TrendToward a national strategy for online identification
President Obama has launched an ambitious project — National Strategy for Trusted Identities in Cyberspace — the primary goal of which is to build a cybersecurity-based identity management vision and strategy that addresses privacy and civil liberties interests, leveraging privacy-enhancing technologies for the nation; offline, there are already dozens of identification technologies in play that go beyond the simplicity of Social Security numbers, birth certificates, drivers licenses, and passports; these include smart cards, mobile phones, biometrics — but they do not follow a consistent standard; this, too, may soon change
The Internet has become am indispensable aspect of most people’s lives. It goes beyond social media, online shopping, and banking. Critical infrastructures like water, sewer, electricity, and even roadways now rely on the Internet to some degree.
Robert Siciliano, personal security expert and contributor to Just Ask Gemalto, writes that the Internet’s weak link is the difficulty in reliably identifying individuals. “When online, our identities are determined by IP addresses, cookies, and various ‘keys’ and passwords, most of which are susceptible to tampering and fraud. We need a better strategy,” he writes
Howard Schmidt, the cybersecurity coordinator and special assistant to the president, points to The National Strategy for Trusted Identities in Cyberspace (NSTIC), which was developed in response to one of the near term action items in the president’s Cyberspace Policy Review. The NSTIC calls for the creation of an online environment in which individuals and organizations can complete online transactions with confidence, trusting the identities of each other and the infrastructure that facilitates the transaction.
“The primary goal [of the president’s strategy] is to build a cybersecurity-based identity management vision and strategy that addresses privacy and civil liberties interests, leveraging privacy-enhancing technologies for the nation,” Siciliano writes.
The National Strategy for Trusted Identities in Cyberspace is a document released to the public for comment. DHS has posted the draft at www.nstic.ideascale.com, and will be collecting comments from the general public.
Siciliano notes that offline, there are currently dozens of identification technologies in play that go beyond the simplicity of Social Security numbers, birth certificates, drivers licenses, and passports. These include smart cards, mobile phones, biometrics such as facial recognition, ear canal recognition, fingerprints, hand geometry, vein recognition, voice recognition, and dynamic biometrics among others. Trouble is, “there is not a consistent standard in the United States to date. In the near future, we may see the adoption of some of these technologies to properly identify who is who,” he concludes.
