Wednesday, November 7, 2007

Mis-conceptions on Identity Providers

Jeff Bohren jumped on my post yesterday on self-issued cards not being more secure. I think this quote underlines a point he may be missing...
Let me give you a chilling example. Suppose a potential employer asks an Identity Oracle if Jeff can purchase firearms in the state of FL. If the Identity Oracle says no, then since Jeff would have already disclosed his age and lack of criminal record, the employer then would suspect that it is because Jeff has a history of mental illness and would probably decline to hire Jeff.
This is precisely what user-centric identity is all about. What's missing in Jeff's observations about this example is that he would be able to control whether the result of query "Can Jeff Purchase Firearms" gets propagated back to his employer. Further, Jeff might also be able to choose from a list of Identity Oracle's accepted by his employer enabling Jeff to overcome a bad/false report from one provider with an assertion from another provider. The idea that you Jeff, could stop the flow of information is truely revolutionary! In this case, Jeff, you would be able to intercept the negative report and take appropriate action (e.g. hire a lawyer). While you are disputing the negative report, your employer would not know the results until you choose to release them.

I have run across this particular scenario a number of times -- particularly where police clearances and security clearances are required. Another example is a student applying for medical schools in a state or province where the student must prove they have a clear criminal record. As things currently stand, the student is forced to give the school permission to run a criminal records check directly with appropriate law enforcement agencies. The problem with the current approach of not involving the applicant in the records check process, is that it cuts the applicant out of the loop and from knowing of a potentially erroneous report and poisoning their application. Assuming the security check results can't be modified, surely giving the application control over the delivery of the results is a huge benefit to the applicant and their privacy.

What these examples clearly show, is the value of a user-centric system that supports third-party asserted data that cannot be faked, modified, or self-asserted by the user and how it enhances user privacy.

No comments:

Post a Comment