ISO IEC 19286:2018 pdf free.Identification cards一Integrated circuit cards一Privacy-enhancing protocols and services.
5.2 Data minimization
Data minimization refers to the property of reducing the amount of’ P11 being transmitted in a given transaction to exactly what is required from the point of view of the underlying business process the data is required for. The data minimization principle can he derived from the purpose specification and the proportionality principles.
The excessive release of user attributes as well as the establishment of non-required linkabilities between transactions is a main problem countering the data minimization principle1 Ior instance, conventional signature schemes, such as RSA, IJSA or elliptic curve use certificates, which may allow traceability of transactions if not deployed appropriately.
Realizing data minimization in practice does not only require the use of appropriate technology, but it also requires design of business processes to be data minimizing. Current business processes are defined with only the traditional technologies in mind and thus, have substantial shortcomings in terms of data minimization. Thus, implementing the data minimization principle requires the whole identity system to evolve. This document describes the technology that enables system designers to develop data minimizing solutions.
5.3 User control
User control of the release of user attributes refers to a user’s authority over which user attribute is released to which entities. This control over disclosure of attribute information is at the core of European data protection legislation and also of various large R&D projects in the security and privacy domain in Europe7). User control is also a key principle in the US-based NSTIC programH). Different strengths of user control related to the release of data can be achieved depending on the trust in the reader devices and online versus offline interaction.
The way a solution is realized from a technical perspective determines the degree of user control. A first class of use cases is characterized by the ICC being handed over and used in the device of the attribute recipient, while a second class is characterized by the user using their own device (e.g. computer or phone). As the user should be able to select the user attributes to be released in the transaction, a user’s own device may be considered more trusted.
Cryptographic technologies defined in this document can be used to enforce user control for the initial release of user attributes to a service provider. Though. in today’s complex value chains of online services, data need to be provided by service providers to third party service providers. Interactions between the service providers and third-party providers are out of scope of this document.
5.4 Data quality
Data quality relates to user attributes being accu rate and kept up to date and inaccurate or incomplete attributes are rectified or deleted. The correctness aspect of attributes has relevance in the reduction of cost, increasing efficiencies. and avoiding problems for both processing parties and citizens. Hence, data quality is the combination of’ organizational and technical measures. The approach adopted is to consider technical mechanisms for updating and improving the quality of data retained. Organizational elements are out of scope of this document.ISO IEC 19286 pdf download.