G-Profile: A Hybrid Solution for Extended Identity Management in the Field of Personalized Service Provision

G-Profile: A Hybrid Solution for Extended Identity Management in the Field of Personalized Service Provision

Marco Viviani (Université de Lyon (INSA), France), Nadia Bennani (Université de Lyon (INSA), France) and Elöd Egyed-Zsigmond (Université de Lyon (INSA), France)
Copyright: © 2012 |Pages: 17
DOI: 10.4018/irmj.2012070103
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

In the digital world, many organizations are developing different applications (with different purposes) where users are generally represented by a heterogeneous set of attributes. From time to time, depending on the context, different attributes can provide different digital identities for the same user, often involved in the identification/authentication processes. In the personalized service provision perspective, the scope of identity management becomes much larger, and takes into account information susceptible to change such as user profile information as a whole. Many purely user-centric identity management systems has emerged in the few last years, among them the Higgins project that provides the user with a direct control over his/her data and covers some data security issues. However, a complete user-centric view of extended user identity management is not realistic, in our opinion. In this paper, the authors present G-Profile: a hybrid, open, general-purpose and flexible user modeling system for extended identity management in multi-application environments. G-Profile also tackles the trade-off between users’ and applications’ requirements.
Article Preview

1. Introduction

In the digital world, many organizations are developing different applications in different areas (digital libraries, search engines, e-learning, online databases, e-commerce, social networks, etc.). Each application generally represents users by a set of attributes constituting their user profile. Part of these attributes can, depending on the context, provide a digital identity for a particular user. A digital identity is defined in literature as “the digital representation of the information known about a specific individual or organization, in a specific application domain’’ (Squicciarini, Bhargav-Spantzel, Czeskis, & Bertino, 2006; Windley, 2005). It includes unique descriptive data (data allowing a precise identification of the user among others), as well as other generic information. A digital identity can therefore be seen as composed of:

  • 1.

    A personal identity, containing persistent identity information such as name, date of birth and genealogical relations;

  • 2.

    A shared identity, information which is susceptible to change such as social network or evolving user profile information (shopping list, centers of interest, friends);

  • 3.

    An abstract identity, composed of derived or inferred information about the user.

Traditionally, digital identities are used in the field of identity management (Miyata et al., 2006) and for authentication purposes, but not only. Nowadays, in the real-world context of engineering online systems, identity management can involve three research fields:

  • 1.

    The pure identity field: issues concerning the creation, management and deletion of identities without regard to access (e.g., anonymization problems);

  • 2.

    The user access field: issues concerning user access requirements connected the need to assume a unique “digital identity” across applications and networked infrastructures;

  • 3.

    The personalized service provision field: issues concerning the delivery of personalized, role-based, online, on-demand, multimedia (content), presence-based services to users and their devices.

In particular, in the personalized service provision perspective, the scope of identity management becomes much larger, because organizations shift their systems towards the world of personalized services. The scope of identity management includes therefore all the resources of the company deployed to deliver online services. These may include various devices as well as a user’s credentials and other user’s attributes constituting user profiles.

Each application can, in the personalized service provision perspective, collect information directly provided by the user and enrich it (from this moment on, for the sake of simplicity, we will refer directly to an “application,” instead of using each time the expression “organization/company responsible for an application”). This leads to the situation where each application can represent user information independently from others, based on a specific user model. This aspect presents several drawbacks such as (i) redundancy; (ii) lack of efficacy: a user logged on a particular application, will not take advantage of information about him/her already collected by other applications; (iii) lack of experience: as the user cannot take advantage of his/her information scattered across different applications, in the same way he/she cannot profit of the experience already accumulated by other users, in the same or different applications; (iv) lack of control: users have often little or no control over the information concerning themselves, in particular over personalization and sharing, since their data are deeply buried in personalization engines. No access protocols are given to users in order to manage their data.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 31: 4 Issues (2018): 1 Released, 3 Forthcoming
Volume 30: 4 Issues (2017)
Volume 29: 4 Issues (2016)
Volume 28: 4 Issues (2015)
Volume 27: 4 Issues (2014)
Volume 26: 4 Issues (2013)
Volume 25: 4 Issues (2012)
Volume 24: 4 Issues (2011)
Volume 23: 4 Issues (2010)
Volume 22: 4 Issues (2009)
Volume 21: 4 Issues (2008)
Volume 20: 4 Issues (2007)
Volume 19: 4 Issues (2006)
Volume 18: 4 Issues (2005)
Volume 17: 4 Issues (2004)
Volume 16: 4 Issues (2003)
Volume 15: 4 Issues (2002)
Volume 14: 4 Issues (2001)
Volume 13: 4 Issues (2000)
Volume 12: 4 Issues (1999)
Volume 11: 4 Issues (1998)
Volume 10: 4 Issues (1997)
Volume 9: 4 Issues (1996)
Volume 8: 4 Issues (1995)
Volume 7: 4 Issues (1994)
Volume 6: 4 Issues (1993)
Volume 5: 4 Issues (1992)
Volume 4: 4 Issues (1991)
Volume 3: 4 Issues (1990)
Volume 2: 4 Issues (1989)
Volume 1: 1 Issue (1988)
View Complete Journal Contents Listing