A Public Comment on NCCoE's White Paper on Privacy-Enhancing Identity Brokers
نویسندگان
چکیده
The National Cybersecurity Center of Excellence (NCCoE) (in the United States) has published on October 19, 2015, a white paper on “privacy-enhanced identity brokers.” We present here a reply to their request for public comments. We enumerate concerns whose consideration we find paramount for the design of a privacy-enhancing identity brokering solution, for identification and authentication of citizens into myriad online services, and we recommend how to incorporate them into a revised white paper. Our observations, focused on privacy, security, auditability and forensics, are mostly based on a recently published research paper (PETS 2015) about two nation-scale brokered identification systems.
منابع مشابه
A Privacy-Enhancing e-Business Model Based on Infomediaries
Rapid evolution of Internet may largely depend on gaining and maintaining the trust of users. This possibility may especially rule enterprises, whose financial viability depends on electronic commerce. Neither customers will have the time, the ability or the endurance to work out the best deals with vendors, nor will vendors have time to bargain with every customer. In order for customers to st...
متن کاملPublic Online Services at the Age of MyData: a New Approach to Personal Data Management in Finland
MyData is a framework and model for a human-centric approach for managing and processing personal information in the context of online services. The MyData approach is based on the right of individuals to access all data collected about them in public and commercial records. The core principle driving the MyData effort is that individuals should be in control of their own data. The MyData appro...
متن کاملEnhancing information lookup privacy through homomorphic encryption
Revealing one’s interests in communication has been recognized as a growing problem in the Internet. We postulate that it is desirable for future information retrieval systems to provide privacy in both what information is requested and what information is received, without raising obstacles to the deployment of accounting and access control mechanisms. This paper outlines a solution that fulfi...
متن کاملPrivacy policy and PETs: The influence of policy regimes on the development and social implications of privacy enhancing technologies
Privacy” is an ambiguous notion, encompassing personal autonomy, democratic participation, identity management, and social coordination. Each of these privacy ideals reflect different sets of social concerns. Laws operationalize privacy in terms of “personally identifiable information.” Technologies reify that definition. This has implications for the constitution of identity and social life. I...
متن کاملFair Processes for Priority Setting: Putting Theory into Practice; Comment on “Expanded HTA: Enhancing Fairness and Legitimacy”
Embedding health technology assessment (HTA) in a fair process has great potential to capture societal values relevant to public reimbursement decisions on health technologies. However, the development of such processes for priority setting has largely been theoretical. In this paper, we provide further practical lead ways on how these processes can be implemented. We first present the misconce...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1611.02968 شماره
صفحات -
تاریخ انتشار 2016