Ontology-based risk evaluation in user-centric identity management

Recent trends in the area of identity management have evolved from a traditional identification solution to a distributed user-centric identity management mechanism. The major goal of user-centric identity management is to enable the users to have control over their own digital identities. Even though existing identity management systems attempt to offer user-centricity where users possess complete control on their identity disclosure, however, it does not signify the consequences of the users' behavior. It is necessary to assist the users on the risk involved in disclosing their identity attributes. In this paper, we propose a risk-aware mechanism to help the users decide the degree of identity disclosure risk using ontology-based evaluation and privacy preference evaluation. We demonstrate the feasibility of our approach on dynamic online social networks where the user's identity plays a major role for access control and privacy management.