Secure Anonymous Digital Identity: Difference between revisions
m (17 revisions imported: Initial Upload of old pages from IDESG Wiki) |
(No difference)
|
Latest revision as of 04:03, 28 June 2018
Use Case Metadata
Title
Secure Anonymous Digital Identity
Status
Use Case Lifecycle Status
| Contributed | Working Draft | Committee Review | Compilation | Approval | Publication |
| This use case has been sent to the IDESG Committees for their review. When committee comments are resolved and all individual use case criteria are met, this use case will be a candidate for compilation. The IDESG Standards Coordinating Committee may select this use case for including in the Compilation phase. | |||||
Use Case AHG Review Status
This use case was reviewed by the User Case AHG on 2013-09-25.
Use Case Category
Identity
Contributor
Ian Dobson
Use Case Content
Use Case Description
Create an anonymous crypto "Core Identifier" key unique to you through immutable binding to your real-world "Core Identity" and which cannot be reverse-engineered to reveal your real-world identity but which you and only you can then use as your user-centric online identifier to create as many online personas as you wish.
Actors
- Trusted infrastructure of authorized issuers
- trusted process, device and crypto for authorized issuers to create Core Identifiers
- users to use their Core Identifiers to create and maintain their personas
Goals / User Stories
user-centric single online identifier that is anonymous but due to it's trusted creation process and biometric key provides users with a low-cost unique anonymous online identifier which they can present as a globally trusted identifier asserting that "you are you" to relying parties, such that they will accept it together with required attributes to create your personas
Assumptions
- optimum trust in the infrastructure and process to create every Core Identifier.
- Core Identifier is only usable by the owning (real-world) Core Identity
- the process to create a Core identifier must bind immutably to the Core Identity
- Additional assumptions are described in Jericho Identity Commandments #1, #2 & #3
Process Flow
Because you are you and always will be you, there is every reason why the real-world unique "you" should be translated into a parallel online-world "you". The translation process must
- be trusted as high integrity (certified process, equipment, and authorized issuers)
- take a short time to do
- be low cost
- assure interoperability
- be immutable i.e. enduring and unchanging, to guarantee its validity
- not record any real-world attributes of the real-world Core Identity
- use certified crypto to assure reverse engineering cannot be successful.
Full process is described in Jericho Forum references listed below:
- Identity Videos #1 and #2 (each approx 4 minutes)
- Identity Key Concepts Guide, sections 3.1 & 3.2
Success Scenario
take your Core Identifier to your Government along with acceptable proof of citizenship to create an e-citizen persona.
Then take your e-citizen persona to your electoral authority when you need to register to vote in an election, so creating anonymous voting persona which allows you to vote from anywhere in the world, anonymously, but only once because the voting process necessitates recording of each vote so records "this anonymous person voted" and prevents it voting more than once, though importantly NOT how you voted. In situations where failure to vote may incur penalties, because a persona can go down (but not up) your identity tree, you can prove that your persona voted.
Demonstrated success example is Austrian e-Government Innovationszentrum (EGIZ) scheme outlined in Jericho Forum Identity Key Concepts Chapter 5.
Error Conditions
Relationships
- Extended by:
- Game Avatar as Pseudonymous Identity Use Case and PlayaNym as Pseudonymous Identity Use Case both seem to be supported by this use case.
- Extension of:
References and Citations
- Jericho Forum Identity Commandments, available via a link at
https://collaboration.opengroup.org/jericho/, or directly at https://www2.opengroup.org/ogsys/catalog/W125
- Jericho Forum Identity Videos #1 & #2, available via links to YouTube on https://collaboration.opengroup.org/jericho/
or directly at
- Video #1: http://www.youtube.com/embed/tfj1DKOAeQI
- Video #2: http://www.youtube.com/embed/ZlG3yZfk9tw
- Jericho Forum Identity Key Concepts Guide, available via a link at
https://collaboration.opengroup.org/jericho/, or directly at https://www2.opengroup.org/ogsys/catalog/G128
NSTIC Guiding Principles Considerations
Privacy Considerations
Security Considerations
User Experience/Usability Considerations
Interoperability Considerations
Domain Expert Working Group Considerations
Financial
Health Care
Derived Requirements