Article Preview
Top1. Introduction
More and more economic and social activities are carried out on the Internet. The Internet was originally built without a way to know who and what users are connecting to. Digital identities are widely employed for providing enable solutions to address the above “unknown” issue in different information systems and applications on the Internet. Service-oriented computing has become a well adopted technology and it has reshaped a vast number of business models and processes. Digital identities have been widely employed as crucial components for weaving a world of cooperating Web services where application components are assembled to support dynamic business processes that span multiple enterprizes, organizations, and computing platforms.
In the “The laws of identity” (Cameron, 2005), a digital identity is defined as a set of claims made by one digital subject about itself or another digital subject. The digital subject is a person or thing represented or existing in the digital realm which is being described or dealt with and a claim is an assertion of the truth of something. There are different management tasks for the processes of representing, recognizing, and usage controlling of digital identities. The identity management in the digital world normally relates to the behavior of corresponding entities of digital subjects in their real world activities (Claub & Kohntopp, 2001). Digital identities normally convey sensitive information of their subjects. The employment of digital identities will normally bring in many critical security and privacy issues such as identity phishing, pharming, and privacy protection for sensitive information embedded in digital identities. The disclosure of digital identities must be under the control based on the satisfaction of related trust requirements (Josang, Fabre, Hay, Dalziel, & Pope, 2005). The existing identity systems including CardSpace (Bertocci, Serack, & Baker, 2007), Sxip (Sxip, 2009), Higgins (Eclipse-Foundation, 2009), and OpenID (OpenID-Foundation, 2009) have provided different functions for users to manage, select, and control digital identities. However, these identity systems have not provided further support for the modeling of trust requirements associated with digital identities, evaluation of runtime status for trust, and a range of mechanisms of trust consumption related with digital identities. The privacy and security are still a hindrance for digital identities to support wide range of e-commerce, governmental and social activities.