What is Digital Identity in Network Security and How it Works

March 21, 2018 Author: munishmishra04_3od47tgp
Print Friendly, PDF & Email

Having an identity and expressing it have been of that importance from the early time. Digital identity related mechanisms are the core of modern systems, networks, and applications security. In an increasingly borderless and digital world, privacy and security cannot be ensured through the construction of walls around sensitive information. Identity is the new frontier of privacy and security, where the very nature of entities is what allows them to complete some transactions but be denied from completing others.  To understand the importance of identity and the criticality of strong identity protocols that protect against cyber-risk and suit the needs of transacting parties, it is essential to understand what identity is, and its role in enabling transactions.

Overview of Digital Identity





Digital identity is said to be at the heart of many contemporary strategic modernizations and innovations, ranging from crime, misconduct, offence, internal and external security, business models etc. This necessitates disclosing the personal information within ubiquitous environment.

A digital identity is an online or networked identity adopted or claimed in cyberspace by an individual, organization or electronic device. These users may also project more than one digital identity through multiple communities. In terms of digital identity management, key areas of concern are security and privacy.

Trusting the link between a real identity and a digital identity first requires someone to validate the identity, or in other words, to prove you are who you say you are. Once established, using a digital identity involves some type of authentication-a way to prove it is really you when you are using digital connections like the Internet. The more valuable the digital identity, the more work required to validate it and establish secure authentication.

For example, you can set up webmail with no validation of your identity other than an email address, and then use the email address and a password to provide authentication. For something more valuable, like cell phone service, your carrier will make sure they know who you are and where to send your bills.

Definition of Digital Identity





Digital identity is the network or Internet equivalent to the real identity of a person or entity when used for identification in connections or transactions from PCs, cell phones or other personal devices. Whether physical or digital in nature, identity is a collection of individual information or attributes that describe an entity and is used to determine the transactions in which the entity can rightfully participate.  Identities can be assigned to three main kinds of entities:

  • Individuals, the entity we most associate with identity;
  • Legal entities, like corporations, partnerships, and trusts; and
  • Assets, which can be tangible, e.g., cars, buildings, smartphones; or intangible, e.g., patents, software, data sets

The identity for each of these entities is based on all its individual attributes, which fall into three main categories:

  • Inherent: “Attributes that are intrinsic to an entity and are not defined by relationships to external entities.”  Inherent attributes for individuals include age, height, date of birth, and fingerprints; for a legal entity it includes business status and industry – e.g., retail, technology, and media; and for an asset it includes the nature of the asset and the asset’s issuer.
  • Accumulated:  “Attributes that are gathered or developed over time.  These attributes may change multiple times or evolve throughout an entity’s lifespan.”  For individuals these include health records, job history, Facebook friend’s lists, and sports preferences.
  • Assigned: “Attributes that are attached to the entity, but are not related to its intrinsic nature.  These attributes can change and generally are reflective of relationships that the entity holds with other bodies.”  For individuals these include e-mail address, login IDs and passwords, telephone number, social security ID, and passport number.

Category of Digital Identity





From time immemorial, our identity systems have been based on face-to-face interactions and on physical documents and processes.  But, the transition to a digital economy requires radically different identity systems.  In a world that’s increasingly governed by digital transactions and data, our existing methods for managing security and privacy are no longer adequate.  Data breaches, identity theft and large-scale fraud are becoming more common.  In addition, a significant portion of the world’s population lacks the necessary digital credentials to fully participate in the digital economy. Digital identity systems fall into five basic categories.

  • The first is internal identity management. In this kind of system, the same party serves as identity provider and relying party. For example, a company might let employees access different services based on their attributes.
  • The second type of system is external authentication. It’s similar to the first type of system, but with an extra set of identity providers to authenticate users. The advantage here is that users can use one set of credentials rather than maintaining different usernames and passwords for each service.
  • Centralized identity is another. In this type of system, one party (such as a government) is an identity provider that transfers user attributes to relying parties. An example is a citizen registry that lets users vote, file taxes, and so forth. A relying party can be a public entity or a private one. A private entity might access data after paying a fee and obtaining user consent.
  • Next are federated authentication systems where one identity provider uses a set of third parties to authenticate users to relying parties. These systems are similar to centralized identity systems except that a variety of private brokers issues the digital identities as a service to whomever subscribes.
  • Lastly, distributed identity systems connect many identity providers to many relying parties. This type of system sets users up with a digital “wallet” that serves as a universal login to multiple websites and applications. Generally these systems are privately held and rely on common operating standards rather than a governing body.

Category of Digital Identity

References

[1] G. Ben Ayed, “Chapter 2:  Digital Identity”, Springer Theses, Springer International Publishing Switzerland 2014, pp. 11-55

[2] “What is digital identity?” online available at: https://www.justaskgemalto.com/en/what-is-digital-identity/

[3] Irving Wladawsky-Berger, “Digital Identity: The Key to Privacy and Security in the Digital World”, available online at: http://ide.mit.edu/news-blog/blog/digital-identity-key-privacy-and-security-digital-world

[4] “Picture perfect a blueprint for digital identity”, online available at: https://www2.deloitte.com/content/dam/Deloitte/global/Documents/Financial-Services/gx-fsi-digital-identity-online.pdf

 

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Insert math as
Block
Inline
Additional settings
Formula color
Text color
#333333
Type math using LaTeX
Preview
\({}\)
Nothing to preview
Insert