Managing - PowerPoint PPT Presentation

1 / 22
About This Presentation
Title:

Managing

Description:

St. Joseph's Hospital, Hamilton. Residence: McMaster University. Workplace: City of Hamilton, Public Works Dept. ... Determines the legitimacy of an entity's ... – PowerPoint PPT presentation

Number of Views:48
Avg rating:3.0/5.0
Slides: 23
Provided by: mohamed81
Category:
Tags: managing

less

Transcript and Presenter's Notes

Title: Managing


1
Peter Topalovic
May 14, 2008
Managing Protecting
Digital Identity
2
Outline
  • What is Digital Identity? A Working Definition
  • Digital Identity Applications and Threats
  • Central Question and Anticipated Findings
  • Discussion of Findings
  • Policy Implications and Group Discussion

3
My ID
Name Peter Topalovic Student Number
9813608 Age 29 Hair Colour Black Birth date
April 14, 1979 St. Joseph's Hospital,
Hamilton Residence McMaster University Workplace
City of Hamilton, Public Works Dept. Interests
hiking, camping, swimming, skiing, travel,
politics Financial Information? Websites I
visited yesterday? My favourite food?
4
Digital Identity
A Working Definition
  • Digital representation of a persons real world
    identity
  • IDENTIFIER
  • Unique property of the person/entity
  • Links to other properties of the entity
  • AUTHENTICATOR
  • Determines the legitimacy of an entitys claim to
    their identity

5
Digital Identity
Applications
  • Physical ID
  • Identifier and authenticator are bundled together
  • Visual authentication
  • Digital ID
  • Unbundled
  • Physical to Binary Data
  • Meaningful information about the individual is
    lost
  • Drivers license renewal

6
Digital Identity
  • Threats and Abuses
  • Programming errors and holes in the security
    system (ie. Ebay)
  • Phishing and fake websites
  • Surveillance
  • Digital surveillance using cookies, user
    profiling, and click history
  • Identity Creep
  • Collected data used for an unintended purpose
    (Google)
  • Competing Interests
  • Market pressures encourage the bundling of
    information
  • Privacy advocates and users encourage unbundling
  • Driving Forces for improved digital ID
    technologies
  • Preventing Fraud, Identity Theft and Terrorism
  • E-health and E-government initiatives
  • Gain users trust and increase market-share
  • Improve the user experience and service delivery

7
Central Question
How can a persons digital identity be managed
and protected?
Physical ID Technologies
Digital ID Management
Privacy Security
Policies, Accountability Auditing
8
Anticipated Findings
How can a persons digital identity be managed
and protected?
Physical ID Technologies
Digital ID Management
Privacy Security
Policies, Accountability Auditing
9
Physical ID Technologies
Radio Frequency Identification (RFID)
Smart Card Encrypted Data Storage Storage of
biometric authenticators
Biometrics
10
Anticipated Findings
How can a persons digital identity be managed
and protected?
Physical ID Technologies
Digital ID Management
Privacy Security
Policies, Accountability Auditing
11
Digital ID Management
Identity Fragmentation
  • Current Situation
  • Many independent profiles
  • Information Bundling and Over-collection
  • User inconvenience
  • Drivers for ID management
  • Single Sign-on
  • Access multiple services with one authentication
    process

12
Digital ID Management
Advantages Disadvantages
  • Federated and Open systems

13
Anticipated Findings
How can a persons digital identity be managed
and protected?
Physical ID Technologies
Digital ID Management
Privacy Security
Policies, Accountability Auditing
14
Policy Legislation
  • Current Identity Management is like a walled city
  • Walls protected citizens from outside threats.
  • Today security Issues, lack of trust, privacy
    concerns threaten computer networks
  • Policy Gap arises when new technologies are
    introduced
  • Modern cities establish trust between
    stakeholders
  • Financial systems policies avoid barriers and
    increase accessibility.
  • Computer networks are not yet like modern cities
  • Policies are required bring down barriers
  • Will reduce the cost of protection

15
Policy Legislation
Current Data Protection Policy
  • PIPEDA
  • (Canadian Personal Information Protection and
    Electronic Documents Act , 2000)
  • Protects personal information by adhering to
    privacy policies
  • If data is compromised, the user must be notified
  • ? perceived credibility
  • Technology neutral
  • Principles aim to reduce the instances of data
    mining surveillance
  • ISSUES
  • Not well adapted to new threats such as spyware,
    computer systems security and new government
    anti-terrorism legislation
  • The Right to Challenge Adherence to the law is
    Reactive A complaint-based system which could
    treat fringe rather than root issues.

16
Policy Legislation
Privacy-Embedded Policy
Laws of Identity Informed consent Minimal
disclosure Data protection Accountability Clear
understanding Consistency
  • Identity Layer of the Internet (Kim Cameron)
  • Incorporate Privacy Considerations into the
    Design of technologies
  • Policies embedded in technology
  • Enables various identity management systems to
    interact with one another
  • Gives the user control over their personal data.
  • Requires transparency and accountability
  • Proactive vs. Reactive
  • Auditing is built in and automated to ensure
    compliance rather than via complaint mechanism

17
Policy Legislation
Privacy-Embedded Policy
18
Digital ID Implications
Is there a balance between privacy and security?
Physical ID Technologies
Digital ID Management
Privacy Security
Policies, Accountability Auditing
19
Digital ID Implications
Policy Discussion
Windleys Privacy, Security, Identity Triangle
Users want privacy data protection
Companies law enforcement want secure digital
network

Control and trust must be balanced Too much
control will deter the user from trusting the
service Gmail and the Policy Gap that exists!
20
Digital ID Implications
Policy Discussion
  • Policy Recommendations
  • Establish practices that result in transactions
    based on mutual trust
  • Technological Standards need to be developed to
    balance privacy and security
  • Privacy embedded design should be encouraged
  • Recognition that identity technologies are not
    perfect
  • Social considerations should be balanced with
    technological solutions to prevent issues with
    personal privacy
  • Business case for privacy enhancing technologies
    and policies
  • Promote voluntary policy governance based on the
    business case


21
Digital ID Implications
Policy Discussion
Privacy will be to the information economy of
the next century what consumer protection and
environmental concerns have been to the
industrial society of the 20th century Beslay
and Clements

22
Peter Topalovic
May 14, 2008
Thank you. Any Questions?
Managing Protecting
Digital Identity
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Managing" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!