About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion

Advertisers

Identity Blogroll

Technorati

  • Add to
Technorati Favorites

License

  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« Two-timing two-factor | Main | Will industry rescue the identity card? »

Pseudo's corner

By davebirch posted Jul 20 2006 at 6:33 PM

[Dave Birch] I was at a workshop last week with a whole bunch of other people to discuss possible architectures for a public sector sort-of entitlement card (I can't say what for as that would give it away, which I'm not supposed to do).  I was really cheered to hear, quite unprompted, someone put forward the idea of pseudonymity as a way to balance some security and privacy issues.  To hear the term introduced into a conversation at that level is, frankly, music to my ears.

Technorati Tags: ,

It's now a decade since I published my first paper suggesting that the combination of smartcards as a platform and pseudonymity as a  concept, might provide a practical solution to the problem of identity management in a networked age.  For anyone interested, it was "Birch, D. Smartcards and Pseudonymity in proc. of Smart Card Technologies, IBC (London: October 1996)". To see why I'm so enthusiastic about it, consider the "chatroom paradox" that I've written about before:  Your kids want to go into a  chatroom to discuss [insert name of popular beat combo here].  You will allow them to do this but only if you know who everyone else in the chatroom is.  However you will not allow your children to reveal their real identities in the chatroom, so you end up with an unsatisfactory situation.  Everyone wants everybody ELSE to provide full disclosure but they don't want to do it themselves because they don't trust everybody else. Now imagine a situation where the school issues the children with certificates that confirm that they are in  fact of a certain age, in a certain geographic area or whatever, but the children are allowed to choose their own pseudonyms.  The  chatroom can now verify the certificates on entry so I can be sure that all the other nyms in the chatroom are actually children and not FBI agents or whoever.  Similarly the other nyms can verify that my children are actually children without having any idea who they are. If one of the nyms misbehaves, then the certificate issuer (ie, the school in this case) can easily tell the plod who the miscreant is.  Pseudonymity does not provide a means of getting away with anything. I wonder if we're finally getting somewhere in producing a realistic solution to a key identity problem, or am I reading too much into one mention of my favorite word?

Comments

The comments to this entry are closed.