IBM Research Launches Innovative Cloud-Based Personal Data Protection Technology

IBM researchers today announced the launch of a new cloud technology that will help consumers strengthen the protection of their personal data on the Internet.

A technology called Identity Mixer uses a cryptographic algorithm to encrypt such verified user credentials as his age, citizenship, address and credit card number. Through the use of this technology, the consumer will be able to transfer to the third party only the necessary amount of personal information. Identity Mixer can also be used in an electronic wallet, in which there is account information confirmed by a trusted third party, in particular information from electronic identity cards. It is important to note that the party issuing the document does not receive any information about how and when the data is used.

“Identity Mixer enables users to choose which data to provide and to whom,” said Christina Peters, IBM's director of privacy protection. - Thanks to this technology, web service providers can reduce their own risks and increase customer confidence in the resource. In addition, the new solution is in the cloud, which greatly simplifies the programming process for developers. ”

According to comScore, an average person spends about 25 hours a month on the Internet *, having access to dozens of different Internet services, including: social networks, banking and online trading sites. For almost every site, the user needs to create his own profile with a username and password or with a cryptographic key for increased security. Despite the fact that such tools provide a sufficient level of security in solving many problems, they usually do not guarantee the protection of confidential user information, which leads to the disclosure of an excessive amount of personal data, falling into the wrong hands is fraught with serious consequences.



As an example, consider a video streaming service that offers movies with age restrictions. In order to watch a movie recommended for people over 12 years old, Alisa needs to confirm that she is already 12 years old and lives in a certain region. To complete this task in the usual way, Alice will need to enter the full date of birth and all the details of her address, but this will lead to the disclosure of a large amount of personal information. Identity Mixer is able to confirm that Alice is already 12 years old without disclosing the month, date and year of her birth, and show that she lives in the region where the services are available. In addition, even if the service is hacked, Alice’s personal data will be safe.
If Alice needs to use a credit card to buy a movie, the video streaming service in the same way can only find out that Alice’s card is valid and you can use it to pay. The full card number and expiration date are not disclosed.



Identity Mixer, previously available for download and working on smart cards, is now available for developers as a convenient web service on the IBM Bluemix platform - an open cloud solution like PaaS, combining the strengths of IBM software, third-party and open technologies. Starting in spring, BlueMix subscribers will be able to use Identity Mixer to optimize their applications and web services. Using a convenient drop-down menu, developers can select the types of data that they would like to protect, and BlueMix in turn will provide code that can then be embedded in their resource.
“Identity Mixer is the result of more than ten years of research, the main purpose of which was to minimize the disclosure of identification data. At the moment, this solution is ready for use in operations on both PC and mobile devices, ”said Dr. Jan Kamenisch, a cryptographer from IBM Research and co-author of Identity Mixer.

“We tried to ensure that each user could control the amount of personal data that he wants to provide about himself,” said Dr. Anna Lisyanskaya, co-author of Identity Mixer and professor of computer science at Brown University. - Thanks to the new cloud solution, developers have at their disposal a powerful cryptographic tool to protect personal data. "Identity Mixer is a piece of software that can be integrated into a credential management system in order to eliminate the possibility of violating the confidentiality of information."

European and Australian pilot projects to demonstrate Identity Mixer capabilities

To demonstrate the capabilities of the new cloud-based version of Identity Mixer, IBM scientists, together with scientific and industrial partners in Europe and Australia, are implementing a pilot project called Authentication and Authorization for Entrusted Unions (AU2EU). Over the two years of the program, worth € 8.6 million, scientists will experience the Identity Mixer in two applications: the German Red Cross and the State Association for Scientific and Applied Research (Australia's national science agency).

The German Red Cross is the main center for emergency telephone assistance and social services for citizens in the regions of Germany, providing specialized services to the population around the clock, in particular, emergency rescue operations, assistance with mobility, housekeeping and medical treatment. The organization employs about four million volunteers and professional staff in 52 hospitals and more than 500 nursing homes around the world.

As part of the pilot program, home-based activity monitoring and health and health indicators were provided to 20 Red Cross patients in southwestern Germany. Data collected from these devices was transmitted to a dedicated cloud server, where information was analyzed in order to determine the type of assistance needed. In addition, representatives of the Red Cross received mobile devices to collect and register confidential customer data, including medical records, information on medications taken and contacts of relatives, for the subsequent conclusion of a service contract. Identity Mixer will be used to protect the privacy of personal information. The project was implemented jointly with NEC Europe and Tunstall Healthcare. **



“For over 150 years, our main task has been to help victims of conflicts and natural disasters, as well as other vulnerable groups of the population, including supporting people during illness at home, while moving and transporting. New technologies are playing an increasingly important role in achieving this goal, especially for home alarm systems, ”said Caroline Greiner, Regional Manager of the German Red Cross in the Rhine-Neckar and Heidelberg. - Here we offer services to senior citizens so that they can stay at home in a comfortable and familiar environment. The confidentiality technology tested during the project should guarantee the provision of the most qualified assistance and ensure reliable protection of the personal data of our clients at the highest level.

The second pilot project aims to improve Australian agricultural productivity and increase the export trade of related products without viral infections, especially in animals. To prevent viruses from spreading and spreading, the Australian Government, together with key partners, has developed a contingency plan to respond quickly to an outbreak. This plan involves the combined efforts of state, educational and other research organizations, as well as industry partners, to create a safe, reliable and interactive environment for decision-making. Identity Mixer will ensure the timely exchange of confidential information between collaborating partners, regardless of the distance between them.

“The speed of response to cases plays an important role in saving the lives of people or animals,” says John Zeke, principal researcher at CSIRO. “Thanks to the use of modern technologies in the framework of this project, we expect to deal more quickly with new challenges, while maintaining the high levels of security, confidentiality and trust necessary for effective work.”

“Identity Mixer is an excellent example of how current legislation on the protection of personal data around the world should not suppress innovation. New solutions can strengthen privacy protection with tools that are more convenient to use and accessible to providers, ”Peters adds.

You can try the system in demo mode here .

AU2EU is a union of industrial and scientific partner organizations throughout Europe and Australia, including the Eindhoven University of Technology, Philips Electronics Nederland BV, Bicore Services BV, NEC Europe Ltd, IBM Research Center, German Red Cross, Thales Communications & Security SAS, State Association Scientific and Applied Research, Edith Cowan University, Royal Melbourne University of Technology, University of New South Wales and Macquarie University. Further information is available at www.au2eu.eu .

Stay tuned for an Identity Mixer discussion featuring IBM scientists and science experts on Twitter using the hashtag #identitymixer

* Source: ComScore MMX, December 2012 World. Age 15+.
** Tunstall Healthcare is not part of AU2EU, but provides telemedicine consultations for Deutsches Rotes Kreuz.