Architecting Interoperable Privacy within User-Centric Federated Digital Identity Systems: Overview of a Service-Oriented Implementation Framework

With the emergence of service-oriented economy, distributed systems and cloud computing, thus the development of service oriented architecture and the adoption open standards become a mean to assure interoperability. Privacy could play a key role for digital identity protection and security. We suggest an implementation framework, Privacy-as-a-Set-of-Services (PaaSS) framework, which could help information system’s security team to implement digital identity privacy requirements into a set of services. The framework relays on the idea that digital identity privacy business interoperability should be taken into consideration from the outset of the project in order to be able to provide technical interoperability. Business interoperability is a set of requirements that are drawn from global, domestic and business-specific privacy policies, however, technical interoperability is offered through the adoption of open standards and implementation of a set of services and service’s interfaces that could accommodate SOA. The framework is in accordance of model-driven architecture (MDA) approach and it is composed of five layers and three mapping gateways. Inter- & intra-layers iterations are consequence of SOA delivery lifecycle and strategies alignment.