go to home page | go to navigation | go to page content | go to contact | go to sitemap
Home > Cases > European eID Observatory > Privacy and Identity Management for Community Services
practice Privacy and Identity Management for Community Services

Privacy and Identity Management for Community Services

1454 Visits
| 0 Comments |
starstarstarstarempty starIn order to vote, you need to be logged in!

Acronym of the case:

PICOS

Web address of the case:

http://www.picos-project.eu/

Country of the case:

Austria , Belgium , Czech Republic , France , Germany , Spain , United Kingdom

City/region:

Europe

Posting Date:

2 February 2011

Last Edited Date:

21 February 2011

Author:

Christian Kahl (Goethe University Frankfurt)
tags

mobile communities | privacy | Identity Management

Privacy and Identity Management for Community Services Logopicos's picture
Editor's Choice 2011

Type of initiative

  • Project or service-imgProject or service

Case Abstract

Privacy and Identity Management for Community Services (PICOS) is an international research project, focused on mobile communities. The PICOS consortium consists of eleven partners from seven different countries, supported by the EU as a part of the Trust & Security Group within the 7th Research Framework Programme. It contains specialists from the fields of science, research and industry.

Online communities connect millions of people around the world, to communicate, interact and share interests.  As these communities are getting more mobile, becoming an ubiquitous part of our lives, new opportunities and challenges emerge. 

PICOS has the mission to investigate mobile communities and their services, especially regarding aspects like privacy and identity management as well as technical and economical aspects.

The objective of the project is to advance the state of the art in technologies that provide privacy-enhanced identity and trust management features within complex community-supporting services that are built on Next Generation Networks and delivered by multiple communication service providers. The approach taken by the project is to research, develop, build trial and evaluate an open, privacy-respecting, trust-enabling identity management platform that supports the provision of community services by mobile communication service providers.

Description of the case

Domain
eGovernment
Topic
eIdentity and eSecurity
Sector
Communication (infrastructure) | Education, Science and Research | Other
Date
February 2008 to June 2011
Target Users
Citizen
Scope
International
Language(s)
English

Policy Context and Legal Framework

In recent years, we have seen the emergence of services for professional and private on-line collaboration via the Internet. Nowadays, many European citizens spend work and leisure time in on-line communities, such as social networks or other real world communities that utilise online services to support their activities. Moreover, communities based on mobile communication allow users to participate in their community not only from places where fixed-line communication is available. Mobile Communities also allow for a more intensive linking of services and therefore integration of people's virtual and real communities.

Additionally, context information, such as location information, gets important, e.g. for spontaneous socialising and collaboration in the "real" world. However, when users participate in such communities, they consciously leave private information traces they are unaware of. The providers of community services need to handle trust and privacy in a manner that meets the participants' needs as well as complying with regulation. Moreover, in order to finance or co-finance respectively such community services, the infrastructure needs to be opened for marketing activities of sponsors/advertisers. And, as new community-supporting services offered by communication service providers will increasingly become interoperable, this would require that provisions for trust enablement and privacy-respecting identity management also be interoperable between such communication service providers.

A new approach to identity management in community services is needed, in order to meet the needs for:

  • the enablement of trust, by members of the community, in other members and in the service-provision infrastructure,
  • the privacy of community members' personal information,
  • the control by members of the information they share, and
  • the interoperability of community-supporting services between communication service providers.

This approach must be developed in an open manner, and requires technical advances in order to meet the requirements.

Project Size and Implementation

Type of initiative
IT infrastructures and products
Overall Implementation approach
Partnerships between administration and/or private sector and/or non-profit sector
Technology choice
Not applicable/not available
Funding source
Public funding EU
Project size
Implementation: €5,000,000-10,000,000

Implementation and Management Approach

PICOS investigated the foundations and contexts of communities and developed a mobile community platform for providing the trust, privacy and identity management aspects of virtual community services and applications on the Internet and in mobile communication networks. The PICOS approach to trustworthy on-line community collaboration addresses the following four questions:

  • What are the Trust, Privacy and Identity issues in new context-rich mobile communication services, especially community-supporting services?
  • How can information flows and privacy requirements be balanced in complex distributed service architectures (e.g., mash-ups)?
  • How can these issues be solved in an acceptable, trustworthy, open and scalable manner?
  • Which supporting services and infrastructures do the stakeholders need?

PICOS at first reviewed contemporary research in relevant disciplines, before we focused on platform design and prototype development in order to create interoperable, open, privacy-respecting identity and trust management tools that can be demonstrated to the public. These were used to construct community application prototypes by leading industry partners in close cooperation with the targeted community. Finally the prototypes have been trialled and self-evaluated by PICOS concerning usability, ergonomics, legal issues, trust and privacy.

The work was sequentialised in 4 phases:

  • Phase 1: A systematic analysis of stakeholders, terminology and taxonomy of on-line communities with particular focus on trust, privacy and personal information.
  • Phase 2: Definition of a framework for trust and privacy in on-line communities, definition and elaboration of requirements and definition of the trial plan for the community trials.
  • Phase 3.1 & 3.2: Development & construction of the PICOS platform prototype, the community applications prototypes and their evaluation using trials.
  • Phase 4: Finalising of the PICOS platform, documentation, exploitation planning

To achieve its goal, PICOS developed the platform in two development cycles. The purpose of the first cycle was to create and validate the platform architecture and design concepts and their acceptability from a user experience viewpoint. The purpose of the second cycle was to provide a richer and more capable platform, with an end-to-end scope.

Within the development cycles, several procedures ensured goal conformance:

  • Platform design according to requirements
  • Platform prototype implementation from design
  • Deploy platform prototype into community application prototype
  • Execute community trials with real users
  • Evaluate

The evaluation between Phase 3.1 and Phase 3.2 will improve the platform by enhancing its design for the reworking in phase 3.2.

Results from the project, both formal deliverables and other outputs that arise from the knowledge gained, were disseminated throughout the duration of the project and afterwards via a number of different means. E.g. via the project  website and on various topic related internet portals, as well as in scientific publications, on conferences and on workshops.

Communities

In order to demonstrate how communities would gain benefits from the PICOS enhancements of context-rich mobile communications services, we focus three exemplary communities in the project. These communities are Anglers, Taxi Drivers and Online Gamers. They all require improvements in the privacy-respecting and trust-enabling management of identity.
Each of these example communities can provide an appropriate focus for the construction and trialling of a prototype set of communication and information services that utilise the PICOS platform prototype.

Impact, innovation and results

Lessons learnt

  • Privacy enhancements for online communities and mobile communities are possible if stakeholders and their diverging interests are considered (User-centricity)
  • Providing privacy enhancing technologies is not enough: Awareness for privacy related problems is needed as well.
  • Usability is important to support the perception of privacy enhancing technologies

Multimedia Content Select a Tab

    There isn't any image for this case
    There isn't any Video for this case
    Print Print this document
    In order to send a message you need to be registered at least one month and have earned more than 150 kudos.

    See Related Content

    About Us · Rules of conduct · Important Legal Notice · Contact Us · Site Map · FAQ · Glossary · RSS
    eGovernment