Mobile devices to the identity Rescue

Abstract

Identity management is defined as the set of processes related to identity and access information for the whole identity life cycle in a system. In the open internet users need new methods for identity management that supply reliable authentication and sufficient user control. Currently applied methods often lack a proper level of security (e.g., passwords) and privacy (e.g., diverse processing of personal data). A personal smart card and a personal smart phone can communicate using near-field communication (NFC). This allows users to apply their smart phone as a personal semi-trusted smart-card reader. For applications such as authentication, this Trusted Couple can then be used in a secure and intuitive way, like a remote card reader. As attribute-based credentials (ABCs) can efficiently be implemented on tamper-resistant smart cards with the current technology, we can achieve a more privacyfriendly and more flexible way of not only authentication but also rolebased access control or management of personal information. In this paper we describe how a Trusted Couple can solve security, privacy, and usability problems in identity management.