%0 Conference Paper %1 CamGroSo_2006 %A Bhargav-Spantzel, Abhilasha %A Camenisch, Jan %A Gross, Thomas %A Sommer, Dieter %B DIM '06: Proceedings of the second ACM workshop on Digital identity management %C New York, NY, USA %D 2006 %I ACM %K delegation identity_management privacy security taxonomy user_centric user_centriciy %P 1-10 %R http://doi.acm.org/10.1145/1179529.1179531 %T User Centricity: A Taxonomy and Open Issues %U http://portal.acm.org/citation.cfm?id=1179529.1179531 %X User centricity is a significant concept in federated identity management (FIM), as it provides for stronger user control and privacy. However, several notions of user-centricity in the FIM community render its semantics unclear and hamper future research in this area. Therefore, we consider user-centricity abstractly and establish a comprehensive taxonomy encompassing user-control, architecture, and usability aspects of user-centric FIM. On the systems layer, we discuss user-centric FIM systems and classify them into two predominant variants with significant feature sets. We distinguish credential-focused systems, which advocate offline identity providers and long-term credentials at a user's client, and relationship-focused systems, which rely on the relationships between users and online identity providers that create short-term credentials during transactions. Note that these two notions of credentials are quite different. The further one encompasses cryptographic credentials as defined by Lysyanskaya et al. 30, the latter one federation tokens as used in today's FIM protocols like Liberty.We raise the question where user-centric FIM systems may go--within the limitations of the user-centricity paradigm as well as beyond them. Firstly, we investigate the existence of a universal user-centric FIM system that can achieve a superset of security and privacy properties as well as the characteristic features of both pre-dominant classes. Secondly, we explore the feasibility of reaching beyond user-centricity, that is, allowing a user of a user-centric FIM system to again give away user-control by means of an explicit act of delegation. We do neither claim a solution for universal user-centric systems nor for the extension beyond the boundaries ventures by leveraging the properties of a credential-focused FIM system. %@ 1-59593-547-9

@inproceedings{CamGroSo_2006, abstract = {User centricity is a significant concept in federated identity management (FIM), as it provides for stronger user control and privacy. However, several notions of user-centricity in the FIM community render its semantics unclear and hamper future research in this area. Therefore, we consider user-centricity abstractly and establish a comprehensive taxonomy encompassing user-control, architecture, and usability aspects of user-centric FIM. On the systems layer, we discuss user-centric FIM systems and classify them into two predominant variants with significant feature sets. We distinguish credential-focused systems, which advocate offline identity providers and long-term credentials at a user's client, and relationship-focused systems, which rely on the relationships between users and online identity providers that create short-term credentials during transactions. Note that these two notions of credentials are quite different. The further one encompasses cryptographic credentials as defined by Lysyanskaya et al. [30], the latter one federation tokens as used in today's FIM protocols like Liberty.We raise the question where user-centric FIM systems may go--within the limitations of the user-centricity paradigm as well as beyond them. Firstly, we investigate the existence of a universal user-centric FIM system that can achieve a superset of security and privacy properties as well as the characteristic features of both pre-dominant classes. Secondly, we explore the feasibility of reaching beyond user-centricity, that is, allowing a user of a user-centric FIM system to again give away user-control by means of an explicit act of delegation. We do neither claim a solution for universal user-centric systems nor for the extension beyond the boundaries ventures by leveraging the properties of a credential-focused FIM system.}, added-at = {2008-06-18T15:13:52.000+0200}, address = {New York, NY, USA}, author = {Bhargav-Spantzel, Abhilasha and Camenisch, Jan and Gross, Thomas and Sommer, Dieter}, biburl = {https://www.bibsonomy.org/bibtex/23a17b08f3a1d86ee64ecf78394cd7802/dawinci}, booktitle = {DIM '06: Proceedings of the second ACM workshop on Digital identity management}, doi = {http://doi.acm.org/10.1145/1179529.1179531}, interhash = {8b0ea0c97bb4ae07a783241f1933a334}, intrahash = {3a17b08f3a1d86ee64ecf78394cd7802}, isbn = {1-59593-547-9}, keywords = {delegation identity_management privacy security taxonomy user_centric user_centriciy}, location = {Alexandria, Virginia, USA}, pages = {1-10}, publisher = {ACM}, timestamp = {2008-06-18T15:13:52.000+0200}, title = {User Centricity: A Taxonomy and Open Issues}, url = {http://portal.acm.org/citation.cfm?id=1179529.1179531}, year = 2006 }