450 likes | 616 Views
Identity Management. Information Technology Management. Orlando Moreno omoreno@hotmail.com 408.656.2498.
E N D
Identity Management Information Technology Management Orlando Moreno omoreno@hotmail.com 408.656.2498
IntroductionDigitizing personal information is changing our ways of identifying persons and managing relations. What used to be a ‘natural’ identity, is now as virtual as a user account at a web portal, an email address, or a mobile phone number. It is subject to diverse forms of identity management in business, administration, and among citizens. Core question and source of conflict is who owns how much identity information of whom and who needs to place trust into which identity information to allow access to resources. The objective of this presentation is not to bring the answer to the ultimate question ‘what is identity?’, - an almost impossible undertaking given the complexity and the constant evolution of the subject - but rather to present, more like on a journey, different angles that can be used to define this concept, in particular in the context of the Information Society.
DefinitionIdentity Management or IDM is a term related to how humans are identified and authorized across computer networks. It covers issues such as how users are given an identity, the protection of that identity and the technologies supporting that protection such as network protocols, digital certificates, passwords and so on. While the term management requires little explanation, the term identity is a more abstract concept that will always be difficult to define in a way that satisfies everyone. It is a concept that is fluid and contextual depending on a number of factors including culture.
Definition Thus the term management is appended to "identity" to indicate that there is technological and best practices framework around a somewhat intractable philosophical concept. Digital identity can be interpreted as the codification of identity names and attributes of a physical instance in a way that facilitates processing. In each organization there is normally a role or department that is responsible for managing the schema of digital identities of their staff and their own objects, these represented by object identities or object identifiers (OID).
Three perspectives on IdM In the real-world context of engineering online systems, identity management can involve three perspectives: • The pure identity paradigm: Creation, management and deletion of identities without regard to access or entitlements; • The user access (log-on) paradigm: For example: a smart card and its associated data used by a customer to log on to a service or services (a traditional view); • The service paradigm: A system that delivers personalized, role-based, online, on-demand, multimedia (content), presence-based services to users and their devices. omoreno@hotmail.com
The pure identity paradigm In most theoretical and all practical models of digital identity, a given identity object consists of a finite set of properties. These properties may be used to record information about the object, either for purposes external to the model itself or so as to assist the model operationally, for example in classification and retrieval. A "pure identity" model is strictly not concerned with the external semantics of these properties. omoreno@hotmail.com
Three perspectives on IdM The most common departure from "pure identity" in practice occurs with properties intended to assure some aspect of identity, for example a digital signature or software token which the model may use internally to verify some aspect of the identity in satisfaction of an external purpose. To the extent that the model attempts to express these semantics internally, it is not a pure model. Contrast this situation with properties which might be externally used for purposes of information security such as managing access or entitlement, but which are simply stored and retrieved, in other words not treated specially by the model. The absence of external semantics within the model qualifies it as a "pure identity" model. Identity management, then, can be defined as a set of operations on a given identity model, or as a set of capabilities with reference to it. In practice, identity management is often used to express how identity information is to be provisioned and reconciled between multiple identity models. omoreno@hotmail.com
The user access paradigm Identity management in the user "log-on" perspective may involve an integrated system of business processes, policies and technologies that enable organizations to facilitate and control access by their users to critical online applications and resources — while protecting confidential personal and business information from unauthorized access. It represents a category of interrelated solutions which system administrators employ towards managing user authentication, Access rights and restrictions, account profiles, passwords, and other attributes supportive of the roles/profiles of user in relation to applications and/or systems. Organizations have traditionally been less concerned with how users can verify the identity of service providers. The emergence of phishing attacks demonstrated that this must be considered as an integral part of the user access paradigm, otherwise users can not know which services they access. Petname systems have been proposed as a general approach to providing service provider identity management solutions. omoreno@hotmail.com
The service paradigm In the service paradigm perspective, where organizations evolve their systems to the world of converged services, the scope of identity management becomes much larger, and its application more critical. The scope of identity management includes all the resources of the company deployed to deliver online services. These may include devices, network equipment, servers, portals, content, applications and/or products as well as a user's credentials, address books, preferences, entitlements and telephone numbers. See Service Delivery Platform and Directory service. Today, many organizations face a major clean-up in their systems if they are to bring identity coherence into their influence. Such coherence has become a prerequisite for delivering unified services to very large numbers of users on demand — cheaply, with security and single-customer viewing facilities. omoreno@hotmail.com
Emerging fundamental points • IdM provides significantly greater opportunities to online businesses beyond the process of authenticating and granting access to authorized users via cards, tokens and webaccess control systems. • User-based IdM has started to evolve away from username/password and web-access control systemstoward those that embrace preferences, parental controls, entitlements, policy-based routing, presence and loyalty schemes. • IdM provides the focus to deal with system-wide data quality and integrity issuesoften encountered by fragmented databases and workflow processes. omoreno@hotmail.com
Emerging fundamental points • IdM embraces what the user actually gets in terms of products and services and how and when they acquire them. Therefore, IdM applies to the products and services of an organization, such as health, media, insurance, travel and government services. It is also applicable to means by which these products and services are provisioned and assigned to (or removed from) "entitled" users. • IdM can deliver single-customer views that includes the presence and location of the customer, single products and services as well as single IT infrastructure and network views to the respective parties. Accordingly, IdM relates intrinsically to information engineering, security and privacy. omoreno@hotmail.com
Emerging fundamental points • IdM covers the machinery (system infrastructure components) that delivers such services because a system may assign the service of a user to: a particular network technology, content title, usage right, media server, mail server, soft switch, voice mailbox, product catalog set, security domain, billing system, CRM, help desk etc. • It is equally important for users to correctly identify and authenticate service providers as it is for service providers to identify and authenticate users. This aspect has largely been ignored during the early development of identity management, but will have to be taken seriously in the future. • Critical factors in IdM projects include consideration of the online services of an organization (what the users log on to) and how they are managed from an internal and customer self-care perspective. omoreno@hotmail.com
Issues with IdM • The management of identity raises a certain number of issues, such as privacy issues that may lead to the implementation of a surveillance society, or risk related to the stealing of identity (identity theft). • The advent of the social web, and in particular the important development of online social networking services, for which the management of their identities of their members represent a core element of these systems, also create a certain number of risks related to the disclosure of personal information, and in particular in losing an individual's privacy. omoreno@hotmail.com
Addressing the identity issues First, it is important to note that the people, and in particular the young people (15-25), are well aware of the risks towards eID enabled services. More specifically young people: • are often very knowledgeable about these systems (web 2.0) that they use frequently and for a long time • have a high level of perception of risk associated to these tools omoreno@hotmail.com
Addressing the identity issues Addressing these different issues may be done only by legislation or via the use of technical systems, but have to combine the different dimensions such as: • legal. With the data protection legislation or human rights legislation (Pounder 2009). • technical. Using for instance with the use of Privacy enhancing technologies. • security. Including socio-psychological aspects (social engineering). • police (i.e. Forensics). omoreno@hotmail.com
Virtual Persons and Identities What is a virtual person? The concept of virtual person has been extended in order to better describe and understand new forms of identities in the information society in relation to rights, duties, obligations and responsibilities. What is it used for? What is its added value? Virtual persons, as other virtual entities, exist in the virtual world, the collection of all (abstract) entities, which are or have been the product of the mind or imagination. The virtual world –not to be confused with the digital world– allows a unified description of many identity-related concepts that are usually defined separately without taking into consideration their similarities: avatars, pseudonyms, categories, profiles, legal persons, etc. omoreno@hotmail.com
Emerging Technologies The domain of ‘identity’ is fast evolving, something that is to a large degree driven by the evolution of technology. As such, the emphasis of this Work Package is on ‘emerging technologies’, i.e. those technologies or applications of technology which have not yet reached commercial critical-mass, but may in the future prove to have a significant impact in the identity field. One specific area of interest is that of ICT implants. The increasing commercialization and growing potential of human ICT implants has generated debate over the ethical, legal and social aspects of the technology, its products and application. A lot of discussion is to be made about the security and privacy implications of human ICT implants that are used both in a medical context and for authentication and identification purposes, that can hold or transmit personal data, and which could ultimately be used for human enhancement. omoreno@hotmail.com
Mobility and Identity While identity management systems for the Internet are debated intensively, identity management in mobile applications has grown silently over the last 17 years. Technologies, such as the still-growing Global System for Mobile Communication (GSM) with its Subscriber Identity Module (SIM) identification infrastructure, are foundations for many new mobile identity management related applications and services. This includes location-based services (LBS), offering customized and convenient services to users (e.g., friend finder applications) and new revenue opportunities for service providers (e.g., location-based advertising). omoreno@hotmail.com
Mobility and Identity However, even though the opportunities seem to be endless and technology manageable, challenges arise when looking at advanced aspects of mobility and identity such as privacy, regulation, the socio-cultural aspects, and the economic impacts. To this regard, the interdisciplinary nature of mobility and identity is imminent and needs to be explored further. By learning from the diverse field of challenges, new mobile communication systems can be created, allowing for more privacy-preserving service provision and a more transparent handling of mobile identities. omoreno@hotmail.com
Approaching Interoperability for Identity Management Systems (IdMS) • Establishing interoperable systems is a complex operation that goes far beyond the technical interconnectedness of databases and systems. • Interoperability emerges from the need to communicate data across different domains for a specific purpose. • Transferring the data may represent a technical challenge because of different protocols, standards, formats and so forth. • However, the most difficult challenge lies in reconciling and aligning the purpose, use and other changes consequent on transferring that data. • Changes in data ownership and custodianship have an effect on power structures, roles and responsibilities and on risk. omoreno@hotmail.com
Profiling and AmI • Some of the most critical challenges for ‘the future of identity in information society’ must be located in the domain of automated profiling practices. • Profiling technologies enable the construction and application of group profiles used for targeted advertising, anti-money laundering, actuarial justice, etc. • Though automated profiling seems to provide the only viable answer for the increasing information overload and though it seems to be a promising tool for the selection of relevant and useful information, its invisible nature and pervasive character may affect core principles of democracy and the rule of law, especially privacy, autonomy and non-discrimination. omoreno@hotmail.com
Profiling and AmI • Starting with an analysis and inventory of profiling practices, mayor attention has been given to profiling as the enabling technology of the vision of Ambient Intelligence. • In response to these challenges detected we have suggested novel types of protection next to the existing data protection regimes. • Instead of focusing on the protection of personal data, these novel tools focus on the protection against invisible or unjustified profiling. • Instead of focusing on law and technology as separate instruments, we have suggested the integration of legal protection into the technological infrastructure that affords profiling. omoreno@hotmail.com
Profiling and AmI • This has been presented as a vision of Ambient Law, complementing the vision of Ambient Intelligence. • Special attention has been given to the idea of transparency tools that should enable European citizens to check how their behaviors match with the profiles ‘owned’ and applied by data controllers and how this may affect their everyday life. • That should allow a citizen to decide which of their data they want to hide, when and in which context. • Instead of focusing only on data minimization, we advocate a complementary focus on minimization of the knowledge asymmetry, brought about by profiling practices. omoreno@hotmail.com
Identity-related Crime: Emerging Challenges for Policy and Research • With the ever increasing importance of identity and identity management in the information society, identity-related crime is also on the rise. • Combating crimes like identity theft and identity fraud is a key challenge for policy makers. • It is necessary to be aware of the various forms of identity-related crime: identity fraud (including identity ‘theft’), unlawful identity obstruction, and unlawful identity restoration. As well as, relevant socio-economic, cultural, technical, and legal aspects of identity-related crime, including potential countermeasures. omoreno@hotmail.com
Forensics • Within forensic science, identifying perpetrators is one of the key functions of forensic science, and given the increasing importance of identity management, identity forensics is a major field of study in the information society. • The term forensic, as used in this presentation, refers to information that is used in court or other dispute resolution procedures as evidence. • Such information can be extracted from identification management systems. • This evidence can be very strong, however some limitations are apparent. For example, one should always investigate if identity change has been committed. Experiments have been conducted with a wide range of biometric equipment to forge the biometric features, and in many cases it was possible. omoreno@hotmail.com
Forensics • The use of forensic profiling is not used as much as was expected, since there are many limitations on the use of finding profiles of suspects within raw data from different sources. • Concerning images, limitations exist with facial images, either due to compression and aging, where it is more difficult to identify a person. • Also with images possibilities exist to link a camera with an image. • Since many new developments appear in this field, it is necessary to update the legislation regularly in order to protect the privacy of the citizens, and also to have possibilities to use the data in severe cases for solving crimes. omoreno@hotmail.com
Privacy in Business Processes • The current mainstream approach for users to protect their privacy is to control the disclosure of their personal data, thus minimizing the risks of privacy violations such as unwanted data disclosure and profiling. To this end, Privacy Enhancing Technologies (PETs) provide anonymity on the application and network layers, support pseudonyms, and help users to disclose their personal data in a controlled manner using, e.g., identity management systems. • However, today’s electronic services (such as in the health or the government sectors) require more and more personal data, which needs to be shared between partners. Thus, the current approach based on controlled data disclosure needs to be extended with mechanisms controlling how data is used once it has been released (“usage control”). • In cases where violations cannot be prevented, a reliable mechanism to detect violations after the fact is necessary. omoreno@hotmail.com
e-government • First, the cooperation among the large number of disparate entities is compared with so-called ‘circles of trust’, whereby identity and service providers have to agree on procedures and conclude agreements, including on the allocation of their roles and responsibilities, within the government context. • Furthermore, the use of authoritative sources, the importance of an authorization management and the authentication and assurance mechanisms will be further discussed as basic legal approaches for privacy-friendly IMS. • Finally, basic technologies, as well as various advanced technical approaches, that support the fulfillment of these requirements, will also be touched upon and briefly presented. omoreno@hotmail.com
Identity REvolution • The identity revolution is happening. Who are you, who am I in the information society ? • In recent years, the convergence of several factors – technological, political, economic – has accelerated a fundamental change in our networked world. • On a technological level, information becomes easier to gather, to store, to exchange and to process. • The belief that more information brings more security has been a strong political driver to promote information gathering since September 11. omoreno@hotmail.com
Identity REvolution • Profiling intends to transform information into knowledge in order to anticipate one’s behavior, or needs, or preferences. It can lead to categorizations according to some specific risk criteria, for example, or to direct and personalized marketing. • As a consequence, new forms of identities appear. They are not necessarily related to our names anymore. They are based on information, on traces that we leave when we act or interact, when we go somewhere or just stay in one place, or even sometimes when we make a choice. They are related to the SIM cards of our mobile phones, to our credit card numbers, to the pseudonyms that we use on the Internet, to our email addresses, to the IP addresses of our computers, to our profiles… • Like traditional identities, these new forms of identities can allow us to distinguish an individual within a group of people, or describe this person as belonging to a community or a category. omoreno@hotmail.com
How far have we moved through this process ? • The identity revolution is already becoming part of our daily lives. People are eager to share information with their “friends” in social networks like Facebook, in chat rooms, or in Second Life. Customers take advantage of the numerous bonus cards that are made available. Video surveillance is becoming the rule. In several countries, traditional ID documents are being replaced by biometric passports with RFID technologies. • This raises several privacy issues and might actually even result in changing the perception of the concept of privacy itself, in particular by the younger generation. In the information society, our (partial) identities become the illusory masks that we choose – or that we are assigned – to interplay and communicate with each other. Rights, obligations, responsibilities, even reputation are increasingly associated with these masks. On the one hand, these masks become the key to access restricted information and to use services. On the other hand, in case of a fraud or negative reputation, the owner of such a mask can be penalized : doors remain closed, access to services is denied. Hence the current preoccupying growth of impersonation, identity-theft and other identity-related crimes. omoreno@hotmail.com
Ambient Intelligence – puttingthe machines in control • Ambient Intelligence (AmI) is a development of Information Communication Technology which seamlessly integrates intelligent devices into the environment. If the current visions of Ambient Intelligence come true, then we will move to an age where we equip our entire environment with the ability to ‘think’ on its own and to make ‘smart’ decisions for us. The aim of the Ambient Intelligence (AmI) environment is to provide a context-aware system, using unobtrusive computing devices, which will improve the quality of people’s lives by acknowledging their needs, requirements and preferences and thus acting in some way on their behalf. • The concept of AmI obviously refers to something that is more than just science fiction, but it is still unclear to what extent it indicates an already unfolding reality. Although it is impossible to predict if and in particular how this evolution towards AmI will take place, we can see many emerging technologies, supported by standardization, social acceptance and legal frameworks, which could facilitate AmI. omoreno@hotmail.com
Ambient Intelligence – puttingthe machines in control • The decrease in cost of these emerging technologies as well as the emergence of customers that are willing to pay for the services that can be provided seems to increase the likelihood that at least some kind of AmI practices will surface. Besides these supporting and enabling technologies, techniques of user modeling and profiling are already widely-spread, providing customers with enhanced, personalized and customized services (e.g. Amazon’s customized suggested purchases or customization of financial offers such as insurance quotes). Equally, there seems to be a smooth connection between targeted advertising, location-based services and ambient intelligence. omoreno@hotmail.com
Use and Abuse of Biometric Data and Social Networks • Biometrics refers to the automatic recognition of individuals based on their physiological and/or behavioral characteristics. Physiological characteristics such as fingerprints have been used for identification purposes since the 19th century. Also the signature as an example of behavioral characteristics has been used for authentication purposes for centuries. • With technological advancement, new characteristics such as a person’s keystroke pattern or the possibility of a DNA analysis have evolved. Citizens worldwide are growing accustomed to the collection of two biometric characteristics, i.e. fingerprints and biometric picture, as these are implemented in machine readable travel documents (MRTD) issued according to ICAO standards. omoreno@hotmail.com
Use and Abuse of Biometric Data and Social Networks • Private companies have been developing new services concerning biometrics too. For more than 3,000 diseases, among them breast cancer,Alzheimer’s disease, mucoviscidosis, and Huntington’s chorea, genetic reasons are known and companies offer genetic tests to detect genetic loading with regards to such diseases. • With such information available, genetic profiling would be possible, for example by insurance companies which impose the contractual duty for their customers to report previous diseases, known dispositions and other circumstances allowing conclusions regarding future illnesses. omoreno@hotmail.com
Use and Abuse of Biometric Data and Social Networks • In the future we may see a development where individuals may benefit from lower insurance rates, or on the contrary may not find a company willing to offer them insurance coverage based on their genetic predisposition. • As a new service, companies have also started to offer genealogical research based on DNA tests. The aim is to determine the geographical origin of customers and to find other descendants of joint ancestors. • These new emerging social or rather genetic networks revolve around the common interest of shared ancestry. While in these cases the use of DNA as identifying information cannot be changed by the user, social networks usually offer the possibility to create a partial identity : a profile describing the user, her interests and often her social contacts. omoreno@hotmail.com
Powering the profile : Plugging into the Grid • The Matrix may be thought of as the future of virtual reality, but the Grid, a high performance distributed computing infrastructure, has been conceived as the future of collaborative problem-solving. • In the same way that the World Wide Web opened up content, the Grid will not only open up storage and processing power, but resources (e.g. computational, informational) in general. Allowing for the communication of heterogeneous geographically dispersed resources, the Grid brings a new era in collaboration and decision-making. • The Grid can offer transparent and instant access to data of different formats, obtained by sensors or the result of simulations or processing, either publicly available or with restricted access, combined from multiple sites, either permanent or (non) periodically updated, serving various purposes. omoreno@hotmail.com
Powering the profile : Plugging into the Grid • Moreover, through the computational power offered by the Grid Infrastructure, computationally complex tasks can now be fulfilled within a satisfying timeframe. • The Grid is a potential solution to the great need for computational resources in the application of profiling techniques in real world cases, and primarily in large scale ones requiring secure information exchange among different trusted entities in real-time. omoreno@hotmail.com
Human enhancement, robots, andthe fight for human rights • Human enhancement is on the rise. ‘Enhancement’ involves a multitude of ways and technologies by which human beings enhance their looks, abilities, features, or functions. It ranges from plastic surgery to chip-enhanced cognition in cyborgs. The distinguishing feature of enhancement is that it aims to improve human functioning above ‘normal’ or ‘average’. • There is a grey area in which health care meets enhancement – ‘getting well’ seamlessly moves into ‘getting better’. This grey area moves over time, depending for example on cultural views. • Besides enhancement, another interesting development is robotics and artificial intelligence. Machines are becoming more autonomous, and software is becoming ‘smarter’. Also, robots begin to look more and more omoreno@hotmail.com
Human enhancement, robots, andthe fight for human rights • Besides enhancement, another interesting development is robotics and artificial intelligence. Machines are becoming more autonomous, and software is becoming ‘smarter’. Also, robots begin to look more and more like humans, by using materials that mirror human looks, or by adding features that can make a robot look human in terms of facial expressions like smiling or raising eyebrows. If the ‘humanoid’ robot is equipped with artificial intelligence – and thus acquires more autonomy through emergent behavior – the vision of an android might become a reality. • While the prevalence of new ‘emerging technologies’ resulting from the convergence of fields such as nanotechnology, biotechnology, ICT, cognitive science, robotics, and artificial intelligence will undoubtedly increase, it is impossible to predict how far and how fast these developments will go. omoreno@hotmail.com
Questions Orlando Moreno omoreno@hotmail.com 408.656.2498 omoreno@hotmail.com