Advertisment

The Evolution of Online Identity

author-image
PCQ Bureau
New Update

We need only juxtapose the physi­cal and cyber worlds to see the need for

improved online iden­tity systems. In the physical world, identity is based on

social custom, followed by the creation of iden­tity documents and derivative

identity documents. By way of example, a child will likely be named at birth,

which is when his or her first identity document-the birth certificate-will be

created. This document is later used to create additional public- and

private-sector identity documents: when the child is ready to drive, he or she

will produce that birth certifi­cate to get a driver's license; when the child

wants to open a bank account, the bank will use that driver's license to “know

their cus­tomer,” open an account, and issue a bank card; when that child wants

to travel overseas, the post office will ask for two forms of identity, the

birth certificate and the driv­er's license (which, of course, was issued based

on the birth certifi­cate) before issuing a passport.

Advertisment

Compare this process to the one we use to create an Internet “identity.” This

same person will go to a Web site and enter “se­cret” data (such as his birth

date and mother's maiden name), the recipient Web site will verify this data

with a third party, and iden­tity will be established. The prob­lem, of course,

is that this “secret” data is not secret at all: many people have access to this

infor­mation and could inappropriately use it to “authenticate” themselves as

this person. It becomes clear, therefore, that if we want to apply solutions

from the physical world to problems of identity on the Internet, we must create

digital Internet identities that are based on in-person proofing (IPP) and the

issuance of true secrets (digi­tal certificates) that permit unique

identification claims. With these tools in place, people can assert identity or,

even better, identity attributes (such as age or residen­cy), enabling other

people and organizations to more safely trust that information. Of course, this

identity system will not be perfect, but physical identity documents are subject

to misuse, too. The point is that we can create online identity systems that are

more ro­bust than the ones we have today. Moreover, these online identity

systems could provide greater pro­tections for security and privacy than we

currently achieve when using documents to prove identity in the physical world.

Scott

Charney
, Corporate Vice



President, Trustworthy Computing - Microsoft Corporation

Online identity management systems are important if we're to address the

Internet's growing crime prob­lem. The range of criminal activ­ity that the

Internet supports is broad, including consumer threats (such as compromised

comput­ers being used for unauthorized activities, identity theft, financial

fraud, and child endangerment), enterprise threats (such as the theft of

financial information, loss of personally identifiable infor­mation, economic

espionage, and extortion via threats of denial-of-service attacks), and

government threats (such as information war­fare). These crimes are pervasive in

part because the Internet has four attributes that make it at­tractive to

criminals: global con­nectivity, anonymity, a lack of traceability, and valuable

targets. Without proactive controls (such as neighborhood watches and po­lice

patrols) and absent reactive ef­fectiveness (due to anonymity and lack of

traceability), those who commit crimes on the Internet have little concern about

identifi­cation and capture and, therefore, little to deter them. This is one

reason why identity management is so important.

Advertisment

Not surprisingly, however, mentioning the words “identity” and “the Internet”

in the same sentence gives many people pause, in large part because the Internet

has been so transformative in the areas of free speech and commu­nication-areas

where anonymity plays an important part in ensur­ing the free flow of ideas.

Social networking represents the new town square, and blogging has turned

citizens into journalists. Therefore, while the thought of strong digital

identities cannot be proposed lightly, absent a way to create, transmit, and

consume robust identity on the Internet, people will lack the data necessary to

protect their own security and privacy online. To enable robust identity on the

Internet, we need to create an “identity metasystem” to enable better trust

decisions and help solve difficult real-world problems such as identity theft.

Anonymity concerns



Although necessary and ben­eficial, the creation of an identity metasystem
raises important so­cial issues. Two of the more press­ing concerns relate to

protecting anonymity and privacy. The first concern is that if authenticated

identity is required to engage in Internet activity, anonymity and the benefits

that it provides will be reduced. Although anonymity might exist on the Internet

due to historical evolution, the fact is that it serves many useful purposes.

For example, anonymity supports important policies regarding the promotion of

free speech, even if harm sometimes occurs because of the anonymous nature of

the communication. Indeed, it is im­portant to remember that some societies have

long accepted and promoted anonymous speech, de­spite these concerns. This is

why it is still possible to make anony­mous phone calls (pay phones be­ing

replaced with disposable cell phones), and you can mail pack­ages (containing

contraband) with no return address. Even with the potential risks that anonymous

In­ternet speech can bring, there are both practical and philosophical reasons

to continue to permit it. The second concern is that au­thenticated identifiers

could be aggregated and analyzed, thus fa­cilitating profiling (although there

is certainly concern about data profiling even in the absence of an identity

metasystem). Three factors, however, help mitigate this concern. First, people

will have many forms of identity and can provide different identifiers in

different contexts, thus reducing the risk of profiling.

Second, the use of identity attributes, as opposed to sharing your full

identity, should help protect privacy. Finally, social rules can be constructed

to support anonymity in appropriate contexts. Clearly, this approach might not

satisfy those who see the Internet's anonymity as the ultimate protector of

privacy and an identity metasystem as a threat to greater anonymity. The fact

remains, however, that if we hope to reduce crime and protect privacy, we need

to give users the ability to know with whom they are dealing (if they so choose)

and give law enforcement the capability to find bad actors.

Advertisment

Although this debate cannot be resolved to everyone's satisfaction because it

is impossible to prove what will happen a priori, we could argue that people

have long shown an interest in and support for anonymity; markets will support

anonymity, much as you can shop today without providing proof of identity; and

anonymity and privacy protections can be established through regulation.

The future: creating an online identity metasystem



Given these arguments, if we agree that an identity metasystem's benefits
outweigh its risks, the challenge is to create this IPP-based identity

metasystem. Such a system requires five components.

 First, for consumers to obtain robust digital credentials, we need

organizations capable of conducting IPP. The IPP locations must be ubiquitous,

but can be either public or private institutions. Second, we need organizations

to manage identity claims, including revoking certificates when credentials are

lost. In some cases, the IPP entity might also issue and manage the IT

infrastructure necessary to transmit claims and revoke certificates. In other

cases, however, the organization that conducts the IPP event and the

organization that issues, manages, and revokes digital certificates might be

different.

Advertisment

Third, we need easy-to-use formats that are supported by widely available

technology. For example, magnetic stripes are familiar to consumers, and the

security issues associated with such technology might not be problematic if the

only data encoded on the stripe is meant to be public (such as data signed with

a private key that is meant to be shared and then verified with a



public key). Smart cards allow for computations, but neither smart cards nor
card readers are currently ubiquitous, particularly in the consumer space. Other

forms of two-factor authentication might include USB dongles and smart phones.

Fourth, we need to ensure social, political, economic, and information

technology alignment. For example, at the same time consumers obtain such

certificates, governments and businesses must build the infrastructure necessary

to consume such identities and policy makers must create a regulatory framework

that advances-or at least does not inhibit-the identity metasystem.

Fifth, it must be remembered that criminals are creative, adaptive, and

persistent. Therefore, any identity metasystem must have a carefully constructed

and comprehensive threat model. While robust digital identities based on IPP and

digital certificates might make it harder for criminals to impersonate others

and commit crimes, we should expect that criminals will find new ways to

circumvent these defensive measures. For example, a criminal might bribe an IPP

agent, steal a valid certificate and PIN, steal the keys used to sign

certificates, or social engineer a call center after claiming to have lost a

digital certificate. These and other threats should be considered and mitigated

by business process and technology.

Collaboration is the key



If we want the Internet to reach its full potential, we need a safer, more
trusted online environment. To achieve this, we at Microsoft have proposed a

vision outlining the reasons for end-to-end trust. But Microsoft and the

technology industry alone can't create a trusted online experience. For this to

happen, industry must not only band together but work with customers, partners,

governments, and security and privacy experts worldwide to help take trustworthy

computing to the Internet.

Advertisment