Add to collection(s) Add to saved
  1. Business
  2. Economics

General observation: The Kantara US Federal Privacy Profile

advertisement 
General observation: The Kantara US Federal Privacy Profile (“Profile”) takes account of both credential
issuance (identity verification/assurance) and authentication, but the Guidance seems to be focused
only on authentication.
Questions for resolution
1. Does FICAM envision identical application of Privacy Principles at all Levels of Assurance (LOA)?
Recommendation: Please greater emphasis on Minimalism and opt-in at LOA 1 and greater
emphasis on Notice at higher LOAs. Given the greater sensitivity of the data in higher LOA
systems, those systems may need to provide less privacy protection to credential users in
order to provide greater privacy protections to individuals whose data is housed in those
systems.
2. Informed Consent within the Profile seems to be inconsistent with the Notice and Opt-In provisions
in Guidance. The Profile requires a description of how the service works, so that the individual can
be informed about identity verification/proofing, credential issuance, and continuing management
and use of credentials, while Guidance section 2.1.1, Adequate Notice, addresses only adequate
notice about authentication or credential use.
Recommendation: Notice provided at the time of registration should include information
about the entire credential lifecycle. Additional, potentially abbreviated, notice may be
provided at the time of the authentication event and deal with authentication.
3. Informed Consent within the Profile states that CSPs should provide the ability to deny release of
individual attributes to federal applications and provides some exceptions to the requirement for
individual attribute-level opt-out. Guidance section 2.1.2 requires (using the term “must”)
affirmative opt-in before any attribute is transmitted and requires that the user be presented with
all attributes, although it does permit the user to waive consent for subsequent transmissions.
There are no exceptions for pre-negotiated attribute transmission. Guidance further states that
users should be able to opt out of transmission of individual attributes for each transaction.
Recommendation: Follow the structure of the Profile. The attributes necessary to complete
a transaction with a Government RP are usually determined by that RP. Government RPs
usually provide notices about required and non-required information, and even in cases of
non-required information, notices often state that if the individual does not provide the
information the transaction may not be completed. Particularly in cases where the IDP and
the RP negotiate attributes to be transmitted with authentication (and in cases where some
attributes are mandatory to make an authentication legally binding, like electronic
prescribing), a presentation of individual opt-out screens would reduce usability and
adoption without creating commensurate privacy benefits.
4. No Activity Tracking within the Profile permits exceptions for data disclosure to support proper
operations of the identity service or as required by law. Guidance section 2.1.4 prohibits activity
tracking for any purpose other than federated authentication. There is no discussion in Guidance
about whether data about credential use in one federal agency may be disclosed to another federal
agency.
Recommendation: Follow the structure of the Profile. IDPs will be obligated disclose
credential use as required by law, and should be able to disclose for proper operations of
the IDP, and for fraud detection and prevention. Given the number of data breaches that
have resulted from hijacked or misused credentials, it would be difficult to make a business
case for an accreditation that prohibits the use of credential activity data to secure high-LOA
systems from fraud.
Related documents
CS 2813 - Loyola College
CS 2813 - Loyola College
Chapter 11 HW
Chapter 11 HW
CS 5352 - Computer Security Spring 2010 Course Syllabus Course
CS 5352 - Computer Security Spring 2010 Course Syllabus Course
Implementing Federated Identity Management across a Multi-campus Statewide System: The Texas Experience
Implementing Federated Identity Management across a Multi-campus Statewide System: The Texas Experience
ITU-T X.1254 | ISO/IEC 29115
ITU-T X.1254 | ISO/IEC 29115
Hop-by-Hop Message Authentication and Source Privacy in
Hop-by-Hop Message Authentication and Source Privacy in
Associate of Applied Science in Technical Studies
Associate of Applied Science in Technical Studies
Government of Canada Federating Identity
Government of Canada Federating Identity
A note about the master`s degree and the administrative credentials:
A note about the master`s degree and the administrative credentials:
Modern distributed business for supply
Modern distributed business for supply
Abstract - Chennaisunday.com
Abstract - Chennaisunday.com
Government of Canada Federating Identity Management
Government of Canada Federating Identity Management
Read the press release
Read the press release
P I D A
P I D A
Bachelor of Arts Degree in Urban Learning
Bachelor of Arts Degree in Urban Learning
An Identity Provider (IdP)
An Identity Provider (IdP)
Concurrent - Preliminary Education Specialist/MultipleSubject
Concurrent - Preliminary Education Specialist/MultipleSubject
Introduction to Online Identity Management
Introduction to Online Identity Management
Director Credential FAQ
Director Credential FAQ
Appendix A: Web Service Definition
Appendix A: Web Service Definition
doc - National Center for Supercomputing Applications
doc - National Center for Supercomputing Applications
Electronic Identity Credential Trust Elevation Framework Version 1.0
Electronic Identity Credential Trust Elevation Framework Version 1.0
Download
advertisement