identity management in a federated environment identity protection and management conference...
TRANSCRIPT
Identity Management In A Federated EnvironmentIdentity Protection and Management ConferencePresented by
Samuel P. Jenkins, Director
Defense Privacy and Civil Liberties Office
April 2010
2
Presentation Outline
Success factors for identity federation and relation to privacy
Fair Information Practice Principles for Identity Management Systems
Core Information Privacy Concerns Privacy Design Considerations
Identity Federation Goal
Enable users to securely access data, systems, or applications of another domain seamlessly and without the need for completely redundant user administration
3
Identity Federation Basis for Success
Agreement on root identities Trust
Between domains Between domain and individual
5
Domain Trust Information sharing agreements
Purpose and authorities Training Data correction and deletion Breach notification
Baseline security requirements Access credentialing/Access controls Technical safeguards
7
Individual Trust One person, one identity Accuracy and timeliness Controlled information sharing IT Security
8
Fair Information Practice Principles
9
Source: Organization for Economic Cooperation and Development
Principle Description
Security safeguards Personal information should be protected with reasonable security safeguards against risks such as loss or unauthorized access, destruction, use, modification, or disclosure.
Openness
The public should be informed about privacy policies and practices, and individuals should have ready means of learning about the use of personal information.
Individual participation Individuals should have the following rights: to know about the collection of personal information, to access that information, to request correction, and to challenge the denial of those rights.
Accountability
Individuals controlling the collection or use of personal information should be accountable for taking steps to ensure the implementation of these principles.
Fair Information Practice Principles
10
Fair Information Practice Principles
for Identity Management Systems
Principle DescriptionDiversity and decentralization
Resist centralizing identity information or using a single credential for multiple purposes.
Proportionality
The amount, type, and sensitivity of identity information collected and stored by an identity management system should be consistent with and proportional to the system’s purpose.
Privacy by design Privacy considerations should be incorporated into the identity management system from the outset of the design process.
Core Informational Privacy Concerns
Observability The possibility that others (potential
observers) will gain information. Linkability
The potential to link between data and an individual as well as potential links between different data sets that can be tied together for further analysis.
11
Privacy Design Considerations
Determine whether identity is necessary
Identify risks Discourage unnecessary linkages Implement security during design Adopt trust-enhancing measures
12