IdM Framework for Life Management Platform

A Thesis Proposal Submitted to the Fakult at f ur Informatik Technische Universit at M unchen by Mohammad Zaifullah Fakult at f ur Informatik Technische Universit at M unchen mohammad.zaifullah@tum.de 07 January 2013

Supervisor: Prof. Claudia Eckert Technische Universit at M unchen

Outline
1 Introduction 1.1 Background . . . . . . . . . . . . . . . . . . . . . . 1.2 Problem diagnosis and relevance of the work . . . 1.3 Research question . . . . . . . . . . . . . . . . . . . 1.4 Hypothesis and research objective . . . . . . . . . 1.5 Preview on what the readers will nd in this thesis 2 Progress beyond the state-of-the-art 2.1 Related research concepts . . . . . . . . . . 2.1.1 Vendor relationship management . . 2.1.2 Customer relationship management . 2.1.3 Supplier relationship management . 2.1.4 Personal data storage . . . . . . . . 2.1.5 Social networking . . . . . . . . . . . 2.2 Related application . . . . . . . . . . . . . . 2.2.1 ProjectVRM . . . . . . . . . . . . . 2.2.2 Personal.com . . . . . . . . . . . . . 2.2.3 Connect.me . . . . . . . . . . . . . . 2.2.4 Qiy.com . . . . . . . . . . . . . . . . 2.3 Related standard bodies . . . . . . . . . . . 2.3.1 ISO . . . . . . . . . . . . . . . . . . 2.3.2 OASIS . . . . . . . . . . . . . . . . . 2.3.3 Kantara Initiative . . . . . . . . . . 2.3.4 IETF . . . . . . . . . . . . . . . . . 2.3.5 ITU-T . . . . . . . . . . . . . . . . . 3 Methods 3.1 Research design . . . . . . . . . . . . 3.2 Measures and sources of information 3.3 Techniques of analysis . . . . . . . . 3.3.1 Graphical analysis . . . . . . 3.3.2 Numerical analysis . . . . . . 3.3.3 Comparative analysis . . . . 3.4 Documentation . . . . . . . . . . . . 3.5 Critique . . . . . . . . . . . . . . . . 4 Delimitations of the thesis 5 Thesis outline 6 Thesis schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2 2 4 4 4 5 5 6 6 6 6 6 6 6 6 7 7 7 7 7 7 7 7 8 8 8 8 8 8 8 9 9 10 11 13

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

. . . . . . . .

1
1.1

Introduction
Background

Every person has lot of information in her daily life which needs to be managed and shared. And a lot of this information has to be managed in a secure way and shared in a controlled, directed way. Some people may think dierently on some of that information. Some cultures might rate the need for privacy and security dierent for some of that information. The question kept coming up on how to share Personally Identiable Information (PII) [2] that satisfy personal and legal privacy requirements across international boundaries. Though, information will be always used too frequently to remain paper-based and which is too sensitive to deal with in the way todays social networks [3] are doing. It becomes obvious that many people are not willing to share all that information in the way many of todays social networks suggest that information should be shared. That is where Life Management Platform come into play: Providing the tools to manage the essential information of every persons life and making it usable for other parties through privacy-enhanced applications, thus meeting the privacy and security requirements. The individuals decide on which information they provide to whom. They decide about what is shared and what not [1]. Life Management Platform will change the way individuals deal with sensitive information like their health data, insurance data, and many other types of information - information that today frequently is paper-based or, when it comes to personal opinions, only in the mind of the individuals. They will enable new approaches for privacy and security-aware sharing of that information, following the concept of minimal disclosure and avoiding the loss of control of this data. They support concepts which allow sharing information with other parties in a way that avoids any data leakage, mainly based on a new concept of privacy- and security-aware apps which process information from both parties without giving any of the parties involved access to information provided by any other party without explicit consent [1].

1.2

Problem diagnosis and relevance of the work

When you think about to manage your daily life, it requires an enormous quantity of dataeverything from bank details and family book numbers to what sort of cleaning uid does best on your oor, what pressure your car tyres need to be at and which brands of glutensugar-lactose-nut-free cereal bar your six-year-old can stomach [4]. Some years from now, we will want to access our car through a virtual key which is stored in our private domain, together with all information relevant for the usage and maintenance of that car. Someone can think about this as like as a digital drivers book, which would even report an engine fail to your garage if you wish it to do so (and only then). We may also need to nd the best health insurance based on the information which is stored in a common platform. Individuals can request oers from insurance brokers without unveiling all that data and then pick the policy which ts best without details from each insurance company leaking to other insurance companies and without sensitive personal data from the individual leaking to insurance brokers or insurance companies he doesnt chose [1]. 2

Some years later, we may want to receive just only targeted information, based on the current personal interests, wishes and desires of a person - all the details people never will unveil in a social network or on any platform owned by a content provider. We also want to manage our virtual salary statement from our employer [1]. When looking at todays Internet, it becomes clear that many of the approaches we nd therein fulll the requirements of neither the users nor their counterparts like vendors, providers, and other parties. Overall, IT is driven by some major evolution. If we look at in gure 1, we will nd some modern evolution of IT. First of all the Social

Figure 1: The evolutionary area of todays IT aecting everydays life. [1] Computing [5] which provides a tighter interaction between individuals and organizations based on sharing information in some way between publicly available information and a directed, controlled ow of information [1]. Another evolution is Mobile Computing [6], which allowing access to a broad range of services through the Internet from dierent devices. As a result of that an increasing number of persons have device and network access available at virtually any point of time [1]. And nally the Cloud Computing [7], which aims to share data, calculations, and services transparently among users of a massive grid. It became a hot issue for its advantages such as reduce costs, increase business exibility and/or provide business continuity. Cloud Computing refers to both the applications delivered as services over the Internet and the hardware and systems software in the data-centers that provide those services. The services themselves have long been referred to as Software as a Service (SaaS) [8]. The data-center hardware and software is what we will call a Cloud. When a Cloud is made available in a pay as-you-go manner to the general public, which called a Public Cloud; the service being sold is Utility Computing. Information Technology (IT) fundamentally is aected by all of these trends. The Consumerization and De-perimeterization [9] of IT are logical consequences. IT is available to 3

virtually everyone and virtually everywhere. Now a days it is not a business-to-business technology anymore, and has not been for quite a while. It is for sure that the mentioned evolutions drive the consumerization of IT to a new level. De-perimeterization is another logical consequence. Once formerly closed networks open up, there is no perimeter anymore. That not only aects the way Information Security has to be implemented, it also means that the borderlines between dierent organizations and between organizations and their counterparts in the form of individuals customers, users, tenants, citizens, etc.- are not as clearly dened anymore.

1.3

Research question

This research is aimed to build a such platform which is based on the combination of a personal domain holding all information securely and the ability to use this data in a privacy- and security-aware way. The study attempts to answer the research questions: How individuals can maintain privacy and security-aware sharing of their daily life sensitive information, following the concept of minimal disclosure and avoiding the loss of control of that data?

1.4

Hypothesis and research objective

Currently there is no platform which allows individuals to consolidate all relevant data from daily life, in particular data which is sensitive and typically paper-bound today, like bank account information, insurance information, health information, or the key number of their car. Notably they are not limited to such data but support everything which should be used in a privacy- and security-aware way with, for example, the car manufacturers, the dealers, and the garages (and maybe some other parties). It is hypothesized that Life Management Platform can be designed in such a way so that users can get full control and exibility over the management of their personal information. It is also hypothesized that security and privacy can be supported through the use of standard protocol.

1.5

Preview on what the readers will nd in this thesis

This report describes the core concepts of Life Management Platform. It provides the input all interested parties need to work on that concept as user, as platform provider, or as service provider. Virtually all business models which rely on sharing sensitive information with individuals will fundamentally change with the rise of Life Management Platform. That will challenge existing business models and IT infrastructures, but it provides fantastic new opportunities not only for new business models, but also for cost savings and better service for virtually all organizations. Understanding this fundamental shift today is the foundation for successful business in the future.

Progress beyond the state-of-the-art

There are several concepts and providers out there which are related to the idea of Life Management Platform in one way or another. Unfortunately, none of the platforms of today fullls all the requirements of Life Management Platform. That becomes even more obvious when looking at dierent technologies provided by the industry. The art of successfully dealing with Life Management Platform from a provider perspective is in fact simple: Provide services and oers that are suciently attractive and dont rely on knowing things about the individuals you shouldnt know or do not need to know. From customer requirements perspective, providers have to deal with the challenges like: People want to keep their life data managed in both the digital and non-digital world They want to ensure privacy They start thinking about which price to pay: Privacy or money? They want to control their relationships and their data When looking at VRM (Vendor Relationship Management), end user is able to share her information with vendors of choice in a controlled way, one of the most prominent but limited cases, this becomes clear. That example points out several of the shortcomings of todays approaches including CRMs and Social Networks and especially most of the marketing and customer interaction initiatives relying on Social Networks. VRM allows the customer to share what she currently assumes to be relevant which might be very dierent from what she found relevant in the past. Organizations today (and tomorrow) need to Know their customer Interact closely with her Ensure that their competitors dont know too much about her and your relationship with her Ensure that they stay in touch with them over time, building a customer relationship/binding Tighten the relationships However, todays social networks dene the border line between privacy and publicity. Their privacy-ignorant approach violates some of the customer requirements like customer dene their own privacy. By knowing your customer, your competitor most likely will easily gain knowledge about them as well. With respect to the fourth bullet point, staying in touch with her quickly might become a one-way road where organizations put in a lot of eort and no one listens anymore. It might even become a dead end quickly, once the social network loses its popularity.

2.1

Related research concepts

There are several concepts out there which are related to the idea of Life Management Platform in one way or another. But there is no single concepts which implemented Life Management Platform. Here we discuss some relevant ideas: 5

2.1.1

Vendor relationship management

When looking at concepts, VRM (Vendor Relationship Management) is one of the most inuential ones. VRM, a concept developed by Harvard professor Doc Searls some years ago, focuses on the relationship between vendors and customers. It turns things upside down in the sense of customers being in control of their data and what they want to share with which vendors. However, VRM is by name and original design too focused on one aspect of Life Management Platform. Nevertheless, looking at VRM is valuable due to the (relatively) long history of that concept [1]. 2.1.2 Customer relationship management

Customer relationship management (CRM) is a huge information resource of modern business activity, and almost all the information required in business activity comes from CRM. At the same time, the development of E-Commerce makes CRM become more important to the corporation [10]. 2.1.3 2.1.4 2.1.5 Supplier relationship management Personal data storage Social networking

2.2

Related application

For an emerging market, it is always more of a hunch than a logical deduction to give predictions on when things will happen. Life Management Platform will most likely become a major topic and big thing in the Internet soon. The current situation with an increasing number of vendors entering that market is a very clear indicator of that [1]. 2.2.1 ProjectVRM

ProjectVRM is a research and development project of the Berkman Center for Internet & Society at Harvard University [11]. It has two purposes: To encourage development of tools by which individuals can take control of their relationships with organizations especially in commercial marketplaces. To conduct research on VRM-related theories, usage of VRM tools, and eects as adoption of VRM tools takes place. The project was created by Doc Searls when he became a fellow at the Berkman Center in 2006. Since then it has grown to become the central institution in an active development community. 2.2.2 Personal.com

Another actor in the market is personal.com, even while they are more a Personal Data Store than a real life management platform, lacking the app concept in an appropriate way. However, personal.com starts turning things upside down and giving control back to users [1]. 6

2.2.3

Connect.me

Another model is connect.me which is a reputation network. This is connected to Life Management Platform indirectly in the sense of reputation becoming an important factor for trust. That helps in deciding on what to share with whom if you share using a Life Management Platform [1]. 2.2.4 Qiy.com

One of the most advanced models around Life Management Platform is qiy.com. The concept is 1 software, 1 credential, 1 place to manage anything personal you might want to manage with a computer. Qiy itself is a foundation providing the knowledge of personal containers where your information is secure and where you can use 3rd party apps to do something with your information. Apps are provided by Qiy framework members, adding trust framework capabilities to the Life Management Platform part of Qiy [1].

2.3

Related standard bodies

This section provides an idea about the standard bodies who are working with this new concepts. 2.3.1 2.3.2 2.3.3 2.3.4 2.3.5 ISO OASIS Kantara Initiative IETF ITU-T

3
3.1

Methods
Research design

Following picture depicts the structure of the proposed Life Management Platform. For the

Figure 2: Life Management Platform. [12] identity management, OpenID Connect protocol will be used. Customer has full control over her sensitive personal data.

3.2

Measures and sources of information

Information will be gathered from scholarly research databases like IEEE, ACM, ScienceDirect, etc. Other online resources, books, etc. will be considered as an information source which are closely related with this research. Also results will be submitted to Fraunhofer AISEC.

3.3
3.3.1

Techniques of analysis
Graphical analysis

Analysis of graphical ow of the system will be done. 3.3.2 Numerical analysis

Time performance of the system will be measured. 3.3.3 Comparative analysis

Proposed solution will be compared to solution currently working in the market. 8

3.4

Documentation

After completing the above analysis, I will write up the thesis to document the work I have completed.

3.5

Critique

The idea of Life Management Platform is very nice but i think it may be also very good if i implemented it as Life Management Apps as in Marcels QIY system. In my mind the main dierence between a platform and an app is that the app does not store the data that is pertinent to the intention of the person.

Delimitations of the thesis

This thesis only cover the customer control and privacy over her sensitive personal data.

10

Thesis outline
1. Front matter (4-5 pages) Title Acknowledgments Contents List of gures and tables List of abbreviations Glossary 2. Introduction (6-7 pages) Background Problem diagnosis and relevance of the work Research question Hypothesis and research objective Preview on what the readers will nd in this thesis 3. Progress beyond the state-of-the-art (14-15 pages) Related research concepts Vendor relationship management Customer relationship management Supplier relationship management Personal data storage Social networking ProjectVRM Personal.com Connect.me Qiy.com ISO OASIS Kantara Initiative IETF ITU-T

Related applications

Related standard bodies

4. Identity management (6-7 pages) Identities Persona User-centric IdM 11

 Authentication technologies Authorization technologies The security triad Condentiality Integrity Availability Privacy technologies Trust 5. Life management platform architecture (9-10 pages) Prole management Social prole Business prole Professional prole Usability issues 6. Philosophy of approach (4-5 pages) RESTfull architecture JWT OpenID Connect 7. Implementation of LMP (20-25 pages) Technique and methods Security mechanism Tools and frameworks used Access to personal information 8. Analysis of results (4-5 pages) Graphical analysis Numerical analysis Comparative analysis 9. Conclusions and future research (1-2 pages) Conclusions Future research 10. Bibliography (1-2 pages) 11. Appendices (4-5 pages)

12

Thesis schedule

Figure 3: Thesis schedule.

13

Bibliography
[1] Martin Kuppinger, KuppingerCole Advisory Note Life Management Platforms: Control and Privacy for Personal Data - Report No.: 70608, 2012. [2] Erika McCallister; Tim Grance; Karen Scarfone; , Guide to Protecting the Condentiality of Personally Identiable Information (PII), NIST Special Publication 800-122, 2010. [3] Jaakkola, H.; Linna, P.; Henno, J.; Makela, J.; , (Social) networking is coming Are we ready?, MIPRO, 2011 Proceedings of the 34th International Convention, IEEE, pp.1133-1139, 23-27 May 2011 [4] G.L., Personal data: A life-management http://www.economist.com/blogs/babbage/2011/11/personal-data, The 2011. platform?, Economist,

[5] Wang, Fei-Yue; Carley, Kathleen M.; Zeng, Daniel; Mao, Wenji; , Social Computing: From Social Informatics to Social Intelligence, Intelligent Systems, IEEE , vol.22, no.2, pp.79-83, March-April 2007. [6] Hans J (Jochen) Scholl, Mobile computing in the public sector: practices, opportunities, and arduous challenges. In Proceedings of the 10th Annual International Conference on Digital Government Research: Social Networks: Making Connections between Citizens, Data and Government (dg.o 09), Soon Ae Chun, Rodrigo Sandoval, and Priscilla Regan (Eds.). Digital Government Society of North America 361-363, ACM, 2009. [7] Xu Wang; Beizhan Wang; Jing Huang; , Cloud computing and its key techniques, Computer Science and Automation Engineering (CSAE), 2011 IEEE International Conference on , vol.2, no., pp.404-410, 10-12 June 2011. [8] Olsen, E.R.; , Transitioning to Software as a Service: Realigning Software Engineering Practices with the New Business Model, Service Operations and Logistics, and Informatics, 2006. SOLI 06. IEEE International Conference on , vol., no., pp.266-271, 21-23 June 2006. [9] Jeremy Hilton; Pete Burnap, Self Protecting Information for Deperimeterised Electronic Relationships, https://collaboration.opengroup.org/jericho/hilton SPC Infosec SPIDER.pdf. [10] Ma Jibin; Sun Yonghao; Wu Xuyan; Chen Xiaoyan; , Research of the Customer Relationship Management in Enterprise under the E-Commerce, Computer and Communications Security, 2009. ICCCS 09. International Conference on , vol., no., pp.131-134, 5-6 Dec. 2009. [11] Doc Searls, ProjectVRM, http://blogs.law.harvard.edu/vrm/. [12] Mario Homann, Fraunhofer AISEC.

14