| Internet usage has been growing significantly, and the issue of online privacy has become a correspondingly greater concern. Several recent surveys show that users' concern about the privacy of their personal information reduces their use of electronic businesses and Internet services; furthermore, many users choose to provide false data in order to protect their real identities. Identity federation aims to assemble an identity virtually from a user's personal information stored across multiple distinct identity management systems. Liberty Alliance is one of the most recognized projects in developing an open standard for federated network identity. Although one of the key objectives of the Liberty Alliance project is to enable consumers to protect the privacy and security of their network identity information, we believe that this objective is biased towards the business goals of the Liberty architecture rather than giving priority to privacy from the consumer's perspective. In fact, consumer privacy is among the main usage barriers that reduces the adoption of identity federation architectures. In this thesis, we aim to enhance consumer privacy in the Liberty Alliance architecture. In the first place, we identify and analyze previously-unknown potential privacy breaches and concerns within the Liberty identity federation frameworks and propose improvements and recommendations for the identified breaches. We also propose three new services to the Liberty Alliance identity federation architecture that will help in enhancing consumer privacy: user privacy preferences service, privacy seal service, and audit trail service. We present several use case scenarios to demonstrate the effectiveness of the new services and to show how they could merge effectively with the Liberty identity federation frameworks. Furthermore, we propose using the XPref language for our proposed Liberty user privacy preferences service and identify some APPEL issues in this context. |
