location) to other players Allow the user to manage access rights, visibility of personal information or delegation 23
Privacy in mobile communities is possible if: Conclusion Stakeholders are considered Adequate tools for privacy and identity management are provided Awareness for privacy related aspects is increased User driven perspective in PICOS turned out to be a reasonable approach Combination of new and established concepts provides enhancements: E.g. Partial Identities, as a form of identity management combined with Access Control (Sub-Communities) E.g. Blurring combined with Privacy Policies 24
Mobile Communities will make today s professional and private life more dynamic Mobile Communities reach across professional and private areas, provoking privacy conflicts Mobile Communities utilizing Social Media technologies require the implementation of privacy functions Employees must be supported in handling sensible company and private data in Social Media Stephan Heim Deutsche Telekom Chair of Mobile Business & Multilateral Security Goethe University Frankfurt, Germany www.m-chair.net Conclusions & Outlook 25
References Kim Cameron: Role of identifiers in location architecture; Presentation at Location-based Services and Privacy Assurance (LSPA) Workshop, University of Luxembourg, 2011-02-04 Ann Cavoukian: Privacy by Design Take the Challenge; www.privacybydesign.ca FIDIS: Future of Identity in the Information Society; www.fidis.net Stefan Figge, Gregor Schrott, Jan Muntermann, Kai Rannenberg: EARNING M-ONEY - A Situation based Approach for Mobile Business Models; Forthcoming in: Proceedings of the 11th European Conference on Information Systems (ECIS) 2003; June 19-21, 2003, Naples, Italy ISO/IEC JTC 1/SC 27/WG 5: Identity Management and Privacy Technologies; www.jtc1sc27.din.de Kahl, Christian; Boettcher, Katja; Tschersich, Markus; Heim, Stephan; Rannenberg, Kai (2010): How to enhance Privacy and Identity Management for Mobile Communities: Approach and User driven Concepts of the PICOS Project, In: Proceedings of 25th IFIP International Information Security Conference Security & Privacy Silver Linings in the Cloud (IFIP SEC 2010) Springer, 20-23 September 2010, Brisbane, Australia, ISBN: 978-3642152566 PICOS: Privacy and Identity Management for Community Services; www.picos-project.eu PRIME: Privacy and Identity Management for Europe; www.prime-project.eu PrimeLife: Privacy and Identity Management for Life; www.primelife.eu Kai Rannenberg: Multilateral Security A concept and examples for balanced security; Pp. 151-162 in: Proceedings of the 9th ACM New Security Paradigms Workshop 2000, September 19-21, 2000 Cork, Ireland; ACM Press; ISBN 1-58113-260-3 Kai Rannenberg: CamWebSim and Friends: Steps towards Personal Security Assistants; Pp. 173-176 in Viktor Seige et al.: The Trends and Challenges of Modern Financial Services Proceedings of the Information Security Summit; May 29-30, 2002, Prague; Tate International; ISBN 80-902858-5-6 Kai Rannenberg: Identity management in mobile cellular networks and related applications; Information Security Technical Report; Vol. 9, No. 1; 2004; pp. 77 85; ISSN 1363-4127 Kai Rannenberg: Contribution to the European Commission Consultation on the legal framework for the fundamental right to protection of personal data; 2009-12-31; http://ec.europa.eu/justice_home/news/consulting_public/news_consulting_0003_en.htm Thomas Rössler: Privacy considerations for the W3C geolocation API; Presentation at Location-based Services and Privacy Assurance (LSPA) Workshop, University of Luxembourg, 2011-02-04 T-Mobile Chair for Mobile Business & Multilateral Security; www.m-chair.net Wall Street Journal: What they know mobile; http://blogs.wsj.com/wtk-mobile; accessed 2011-02-06 Jan Zibuschka, Lothar Fritsch, Mike Radmacher, Tobias Scherner, Kai Rannenberg: Enabling Privacy of Real-Life LBS: A Platform for Flexible Mobile Service Provisioning; in Proceedings of the 22nd IFIP TC-11 International Information Security Conference 2007; 14-16 May 2007, Sandton, South Africa; Springer IFIP Series Jan Zibuschka, Mike Radmacher, Tobias Scherner, Kai Rannenberg: Empowering LBS Users: Technical, Legal and Economic Aspects; in: Proceedings of the echallenges conference 2007; The Hague, The Netherlands 26