Identity management has the potential to play a major role in the Future Internet as an enabling technology that integrates services with transport infrastructures. The use of partial identities can improve users' control over their personal data and enhance privacy, but revealed data can be used by service providers more than strictly needed, such as for user profiling. Without adequate precautions, service and identity providers could pick up profile and service usage data during the authentication process. Such privacy concerns have gained attention of late, and legal constraints are expected to follow to further limit data transfer from identity providers to service providers. The paper discusses legal constraints from a European perspective, taking into account the possibility of network operators acting as identity providers, and approaches to enhancing privacy. We show how European legislation and user needs for privacy affect the design of Identity Management Systems and outline consequences as well as opportunities and directions for future research.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com