User-centric, federated identity systems have the potential to improve the security and privacy of authentication and services, but if improperly designed, the systems can negatively impact users and become a burden, according to a new report from the Center for Democracy and Technology. The paper by CDT policy analyst Heather West comes as the U.S. government begins a series of pilot programs through the Center for Information Technology, the National Institutes of Health, and the Department of Health and Human Services that will use third-party user credentials to authenticate users of federal Web sites.
The term "user-centric identity" refers to systems where users, rather than service providers, control their identity credentials, CDT said in a Monday press release. A similar concept in the offline world would be using various forms of identification for whichever transaction one chooses. The white paper discusses key components of a user-generated identity system (such as trust frameworks, users and identity providers) as well as the benefits and liabilities of federated identity management. A copy of the CDT document can be found here (PDF).
New Media
Online Politics
Tech Policy
Comments
To post a comment, you must provide a name and a valid e-mail address. Messages must be limited to 400 words. By using this service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although Tech Daily Dose does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.