Risk assessment for better Identity Management in pervasive environments

Abstract

Pervasive computing environments comprise a myriad of devices. In this framework, interactions take place between different parties to simplify users' everyday life in a natural and transparent manner. These interactions, that are generally oriented to the delivery of services, usually involve the exchange of identity information and personal data over the networks. Since transactions may occur between familiar or unfamiliar entities, Identity Management (IdM) becomes indispensable to avoid security problems. Here, we aim to show that risk evaluation must be considered as a key enabler to foster collaboration between parties in a dynamic but yet secure manner. Taking this premise as a foundation, we are designing a methodology to assess risk. We also aim to integrate risk assessment with trust evaluation in order to aid in decision-making procedures, allowing the construction of flexible and dynamic IdM systems that are more suitable to be deployed in pervasive scenarios.