The possibility of carrying out a multitude of transactions, such as shopping, communicating, organizing yourself or your business, in the digital domain amplifies the need for sophisticated identification mechanisms. User-centric identity management implementations, and especially anonymous credential systems, provide the required sophistication. In particular, they support minimal data disclosure and (zero-knowledge) proofs about attributes. A main challenge in implementing user-centric identity management is to transport the information about each transaction to the user. After all, most users are not yet aware of concepts such as data minimization or (zero-knowledge) proofs about attributes. We propose a visualization of information on the user's side together with the transaction information. We show how established concepts of user interface design can be employed to help users familiarize themselves with these formerly unfamiliar identity management concepts.
By: Patrik Bichsel; Jan Camenisch; Franz-Stefan Preiss; Dieter M. Sommer
Published in: RZ3756 in 2009
LIMITED DISTRIBUTION NOTICE:
This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.
Questions about this service can be mailed to reports@us.ibm.com .