Archives for posts with tag: identity

Summary of presentations and discussions of day one of the For Your Eyes Only conference held in Brussels on November 29 and November 30. My main findings can be found here.

Read the rest of this entry »

Het gebruik van het Burger Service Nummer (BSN) is sterk gereguleerd. In principe mag het alleen gebruikt worden door overheidsorganen, voor het uitvoeren van hun publieke taak. Soms is hier onenigheid over. Zo vind het CBP dat de ministeries het BSN niet mogen gebruiken in het uitgifteprocers van de Rijspas aan ambtenaren. Het ministerie van Binnenlanse zaken is het hier niet mee eens. Maar eigenlijk is dit een achterhoedegevecht dat de aandacht afleidt van de werkelijke problemen.

Read the rest of this entry »

In a previous blog post I argued that identity cards should not be used to store anonymous credentials. The reason being that users may not believe that a card that is used to identify them in one context, can also be used anonymously in another. But last Friday, in a meeting with Martijn Oostdijk among others, I heard an interesting reason why anonymous credentials perhaps should be stored on an identity card anyway.

Read the rest of this entry »

Systems for identity management suffer from severe security, privacy and usability issues. A few of them I have discussed previously. Security is the topic of today’s post.

Read the rest of this entry »

Systems for identity management suffer from severe security, privacy and usability issues. A few of them I have discussed previously. Today I will discuss trust. Trust assumptions in identity management are ill understood, and this leads to interesting security problems.

Read the rest of this entry »

Many systems for identity management suffer from severe security, privacy and usability issues. Previously I discussed how the difference between membership and ownership contributes to the resulting “Identity Crisis”. Today I will argue that another fundamental question – “What is identity (anyway)?” – is not properly addressed by identity management systems yet. Read the rest of this entry »