Eergisteren nam ik deel aan een debat over het nieuwe Nederlandse eID stelsel (oftewel Idensys zoals het nu heet. Eerder schreef ik over de rampzalige gevolgen van de destijds nieuwe koers van het stelsel. Is er in de tussentijd iets veranderd?
Read the rest of this entry »
Archives for posts with tag: identity-management
De Nederlandse overheid werkt al een aantal jaren aan een nieuw eID stelsel (een elektronische vorm van identificatie online) ter vervanginging van DigiD. Dat is ook wel nodig, want DigiD is kwetsbaar, wat tot grote schade kan leiden. Onder deze druk, en vanwege het feit dat marktpartijen de oorspronkelijke plannen voor het eID stelsel niet zagen zitten, heeft de overheid er onlangs voor gekozen een andere koers te varen. Het eID stelsel wordt een uitbreiding van eHerkenning (een systeem voor online identificatie voor bedrijven), en gaat Idensys heten. Dat is wat mij betreft niet alleen een stap terug (eHerkenning is gebaseerd op verouderde en relatief onveilige concepten), maar zelfs een stap in de verkeerde richting.
De oorspronkelijke plannen voor een eID stelsel
Attribute based credentials (ABCs) allow users to prove properties about themselves without disclosing any additional information, and without being traceable. ABCs therefore implement privacy friendly identity management. Within the IRMA project of the Privacy & Identity Lab we are busy making ABCs practical by implementing them on a smart card. This allows them to be used, for instance, in national electronic identity card schemes. We are currently studying how to implement some recent ideas on how to improve ABCs in terms of functionality, securty and privacy.
Today I read an interesting paper by Marian Harbach and colleagues from the University of Hannover. They have studied the factors that influence the acceptance of new methods authentication online. In particular, they have studied user attitudes towards using the new German electronic identity card (nPA) as a replacement for username/password based authentication online. This is highly relevant for our own work on IRMA, a platform for authentication based on attribute based credentials.
To access an online account you need to sign in. Traditionally, this requires you to enter a username and password. Typically, these are different for each service you have access to. In a business context, it makes sense to centralise the management of both user accounts and the services they are authorised to access. This has given rise to a form of federated identity management, where users sign in to one single central identity provider. This identity provider usually also manages the user authorisation and seamlessly logs the user in to the desired service. The advantages are obvious: the user only needs to remember a single username and password, and the business manages service authorisations in a single place.
Unfortunately, this federated model of identity management is used more in more in a consumer setting as well. Examples are services like Facebook Connect which: “makes it easier for you to take your online identity with you all over the Web, share what you do online with your friends and stay updated on what they’re doing. You won’t have to create separate accounts for every website, just use your Facebook login wherever Connect is available”. This is an incredibly bad idea.
Technically it is feasible to provide privacy friendly identity management, for example by using attribute based credentials (ABCs). We are currently demonstrating their applicability in practice, even on smart cards, in the IRMA (I Reveal My Attributes) project. However, the use of ABCs in the real world is still very limited. One of the factors is the lack of a business case that supports the (substantial) cost of establishing an identity management infrastructure. In this (rather long) post I will sketch the issues, and indicate certain ways in which I think money can be made in an identity management infrastructure. The analysis is sketchy, primarily because I am not an economist. I would love a discussion on this topic, to advance the ideas in this post further.
In a previous blog post I discussed the difference in security and flexibility between attribute based credentials (used in our IRMA project) and the German eID system. Now I will discuss the additional privacy protection offered by attributed based credentials, compared to a more centralised approach where attributes are stored on one or more central servers.