From top clockwise: Prof. Elisa Bertino (Research Advisor), Dr. Anna C. Squicciarini, Alexei Czeskis, Shimon Modi, Wonjun Lee, Balachandra Bhadravathi Krishnamurthy, Abhilasha Bhargav-Spantzel

Introduction

Digital identity corresponds to the electronic information associated generally with an individual in a particular identity system. Identity systems are used by online service providers to authenticate and authorize users to services protected by access policies. Having good identity systems can enable individuals to use effectively and extensively electronic transactions in a secure yet privacy preserving manner. With the advent of distributed computing models such as web services, the current trend is to focus on inter-organization and inter-dependent management of identity information, rather than identity management solutions for internal use. This is referred to as federated identity management.

Providing secure and efficient solutions for digital Identity Management (IdM) in a federation is of great significance in todays world. Fighting fraud like identity theft is especially a major concern. In a Federal Trade Commission (FTC) ( report ) it was given that there have been 27.3 million cases of identity theft in the last five years, with roughly half of those occurring in 2004 itself. Overall, identity theft cost U.S. citizens $52.6 billion in 2004 . We need technical, social engineering and legal solutions for the prevention of such crime. Within the technical solutions itself we can explore a variety of techniques like cryptographic solutions, authentication protocols, database security and many others

Identity Blogspot: Aham.

^ TOP

Collaborative Initiatives

The research being undertaken as part of this project is of high interest to various groups at Purdue and to industry. In
order to maximize the potential impact, the following collaborations are been undertaken:

• Liberty Alliance Identity Theft Protection Special Interest Group: I participated in an Identity Theft Workshop (held on July 20, 2005 in Chicago), organized by the Liberty Alliance Initiative. The Liberty Alliance includes over 150 organizations from across the globe ranging from educational institutions and government organizations, to service providers and financial
  institutions, to technology firms and wireless providers. I followed up after the meeting and now CERIAS (and Purdue) is an affiliate member of Liberty Alliance. I am actively participating in the several identity theft prevention initiatives of this energetic group.
• Biometrics Group: A collaboration has started with the group lead by Prof. Stephen Elliot (College of Technology at Purdue) in the area of biometrics. The goal of the collaboration is to integrate biometrics techniques with our digital identity
  management techniques.
• Grid Computing Group: A collaboration has started with the group from ITaP involved in the security for the TeraGrid project. The main goal of this collaboration is to determine relevant requirements concerning federated digital identity management
  in the area of grid computing systems. Such requirements will inform our research. The collaboration will
  also allow us to prepare joint proposals with ITaP dealing with security for grid computing systems and digital
  identity management solutions specific to federations consisting of academic institutions.

^ TOP

Publications

1. Abhilasha Bhargav-Spantzel, Anna C. Squicciarini, Elisa Bertino. Establishing and Protecting Digital Identity in Federation Systems CERIAS TR 2005-48, Published in the proceedings of ACM CCS workshop on Digital Identity Management 2005.
   
2. Abhilasha Bhargav-Spantzel, Anna C. Squicciarini, Elisa Bertino. Establishing and Protecting Digital Identity in Federation Systems Published in Journal of Computer Security 2006.
   
3. Abhilasha Bhargav-Spantzel, Anna C. Squicciarini, Elisa Bertino. Policy Languages for Digital Identity Management in Federation SystemsPublished in POLICY Workshop 2006.
   
4. Abhilasha Bhargav-Spantzel, Anna C. Squicciarini, Elisa Bertino. Integrating Federated Digital Identity Management and Trust Negotiation CERIAS TR 2005-46, to appear in IEEE Security & Privacy Magazine .
   ^ TOP
5. Anna C. Squicciarini, Abhilasha Bhargav-Spantzel, Alexei Czeskis, Elisa Bertino. Traceable and Automatic Compliance of Privacy Policies in Federated Digital Identity Management, in the proceedings of 6th Workshop on Privacy Enhancing Technologies, 2006.
   ^ TOP
6. Abhilasha Bhargav-Spantzel, Anna C. Squicciarini, Elisa Bertino. Privacy Preserving Multi-Factor Authentication with Biometrics , to appear in the proceedings of ACM CCS workshop on Digital Identity Management 2006.
   ^ TOP
7. Anna C. Squicciarini, Abhilasha Bhargav-Spantzel, Elisa Bertino, Elena Ferrari, Indrakshi Ray. Trust Negotiations with Customizable Anonymity, to appear in the proceedings of First IEEE/WIC/ACM Web Intelligence/Intelligent Agent Technology Workshop on Web Privacy Intelligence (WPI'06) .
   ^ TOP
8. Abhilasha Bhargav-Spantzel, Anna C. Squicciarini, Rui Xue, Elisa Bertino. Practical Identity Theft Prevention using Aggregated Proof of Knowledge, in CERIAS TR 2006-26 .
   ^ TOP

^ TOP

Talks

1. Abhilasha Bhargav-Spantzel on Digital Identity Management in Information Secuity Class, CS526, Purdue, November 1, 2005. (Acknowledgement for certain slides: Liberty Alliance Identity Theft Prevention Group, Hellmuth Broda (Sun Microsystem), Paul John Biciunas (Fidelity Investments), Shibboleth Group Slides
2. Abhilasha Bhargav-Spantzel on Identity Theft Protection in Information Secuity Class, CS526, Purdue, November 3, 2005. (Acknowledgement for certain slides: Liberty Alliance Identity Theft Prevention Group, Hellmuth Broda (Sun Microsystem), Paul John Biciunas (Fidelity Investments), Shibboleth Group Slides
3. Abhilasha Bhargav-Spantzel on Establishing and Protecting Digital Identity in Federation Systems in ACM CCS2005 Workshop on Digital Identity Management November 11, 2005, George Mason University, Fairfax, VA, USA Slides
4. Abhilasha Bhargav-Spantzel on Digital Identity Management and Theft Protection in CERIAS Security Seminar, Purdue, February 6, 2006. (Acknowledgement for certain slides: Kim Cameron identityblog website, Liberty Alliance Identity Theft Prevention Group, Hellmuth Broda (Sun Microsystem)). Slides, Video
5. Abhilasha Bhargav-Spantzel on Digital Identity Theft Protection in InWIC (Indiana Women in Computing) lightning talk, February 4th, 2006. Slides
6. Anna C. Squicciarini on Digital Identity Management in Texas University, February 20th, 2006.
7. Abhilasha Bhargav-Spantzel on Digital Identity Theft Protection in The Seventh Annual CERIAS Information Security Symposium,"Negotiating Trust", March 22nd, 2006. Slides

^ TOP

Ongoing Projects

Prof.Elisa Bertino is our research advisor for all ongoing projects. The different ongoing projects and students involved are as follows:

1. Lazy Validation and Identity Theft Protection Protocols: Bhargav-Spantzel and Squicciarini
2. Authentication Policies: Bhargav-Spantzel and Squicciarini
3. Biometric Identity Protection and Privacy: Bhargav-Spantzel, Modi and Squicciarini
4. Health Data Privacy and Protection : Squicciarini, Czeskis (Intel Undergrad Award Winner) and Bhargav-Spantzel
5. Accountability in Federation Systems : Lee
   ^ TOP

^ TOP

Implementation Projects

1. Shibboleth Implementation: Lee
2. Project 1: Building the Registrar [Description] : Krishnamurthy and Bhargav-Spantzel
3. Project 2: Audit Policies for Federation [Description] : Krishnamurthy and Bhargav-Spantzel