|
|
|
Microsoft Expert Lays Down 7 Laws of ID Management
By: John Pallatto
2005-05-10
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
Microsoft Expert Lays Down 7 Laws of ID Management (
Page 1 of 2 ) The computer industry needs to create a consistent "metasystem" for identity verification, says a Microsoft network access architect.SAN FRANCISCO—The public is suspicious of most computerized identity verification systems because they are based on a jumble of policies and technologies that in many cases leave them vulnerable to identity theft, according to Kim Cameron, identity and access architect with Microsoft Corp.
Cameron, speaking at the Digital ID World Conference
here, said the computer industry shouldnt be surprised that the public has a fundamental distrust of computer passwords and log-on procedures because they provide so many opportunities to expose personal information and assets.
Part of the problem is that companies ask people over and over again to provide personal information to gain access to essential services, he said.
People are increasing displaying identity "beacons" when they turn on their cell phones, personal digital assistants or PCs, Cameron said.
Recently, national, state and local governments have proposed using RFID (radio-frequency identification) systems as identity verification systems.
Such beacons provide opportunity for tracking individuals activities and possibly stealing identities, and people have a right to know when they present such beacons and to decide whether they want to assume the risk, Cameron said.
The public has been conditioned to indiscriminately disclose "credentials and personal identifying information into any form that appears on their screen," Cameron said. "And then we make fun of them for being subject to phishing."
 Click here to read how "two-factor" identity authentication could help stem the rising tide of identity theft.
Thats because identity management policies have been a "kludge and a patchwork" that presents "no consistent way for anyone to do anything and to learn what is right and what is wrong," Cameron said. As a result, phishing and pharming identity-theft scams are increasing at a 1,000 percent compound annual growth rate, he claimed.
What the industry needs is an identity management "metasystem" that provides common and consistent methods for online identity management, he said. But to establish effective metasystems, the computer industry and corporate IT departments must adhere to seven fundamental laws of identity management when developing network and application access systems, Cameron said.
The Seven Laws of Identity
1. The user must control and give consent to disclosure.
2. There should be minimal disclosure for limited use of personal information.
3. Digital identity systems must limit information disclosure to parties having a necessary and justifiable need to know.
4. Identity metasystems should be designed to work effectively with both public and private entities or relationships.
5. Identity metasystems should support multiple identity technologies from multiple providers.
6. Provide clear human-system communications.
7. Provide a consistent experience.
Next Page: Identity laws to live by.
|
|
�������xr80�VӮc�*dK.kڶ<<ձ�
$)RCRTsb_bq3��%R]}]D d"3H$�?�{$sW7-gL.\snS?úO
Y'w>{�&(ˑԫ�1m3�HnwݶN=gP'^��> \?g3Q;Y|��vn3gGd�#B�=x:a/M˟!�ڮq�4]�b'*cO^3l�ְB�䅠1FE��/t�#I%�g�'
�٪b'Ӥbf��]LÑcPpm׃)�TQ3#}j�ݳt#ԳF@u|ף&Y�#���3Mu��L_FBԿ$f�
0���̳ؖ�#vR8N8C�En�O�U[۾�t�syHf��.j.�9ac�m �
��Ї@2zz`N�xtTa_�eY7;�Ͱ-6@6#M-jZUQ
b�kG{}rL-g`T;}k7;Wʪ)Jw9ʑ��C[wn5-%u`(.:'^O.ac'H�Hw&
LT)�Jj\(�MLCa�jL�q5�uz�P��%pKX+hv��dꑑ�f1<˧0CF_8RCf9-Ҿ췯;6OΎ;Sd̲5<�JEӀ��Z�vb�!?Y�W5Mս5i?uN=d#t: +?;VV'_ZUCp=�['^=:$?LmrG=�����.iTj{S{|&�x|9!9Io
'ȿ��;Be}#�7�ReQ
�o̱n>�@|ˤd6M2T��c��]N�j__ѬZxka
4�+@_x0N�D=�f�M�s,e��g{0A�M)��61tG��v!fBy�M)�o��z@@�ZR~nV(�U7$ٛ�"G�;�ž_��"ʥ��c�p1S{�.Ӱu�irq���ZoV͉*]XYu�jZl�E?´;\g8m7�-һ^5?aUb}Phv�ZM]�qsuTSt*Zl:�7RQ�^Tjr{�h��2ud8��:AGA�ticšh4ά@7&��h`C:}ҍ:L��
wG|h��x:,,Abχ�&a`M?�FAтMz>t�T�;�]|�2��Zw�9ܻ-L&w��z
�JC�ˋ�F0����P6��x���Be^~�}�¢��1O�[>ȁ=�`Mtև
&��QsnPB�f�x?ɜ+)
��%@F�HH�t�"AђF��*�4� �gscX"K"'ǏAw;�.VKŤ�\*y"�Jm':ݱ;PKR�x&,�S,BV-KᗄPf%i2ml�ƪń(VFN��l�(0��Vn)XC}`/�cҧ8P�ĺU0�UESUG�+[+]>�F����]h���!.��־ �X@�P A6+8SӞ-5Z,Y~B)'�-_k9��oE`���9^R˶SL*H@8��u<|[\Y3
Q�|7z0bƏQ�ajY[�ສTjՂʾ_N+^�t�m(5#���#2�qg��rh)h-f5�Z58};`[��
k欭h�+,s��Jb+�ʹV(EcYUzrulFYdgEU)XW<��N�~7-="JL7Ϧ�<�sƃ~�w"�y@*FZuG "BN�7x^ox�P@<�ৣjZ)�dLfaNg1� ek&�w�s0USfyr;Wk*�k���`�=z{Ǻq;ɭY qLW!SB�9�^%L��ɹ%w��A֮N�ZPn3i`$�ezP.�xY3GGu�"�M."�́08h#2"G=!��|/I6�0�VRR�XU V_A�ұg.s_�wf�=]~oLg4�>ʀkG�2gdQ��hV�z\ 4�ex.N3 a6}b;_&*|)2S�G)�EXqkX�#=O
f+(U|d�y5�&Q�rMu�E
l&ŏh(UrvݏC~=բ,�A��7ud*�+ZR�<*�
ZlmM�
��l⊗qZCK�τkox~�E�6-2j=kR�`J%�¸�_v^�IўA>�b2�at53yp0͎�s�-$NM�6fĺ}���a}`MٸU
V|�eZU
ՂVE'�u0�|�aߋ
uRԣ{{k7}óf�A"wS[�U�ts��:C\Դ"hw
ĶRsG?'}D.,��q=C
H\}PK�(,�~w9ـo�|\V*Z�솣d9#�T�`| @-a'd1s<6ɷo�njC?: +�~w?l)ɡ$ |J�D�^E!�1a<}W^^����f#r|8G)��ji%<�47sj됔�J~pxْ:��m~l1��z˾WM$(��X�q�4q!'^Y�{{l:�k�6|v>��7�2�4H"�r��ECR|I{y-%{�w;�j��d�, YE#�Bǧ�5�Bk;d4)(�3z��0fK#fWDH[�h!�u}͙�c�ª9�kI.Dz=d_5�g0�
h-� ېco#s�~u�YLPH2'_��a��H��H��R
~tDӻ:o~Nku�n/�m D78��C*Q�W"R�Eh%I�A%'&g
<�@&9N�hDu~klEb�}C�eax!wl0q�%՝b"f0BٺCO,,m��SsS)�y��# �m$jRSfj�# $_2
I,v+htlAzW j��Ú�]e�/.\|عm|d`��=`l)Za�"|)Nr
9i�`e>�%;yRb�QגZ4ҫoeW!9���|D�s`*�=S�L aʕCrWkb~�]4ZU$=ݝ:�F`�cɅ��`�`/#�9ʼS�3aZ� G�W�./�v��gNȣ&k{��?��wynL�xq�f='Fs)�o.�(�cǩm:{@�D'eNx>HАYc=p>}⌜00;z6bO0�>oV8_OKoҽ{ᧅ}E��s7t3VTsb{I6ӱ$BUUk
ۻ�ʾ\EVe.tٓ^t*<>rg���,F}��d3Do�Ӽ4hAh�l�3�O7n�C]`l_s�T�7?_gpKw�
�z�>+-R!EkE��wW�UK��㒏ʢ�E:'%:�mחF�}V5BĬh�w
��V2&[qVL|{�rx�|[q$[+' g|o#&_M_k
w�S M[k!/1�%C%?h3�[aGɨ0^
=�"s�(u��߂Kd�[:��a8[&?�6#l, eb\Ň�&L�5+�dXZ1�f�|a~\`-~cJ"aՊuٙB
%F60ȈNx'��5B�X/�/
EhJ}:�X�'!r� 6UUBY��bMJ}�8O�=vHD4BZ,�/
s]I-=�}ǘD|Ȳ��|�L_~V
#�?2AH-�惻�OõF:J��*oa2LL�^_8A�ﳡ?K8\X(5>UD_�N|<-,�P� Y&0�̖B�Fc�0u٣�@8OO�y)��"%��:2l`f�̽r��Մ�@-�rF;6|p4uYD
8���E}?;ۊP-&>N+bb Eɤc;b%#-xDΦdId+�|$ e%!�-(Y�L*uRdO�I&�#Br{�%,"ǔNi�Ry^,�5 bF&P���ȯ��/6X=��8?sqBiejąL"ZQJՊp5rtl �n�ڛ7�^~ď��L/�e9`@ OA_��~t^U+�Qb(
[�m5BEŴ�R0%�r^/woѬ�//'sr�@j~{T��X��E)Td!b$Kz��OB$�$ A��r!O#J�=]NIdJҟG�;�W�<7ޠ$J*շ}���䋞ԝQGwAuKl
$�Y#�
'pʰD`V-
z�!"�ƮoR�I)IZq[*�1��T
*�|*{<��soeF3��x`#-+n�ך.@wa*�ΘԞ��nB`$�3䳋XSN@}TY`] x{[2O*��@��<MYilmi"�Av�4�>aS)ZI=h��%V^:�'t�`�]ʰW�vMÄ�^!�l3�{O4YXE'W#X|��~C~C~C~C~~JR,}k~Hr-~D:=>yE^϶LI�Inz~�㵦� Ɔ
�\5�כF;x�Lڝ>,�f���>]?N�@`�@B�0~6k*/�=L�ȷ ^?
� Ɵ8;�ٟpi+N\O��{�wnҩnСbL1&@3%M��n3�L1Z/|×3Cl*D��67lqBr�JPU.kk���x"���>7-�(&�FvVE*EGI��5��;I-D�c �=$q8�{�D-
�#4_Y�gb��M#k{n"T��萗*e87ԛ:XU�A� |ۛV9Dw+��Z o犳����m}+-o�"s7Bb�k�wP)=h%y$G=H�+�"A.W6WiÅK�4M]?3ݶ˙%�.⛽,Lh9ŗ�%ķz4
#/��`)jd�*DI8�f
y�fASk�Y3^i�Iͽ=�ڶ/hG
P|F0��-c��xQ�|�� [~�1{tѥD`oJYV,VC|_~?�-g�:�6�dfph֒�_fX�*l%I"q0M?��+┉fne�O7�%sM�fH4�p�E�X��ȓ� z`�]g�S~�4�ε7
� [٨~R~i//m~x̬U}SM˼
oM^N�ړEiİO+=X�ђ,#�Ћ�l,d�3Gq*0&xS݀+nq|wf��
L�3.NdãE�z@9Ъ�
es�7>kE_A-mȴjgϡ6
�%��f�e>QiH��:-F�[�J^O�/
:â="L1D%�ͦ��0av_`n3]ǻ�y+(9q/�ga(���JOHP���a~
j~h!�&V8E�)96i[�B�l?��Q�X2!6�
ͤ<87%da8FS�Y�h9S!cb�j�\.he,zVdqK2&�/ #z�Й>��3&^u�ME�*ނ0H�Q�&+@JVH4i�s=xCQ58{��[�j���g5�0�Vz^3vX5Į�Vڹ�q� yK-y�-�J4s�5^67�ںsʩ�yr�jLxXE�8agcqP�˂l�dn-&�~iX�n>H�'*t=jh�DRФJd�mxYP)ϑVPJj\=w(9��}yjUS*ZYeEp�+�wZ#x5�1t�,TOಈ֞uvü�clTҊj9y[G~��ǴIу%��Lt�LkG� J�6_K�~+�p0=4��+j1[
w5k�
zv3%�4 ޘw�x.%5&[I{e
�Dr2<�0; �ҢS�F;6vCWѵATJ{=�yJ-h>#4�
cD̋:Z
s �2�~�0̊�ےV�o5J�ۅ]�a~w@�7H �X�p,�B�"ͨa8TJ�_[G�x}#r�k1f㭸=��F�c30]LsMh9!mF(hd�tix���^�;�L)W'���n�YVmIr .�kh�>a{�R(?hUeQb+;Y75��/�U@ģ8AnK�e?�Њo >co«I XPp{��MA9(W�TD~��N����̋XL�t4*$:wZ��m;A=~AzDLRO�����\�ND�_��_!߰�,VI�m{7�R[�$y?ZED���;$��q}n윓M{a�C�t稯-d�w؏tov�M%ʃVQh0w8p}Y�a7O�
2�(a#.�ϪC^�!��M�-l
� \Z��s4e�F}eO)��cDRw.3O0�ឩ�THCTdL4B&(qTi+$<�~1&v+!"�&L�m�a��nɍ�
F$�hD1fHǼ�͈ is6�q(q>s�D�ȧn犉1JO�\-B@e=D�q�yy��÷t?`o@�QR"�tQ:..�(�� o�I�[P�,(ω�B5D��SJTmn$�Eu�~v�K)
&.X`3��Y�ej��xp�Ƨ�x�}:;
�ܕeV!^�|8�Ek;Λ}-AG�,G71=�` ?v^.us
x\jH�F�cPB<_�DS�M,×>0�(��-Ō��CZQJФ*t�!dW`ǪZJ�N;WN�ϻ7x Zѷptԝsm}>^}>\;\c�|j5r:X)`�чzIc 3���b�Q>oIk&5+<�v<(�(
('MfFy�ʻ�-AQ~�'O>����NqY_i�VF9?t.3ʡ5~e�y�|���s�_d�/�}/2{�ȠE�(��ϋ�D��(?@?2/"�2c|/A~.3�2cnF��_?2
x�:z/���_?�}OP)�'ߧ�@MV9M�@7��d_ry�ʛ�rּ
)��qFy)8R�E�rXB]fנ{'sg+�I\W�KM0TntEճKT쵆cn%:@b�a/!
c|U$X2M*9!#(,8%Y}MNJ�4tk 7b[y�DYAI{R}tE�OI>t�i@Lw<ߔ[nNJ>s\ȜHdZc+mF�Dt}b>,6Q��DQ�Yq˭�d<@T6?�rq8�r�[���;$}S�F(r�>t���^��F�`iB�OޒtI{dŹF"0~.�N�H_Ķ%N_8#�ś��I��VM��/%kb5�sp$R&/�>���%�hkоx^�I4��Hm7c@诿J`Xkt JV7B����3Ff�\�rw^f$�.,��> g�x�p1�o6Nώ{;]9;Vuu7Lђ'/T�B�#�~ ��c̈́]%]P�O"cbv/A>�;��yC͞ޣ�fs(->L$NSPsXOm:�Zd�\�o``a?&n h(a)x�܃�AR(�~�hDoz^Dl��t��Ζb'/E0^R�s]q�Sum�sImgX�|@ăx!$k�W���p`#,^�
|t,C巧c��S���%�^Π&b/;ysԷeEQ&PL��c�)Jq[+y�HRbR'��9"Ź
oPm��JO���0wK�w[F:}`S
�s"gTt�r!���,MN-v/'c.,s(ŬBSd��=�)O?5'[nI
5E`0v4aeh�h��<ձ]w
�O`7@#>Ƌ�rd{Goگ5�]7{*۳|�?��O�e Lt8?Bs`�ܐ}olI
�CO��?�Fu:h�/�A�sl2q][� +"���ۂ��Km˴>u¥"UXJM���X,8.� ktk�Qh~0��r,#�<[_ڵlAt
�] D
�h�C'+_2uE�n�B�cV|JrX}P/):�OOg�sZ�%n^��H�v�"���,�{ �QFb�fB�8u
vKѪ
v�7"60ޏq۷�PR�l@��xS
a
\bXe�ܔ�uF.D]�hT_�)**��
��/ߵ�3qݼg®"�vyX\�A\XIڙF�X�<ٰ���s+��o=Љe�;3G_\g0^Np2$82��e�pCikZK�0Dq]�
�XǢȖWqTR:!�;
/D?8���ci,��;fcXJ
�YF!&ۅ7�O80�Ux|�-h\�};xrmx0#Er�Y)��Z_KvdzU\dǮsl�#�"|f`*�H�Ay4O~Ճ!�gn耵�gk݄�6�g���]9,M��c|R�c90�`=�`Z>�]x�
O!0gW�P
Y�-f�1%Dv88)ҡCCĞBJ>eS1C7@n0\|�H
d[\O^مu�3�\j��/�YH~>����fr*r*]x�D4;Nb����_yfOȅ�^`\YG��7�^y{b�`!˾tڼ>!�L�*`gG�o>!2D!6�xvYpEI{�ş�y˖�VQ�)Z�NN`��)Xfչ�uK+_1dF-<��#@5̺J"<&o�)FҢpL\岞Ԕbե{�7�p6JL?-۔̡9MR"G�Zi/%!zR4��էr0>d֊�V&|Ʒ�Z2cˤ_�lc j)��
|
Network Security & Hardware 
