Protocols and Systems for Privacy Preserving Protection of Digital Identity
Tech report number
CERIAS TR 2007-86
In order to support emerging online activities within the digital information infrastructure, such as commerce, healthcare, entertainment and scientific collaboration, it is increasingly important to verify and protect the digital identity of the individuals involved. Identity management systems manage the digital identity life cycle of individuals that includes issuance, usage and revocation of digital identifiers. Identity management systems have improved the management of identity information and user convenience; however they do not provide specific solutions to address protection of identity from threats such as identity theft and privacy violation. One major shortcoming of current approaches is the lack of strong verification techniques for issuance and usage of digital identifiers. Moreover current identity management systems do not consider biometric and history-based identifiers. Such identifiers are increasingly becoming an integral part of an individuals' identity. Such types of identity data also need to be used with other digital identifiers and protected against misuse. In this thesis we introduce a number of techniques that address the above problems. Our approach is based on the concept of privacy preserving multi-factor identity verification. The technique consists of verifying multiple identifier claims of an individual, without revealing extraneous identity information. A distinguishing feature of our approach is that we employ identity protection and verification techniques at all stages of the identity life cycle. We also enhance our approach with the use of biometric and history-based identifiers.