Author(s)

M. Kost, P. Fomin

Abstract

First responders to natural disasters can assume the responsibilities of distinctly different roles spanning medical, law enforcement, and volunteer professions. Their identity and related attributes must be correctly defined and discoverable in any system designed for working with disaster data that may contain sensitive information such as health care records and official use only data to ensure that only authorized users access this information. The problem is further exacerbated by lack of federal or industry-proven identity management standards for mobile devices as they are becoming more relied upon these days. Many frameworks have been proposed to address the dynamic nature of identity management during disaster response but none systematically analyse security and privacy risks. This research seeks to develop a first order risk assessment tool identifying a core set of design factors to assess a systems ability to mitigate security and privacy risks that also accounts for the mobile aspects of the system.

Keywords

risk analysis, mobile, heterogeneous, disaster response, dynamic IdAM, privacy, confidentiality, integrity