Identity and Access Management Architectures with a Focus on User Initiative

Identity and Access Management Architectures with a Focus on User Initiative

Takao Kojima (Institute of Information Security, Japan) and Yukio Itakura (Institute of Information Security, Japan)
DOI: 10.4018/978-1-61350-498-7.ch008
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

We have developed a “Privacy Policy Matching Engine” as a component of the Identity and Access Management Architectures. This engine enables the matching of a user’s intention to provide his/her identity-related data with an entity’s own privacy policy. Also, it automatically analyzes the policies with a focus on the types and handling method for identity-related data.
Chapter Preview
Top

Background

Security and privacy issues in identity-related data management play an essential role in cloud computing. In particular, it is very important to define the right means for managing such data based on policies in order to comply with privacy-related standards and regulations. As a consequence, the identity management market—or identity and access management (IAM) market—is forecasted to grow from nearly $2.6 billion in 2006 to more than $12.3 billion in 2014 (including revenues from both products and implementation services) (Forrester, 2007). The cloud computing market which stood at $36 billion in 2008 is expected to reach $160.2 billion by 2015. Market growth is fuelled by the ease of information access made possible by the cloud (WinterGreen Research, Inc, 2009). The area of identity management has been addressed as part of the Seoul Declaration of the Future of the Internet Economy (2008/06) (OECD, 2008) and US President’s Cyberspace Policy review (Whitehouse, 2009).

However, despite the fact that legal systems regarding privacy protection and personal information distribution, such as the OECD’s Eight Principles (OECD, 1980), have been progressing on a global scale and the fact that most entities openly declare their privacy policies, the majority of users tend to just click the “I Agree” button without understanding the underlying details. Even though such policies are posted on websites where users can easily access them, the details are often too difficult for general users to comprehend and many contain technical jargon.

Therefore, we have developed the “Privacy Policy Matching Engine” as a component of the Identity and Access Management Architectures. The Privacy Policy Matching Engine enables users to provide their data as intended according to one’s own policies.

Complete Chapter List

Search this Book:
Reset