Privacy Features of Authentication Mechanisms

Safelayer took part in the First Workshop on Law and Web 2.0, organized by the UAB Institute of Law and Technology (IDT), with its article Privacy features of authentication systems (PDF).

The wide variety of online services that appear every day entails new scenarios that affect user's privacy. When dealing with the access to an online service, two apparently contradictory goals must be reached. On the one hand, security of the service must be ensured, meaning that non-authorized users will not gain access to the service. On the other hand, the personal information that a user discloses when he requests access to the service should remain minimal.

In the article, Safelayer and the Department of Applied Mathematics IV of the Technical University of Catalonia identify the main privacy properties that might be expected from authentication mechanisms that involve the identity metasystem architecture actors—a subject, a relying party, and one or more identity providers—, and discuss which of these properties are satisfied by some of the existing systems: X.509 certificates, Traceable Anonymous Certificates, OpenID, Information Cards, U-Prove and Idemix.