SlideShare a Scribd company logo

Lessons in privacy engineering from a nation scale identity system - connect id

David Kelts, CIPT
David Kelts, CIPT

Everybody wants to achieve privacy by design? But how do you do that? This slideshare will show you how. What is privacy? What thought processes will bring about understanding of the security measures to take in order to ensure your users privacy?

Internet
1 of 21
Download to read offline
LESSONS IN PRIVACY ENGINEERING FROM A NATION-SCALE IDENTITY SYSTEM A DAVID KELTS DIRECTOR | ARCHITECT | PROOFING | MOBILE IDENTITY DIGITAL LABS @DAVIDKELTS
WHAT IS IDENTITY?  A provisioned account from which SSO can happen  Confirmation of the physical user at transaction time  A large set of attributes that resolve to a single entity  The individual behind the resolved attributes
THE LAWS OF IDENTITY SYSTEMS PUBLISHED IN 2005 BY KIM CAMERON, MICROSOFT DIRECTOR OF IDENTITY, TO SUCCEED, UNIFYING IDENTITY SYSTEMS MUST… 1.User Control and Consent 2.Minimal Disclosure for Limited Use 3.Law of Fewest Justifiable Parties 4.Directed Identity: don’t release correlation handles 5.Pluralism of Operators and Technologies 6.Integrated, Unambiguous Machine to Human Communication 7.Consistent Experience Across Contexts Systems that violate any of these laws will eventually fail since they fail their users and their own original intent https://msdn.microsoft.com/en-us/library/ms996456.aspx
WHAT IS PRIVACY?  Giving our User a solid sense of control over their identifying information that is consistent with our systems’ actual functioning  Safeguarding all the identifying info that our systems collect  Covering our legal exposure against users who have a problem with the way that our systems use their PII  Reducing the “creepy” feeling users get when we use their identity attributes and identifying information
FOUNDATIONAL PRINCIPLES OF PRIVACY CAPTURED IN 1995 BY ANN CAVOUKIAN, PH.D. INFORMATION & PRIVACY COMMISSIONER, ONTARIO, CANADA AND NETHERLANDS DATA PROTECTION AUTHORITY 1. Proactive not Reactive; Preventative not Remedial 2. Privacy as the Default Setting 3. Privacy Embedded into Design 4. Full Functionality — Positive-Sum, not Zero-Sum 5. End-to-End Security — Full Lifecycle Protection 6. Visibility and Transparency — Keep it Open 7. Respect for User Privacy — Keep it User-Centric So how can I take action to actualize these Principles? https://www.ryerson.ca/pbdce/certification/seven-foundational-principles-of-privacy-by-design/
INFORMATION HANDLING PRINCIPLES • Collection Limitation • Data Quality & Integrity • Purpose Specification • Use Limitation Lifecycle: DestroyRetainDiscloseUseValidateCollect • Security Safeguards • Openness, Transparency • Individual Participation • Accountability http://www.oecd.org/sti/ieconomy/informationsecurityandprivacy.htm http://laws-lois.justice.gc.ca/eng/acts/P-8.6/index.html Assumption that data is an asset… and to be handled
ACTUALLY… DATA IS A LIABILITY • Total Cost of Ownership is Very High • Absence of Data means an Absence of Leaks • To date, our mechanism to Collect has terrible usability
INTERACTIVE INFORMATION PRIVACY Lifecycle: DestroyRespectLog • At LOA1 UseAsk • Individual Participation • Purposeful, Consent Driven, User-Managed • Supports Self-Sovereign Identity Wouldn’t a user grant persistent consent to an IIP System? ©⓴⓯ @davidkelts
CONCEPTUALIZATION OF IIP INTERACTIVE INFORMATION PRIVACY User Knowledge and Control Over… Personal Info Retained Entities Shared With Core & Presented Attributes Behavior & Usage Data Purpose for Collecting or Sharing • An individual owns their identity • Return control and management to the owner of the identity • Be appropriate for transaction use cases • Establish Limits, Let User Establish Limits ©⓴⓯ @davidkelts Score your system on how close to center your implementation actually functions
HOW DO I GET THERE? HOW TO DESIGN FOR INTERACTIVE INFORMATION PRIVACY, PBD 1) START WITH YOUR FIRST PRINCIPLES https://en.wikipedia.org/wiki/First_principle
2) ANALYZE YOUR APPLICATION DATA FLOWS Look at each step where you …collect, validate, use, disclose, retain, destroy… in your data flows with empathy for your user There isn’t really a shortcut to the art in this process until we make it a science within our industry
3) CONCEPTUALIZE WHAT YOUR APP DATA FLOWS CAN DO TO YOUR USER? Potential Harms Power Imbalance Discrimination Stigmatization Loss Self Determination Loss of Autonomy Exclusion Lack of Liberty Confusion Loss of Trust Economic Loss Physical Harm When you think of Potential Harm to your user, you can begin to find your Problematic Data Actions http://www.nist.gov/itl/csd/upload/nist_privacy_engr_objectives_risk_model_discussion_deck.pdf
HOW WOULD YOU REDESIGN AGAINST? • Stigmatization • Loss of Self- Determination • Physical Harm • Loss of Trust • Morality aside… this is the poster child for use case of Anonymity and Pseudonymity • Breaks down when you “need” name to collect monthly payment using payment processors who don’t trust identity… w/o holding attributes
4) IDENTIFY YOUR PROBLEMATIC DATA ACTIONS WHEN YOUR SYSTEM DOES NOT PUT YOUR USER IN CONTROL OF THEIR PII… WHEN YOU “HANDLE” PII FOR THEM, YOU CAN CAUSE: http://www.nist.gov/itl/csd/upload/nist_privacy_engr_objectives_risk_model_discussion_deck.pdf Induced Disclosure Insecurity Distortion Surveillance Unanticipated Revelation Unwarranted RestrictionAppropriation ©⓴⓯ @davidkelts
HOW DO YOU FEEL ABOUT? Name Cell phone number Date of Birth Marital Status Mother’s Maiden Name… Web sites you visit Where you were at 9pm? • Surveillance • Unanticipated Revelation? Induced Disclosure Appropriation Unanticipated Revelation Privacy as the Default Setting
HOW WOULD YOU DESIGN FOR US SOCIETY? • Lack of Liberty • Stigmatization • Loss of Trust • Surveillance • Economic Loss Follow law of Directed Identity: Prevent unnecessary release of correlation handles • US Citizens - 240 year old distrust of Big Government… grown stronger • eGov SSO breaks down if correlated or can trace citizen daily life • Cannot leak identifying info about FNS beneficiaries • Medical situation can’t stigmatize user from services or privs • Would citizen stop carrying phone if they feel surveillance?
Ownership Purpose for Use Consent User Experience IIP, Privacy gets DESIGNED into a System as the Default Data Security Redress & Support Happy Consumer (Sales) Principles, Policy Design Operational Mechanisms Enforcement
TOP PRIVACY CONCERNS OF THE USER OF MDL A. Correlating/Tracking my ID usage across RPs 1. State Gov’t Tracking Across Commercial RPs 2. My IDP Tracking Across State Gov’t sites B. People will steal my official verified data from my phone (Wi-Fi, Bluetooth) without me knowing C. Now my real DL is in cloud for hackers to steal D. My IDP will share or resell my data with entities I don’t specifically authorize E. I hate reading legal privacy notices, they’re going to grab and use my data no matter what I do F. State (or My IDP) will track my location using identity G. Help desk access to my PII -resells, misuses it PNF RegLoc Bar CloudDL Biom GvTrack MTTrack RPs DataTrvl StigFNSSelfie LoseBiom StolenPh UsgLoc PhDataHack HelpDsk MTResell DataSync Accurate ChPolicy 0 5 10 15 20 25 30 35 40 45 50 0 2 4 6 8 10 Impact Likelihood Problem Prioritization Heat Map NISTIR 8062 Privacy Risk Assessment Methodology (PRAM)
PAIRWISE PSEUDONYMOUS (NON- CORRELATABLE) USER IDENTIFIERS A/K/A PRIVACY PROTECTING USER IDENTIFIERS (PPUID) Unique identifiers to each different service the user accesses Support added to open source and Gluu Server Service Providers who utilize pair-wise cannot correlate usage Coordinating all of a User’s state-level services could be seen as a benefit of using an online SSO system Who does the User believe she has a relationship with? 1 2 3 A Correlating/Tracking my ID usage across RPs
PRIVACY AND LEGAL NOTIFICATIONS WHAT THE APP WILL DO WITH MY PII Citizen Managed Identity App User Managed Access Policies for Attribute Sharing – Scopes that have LOA attached to them within the IDP software itself. You can always access our privacy policy through the menu on the top right of the App. D My IDP will share or resell my data with entities I don’t authorize E I hate reading legal privacy notices, they’re going to grab and use my data no matter what I do Your data will not be shared with any Entity by our IDP without your explicit approval using a card like this one. AgreeCancel
IT IS IMPERATIVE THAT WE GET PRIVACY RIGHT SOON… • Imagine IoT devices sensing & posting • And turning data loose to fast Analytics algorithms across grid computing In just 5 years we have already seen the buildup of negative reaction from consented posting of personal actions, data, life events, and relationships (even with untagging) Consumers will figure this out and redress the impact to their life, they will make purchase decisions in their best interest, which is privacy. IIP – Interactive Information Privacy @DavidKelts

Recommended

Seattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and PrivacySeattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and Privacy
Sabra Goldick
 
Digital identity
Digital identityDigital identity
Digital identity
Thouraya Daouas
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking Sector
CONFENIS 2012
 
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
Authentic8
 
Information Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLockInformation Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLock
IS Decisions
 
Multi Factor Authentication
Multi Factor AuthenticationMulti Factor Authentication
Multi Factor Authentication
Ping Identity
 
Centrify rethink security brochure
Centrify rethink security brochureCentrify rethink security brochure
Centrify rethink security brochure
Mark Gibson
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
Omar Khawaja
 

Recommended

Seattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and PrivacySeattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and Privacy
Sabra Goldick
 
Digital identity
Digital identityDigital identity
Digital identity
Thouraya Daouas
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking Sector
CONFENIS 2012
 
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
Authentic8
 
Information Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLockInformation Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLock
IS Decisions
 
Multi Factor Authentication
Multi Factor AuthenticationMulti Factor Authentication
Multi Factor Authentication
Ping Identity
 
Centrify rethink security brochure
Centrify rethink security brochureCentrify rethink security brochure
Centrify rethink security brochure
Mark Gibson
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
Omar Khawaja
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach
Aviva Spectrum™
 
Identity Proofing to provision accurately
Identity Proofing to provision accuratelyIdentity Proofing to provision accurately
Identity Proofing to provision accurately
David Kelts, CIPT
 
apsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLPapsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLP
andreasschuster
 
Biometrics
BiometricsBiometrics
Biometrics
rourke
 
Visitor management system
Visitor management systemVisitor management system
Visitor management system
mikeecholscyber
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
ClickSSL
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights Management
Rahul Neel Mani
 
Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891
Risk Crew
 
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กรการสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
Software Park Thailand
 
(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...
(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...
(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...
Priyanka Aash
 
LogRhythm E Phi Use Case
LogRhythm E Phi Use CaseLogRhythm E Phi Use Case
LogRhythm E Phi Use Case
jordagro
 
Identity as a Services in a Mobile World - David Harding CTO IWSinc
Identity as a Services in a Mobile World - David Harding CTO IWSincIdentity as a Services in a Mobile World - David Harding CTO IWSinc
Identity as a Services in a Mobile World - David Harding CTO IWSinc
Violet Le, MBA MIS
 
IoT_Implemented
IoT_ImplementedIoT_Implemented
IoT_Implemented
Brandon Walston
 
Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defenses
LeMeniz Infotech
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
Bharath Rao
 
Tools of the Trade: Privacy in the Digital Age - 2018-05-17
Tools of the Trade: Privacy in the Digital Age - 2018-05-17Tools of the Trade: Privacy in the Digital Age - 2018-05-17
Tools of the Trade: Privacy in the Digital Age - 2018-05-17
TechSoup
 
SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)
James Neo
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentation
JamesDempsey1
 
Role of blockchain technology in critical infrastructure security
Role of blockchain technology in critical infrastructure securityRole of blockchain technology in critical infrastructure security
Role of blockchain technology in critical infrastructure security
Global Tech Council
 
Multi-factor Implicit Biometric Authentication: Analysis and Approach
Multi-factor Implicit Biometric Authentication: Analysis and ApproachMulti-factor Implicit Biometric Authentication: Analysis and Approach
Multi-factor Implicit Biometric Authentication: Analysis and Approach
Jigisha Aryya
 
The Domains of Identity & Self-Sovereign Identity MyData 2018
The Domains of Identity & Self-Sovereign Identity MyData 2018The Domains of Identity & Self-Sovereign Identity MyData 2018
The Domains of Identity & Self-Sovereign Identity MyData 2018
Kaliya "Identity Woman" Young
 
Attacking Decentralized Identity.pdf
Attacking Decentralized Identity.pdfAttacking Decentralized Identity.pdf
Attacking Decentralized Identity.pdf
ssuser264cc11
 

More Related Content

What's hot

Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach
Aviva Spectrum™
 
Identity Proofing to provision accurately
Identity Proofing to provision accuratelyIdentity Proofing to provision accurately
Identity Proofing to provision accurately
David Kelts, CIPT
 
apsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLPapsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLP
andreasschuster
 
Biometrics
BiometricsBiometrics
Biometrics
rourke
 
Visitor management system
Visitor management systemVisitor management system
Visitor management system
mikeecholscyber
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
ClickSSL
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights Management
Rahul Neel Mani
 
Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891
Risk Crew
 
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กรการสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
Software Park Thailand
 
(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...
(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...
(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...
Priyanka Aash
 
LogRhythm E Phi Use Case
LogRhythm E Phi Use CaseLogRhythm E Phi Use Case
LogRhythm E Phi Use Case
jordagro
 
Identity as a Services in a Mobile World - David Harding CTO IWSinc
Identity as a Services in a Mobile World - David Harding CTO IWSincIdentity as a Services in a Mobile World - David Harding CTO IWSinc
Identity as a Services in a Mobile World - David Harding CTO IWSinc
Violet Le, MBA MIS
 
IoT_Implemented
IoT_ImplementedIoT_Implemented
IoT_Implemented
Brandon Walston
 
Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defenses
LeMeniz Infotech
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
Bharath Rao
 
Tools of the Trade: Privacy in the Digital Age - 2018-05-17
Tools of the Trade: Privacy in the Digital Age - 2018-05-17Tools of the Trade: Privacy in the Digital Age - 2018-05-17
Tools of the Trade: Privacy in the Digital Age - 2018-05-17
TechSoup
 
SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)
James Neo
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentation
JamesDempsey1
 
Role of blockchain technology in critical infrastructure security
Role of blockchain technology in critical infrastructure securityRole of blockchain technology in critical infrastructure security
Role of blockchain technology in critical infrastructure security
Global Tech Council
 
Multi-factor Implicit Biometric Authentication: Analysis and Approach
Multi-factor Implicit Biometric Authentication: Analysis and ApproachMulti-factor Implicit Biometric Authentication: Analysis and Approach
Multi-factor Implicit Biometric Authentication: Analysis and Approach
Jigisha Aryya
 

What's hot (20)

Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach
 
Identity Proofing to provision accurately
Identity Proofing to provision accuratelyIdentity Proofing to provision accurately
Identity Proofing to provision accurately
 
apsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLPapsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLP
 
Biometrics
BiometricsBiometrics
Biometrics
 
Visitor management system
Visitor management systemVisitor management system
Visitor management system
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights Management
 
Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891
 
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กรการสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
 
(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...
(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...
(SACON) Gauri Vishwas - Implementing a Privacy Program in a large Conglomerat...
 
LogRhythm E Phi Use Case
LogRhythm E Phi Use CaseLogRhythm E Phi Use Case
LogRhythm E Phi Use Case
 
Identity as a Services in a Mobile World - David Harding CTO IWSinc
Identity as a Services in a Mobile World - David Harding CTO IWSincIdentity as a Services in a Mobile World - David Harding CTO IWSinc
Identity as a Services in a Mobile World - David Harding CTO IWSinc
 
IoT_Implemented
IoT_ImplementedIoT_Implemented
IoT_Implemented
 
Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defenses
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
 
Tools of the Trade: Privacy in the Digital Age - 2018-05-17
Tools of the Trade: Privacy in the Digital Age - 2018-05-17Tools of the Trade: Privacy in the Digital Age - 2018-05-17
Tools of the Trade: Privacy in the Digital Age - 2018-05-17
 
SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)SingHealth Cyber Attack (project)
SingHealth Cyber Attack (project)
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentation
 
Role of blockchain technology in critical infrastructure security
Role of blockchain technology in critical infrastructure securityRole of blockchain technology in critical infrastructure security
Role of blockchain technology in critical infrastructure security
 
Multi-factor Implicit Biometric Authentication: Analysis and Approach
Multi-factor Implicit Biometric Authentication: Analysis and ApproachMulti-factor Implicit Biometric Authentication: Analysis and Approach
Multi-factor Implicit Biometric Authentication: Analysis and Approach
 

Similar to Lessons in privacy engineering from a nation scale identity system - connect id

The Domains of Identity & Self-Sovereign Identity MyData 2018
The Domains of Identity & Self-Sovereign Identity MyData 2018The Domains of Identity & Self-Sovereign Identity MyData 2018
The Domains of Identity & Self-Sovereign Identity MyData 2018
Kaliya "Identity Woman" Young
 
Attacking Decentralized Identity.pdf
Attacking Decentralized Identity.pdfAttacking Decentralized Identity.pdf
Attacking Decentralized Identity.pdf
ssuser264cc11
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud World
Katherine Cola
 
Self-Sovereign Identity: Lightening Talk at RightsCon
Self-Sovereign Identity: Lightening Talk at RightsCon Self-Sovereign Identity: Lightening Talk at RightsCon
Self-Sovereign Identity: Lightening Talk at RightsCon
Kaliya "Identity Woman" Young
 
The 5 Crazy Mistakes IoT Administrators Make with System Credentials
The 5 Crazy Mistakes IoT Administrators Make with System CredentialsThe 5 Crazy Mistakes IoT Administrators Make with System Credentials
The 5 Crazy Mistakes IoT Administrators Make with System Credentials
BeyondTrust
 
Smart Cities in India: Privacy & Security Concerns and Strategies
Smart Cities in India: Privacy & Security Concerns and StrategiesSmart Cities in India: Privacy & Security Concerns and Strategies
Smart Cities in India: Privacy & Security Concerns and Strategies
Kavitha Gupta, CIPP-Asia
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
Ulf Mattsson
 
Biometrics and authentication webinar v3
Biometrics and authentication webinar v3Biometrics and authentication webinar v3
Biometrics and authentication webinar v3
DigitalPersona
 
HXR 2016: Free the Data Access & Integration -Jonathan Hare, WebShield
HXR 2016: Free the Data Access & Integration -Jonathan Hare, WebShieldHXR 2016: Free the Data Access & Integration -Jonathan Hare, WebShield
HXR 2016: Free the Data Access & Integration -Jonathan Hare, WebShield
HxRefactored
 
A Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration SolutionsA Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration Solutions
Gabriella Davis
 
Ethics and Politics of Big Data
Ethics and Politics of Big DataEthics and Politics of Big Data
Ethics and Politics of Big Data
robkitchin
 
Self-Sovereign Identity for the Decentralized Web Summit
Self-Sovereign Identity for the Decentralized Web SummitSelf-Sovereign Identity for the Decentralized Web Summit
Self-Sovereign Identity for the Decentralized Web Summit
Kaliya "Identity Woman" Young
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
Kurt Hagerman
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
Sravan Ankaraju
 
How To Prevent The World Wild Web Identity Crisis
How To Prevent The World Wild Web Identity CrisisHow To Prevent The World Wild Web Identity Crisis
How To Prevent The World Wild Web Identity Crisis
wieringa
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
Jim Kaplan CIA CFE
 
Oath appsec sf 2015 dem rev. 2
Oath appsec sf 2015 dem rev. 2Oath appsec sf 2015 dem rev. 2
Oath appsec sf 2015 dem rev. 2
Donald Malloy
 
Strong Authentication - Open Source
Strong Authentication - Open SourceStrong Authentication - Open Source
Strong Authentication - Open Source
Donald Malloy
 
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Kaliya "Identity Woman" Young
 
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
ijtsrd
 

Similar to Lessons in privacy engineering from a nation scale identity system - connect id (20)

The Domains of Identity & Self-Sovereign Identity MyData 2018
The Domains of Identity & Self-Sovereign Identity MyData 2018The Domains of Identity & Self-Sovereign Identity MyData 2018
The Domains of Identity & Self-Sovereign Identity MyData 2018
 
Attacking Decentralized Identity.pdf
Attacking Decentralized Identity.pdfAttacking Decentralized Identity.pdf
Attacking Decentralized Identity.pdf
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud World
 
Self-Sovereign Identity: Lightening Talk at RightsCon
Self-Sovereign Identity: Lightening Talk at RightsCon Self-Sovereign Identity: Lightening Talk at RightsCon
Self-Sovereign Identity: Lightening Talk at RightsCon
 
The 5 Crazy Mistakes IoT Administrators Make with System Credentials
The 5 Crazy Mistakes IoT Administrators Make with System CredentialsThe 5 Crazy Mistakes IoT Administrators Make with System Credentials
The 5 Crazy Mistakes IoT Administrators Make with System Credentials
 
Smart Cities in India: Privacy & Security Concerns and Strategies
Smart Cities in India: Privacy & Security Concerns and StrategiesSmart Cities in India: Privacy & Security Concerns and Strategies
Smart Cities in India: Privacy & Security Concerns and Strategies
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
 
Biometrics and authentication webinar v3
Biometrics and authentication webinar v3Biometrics and authentication webinar v3
Biometrics and authentication webinar v3
 
HXR 2016: Free the Data Access & Integration -Jonathan Hare, WebShield
HXR 2016: Free the Data Access & Integration -Jonathan Hare, WebShieldHXR 2016: Free the Data Access & Integration -Jonathan Hare, WebShield
HXR 2016: Free the Data Access & Integration -Jonathan Hare, WebShield
 
A Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration SolutionsA Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration Solutions
 
Ethics and Politics of Big Data
Ethics and Politics of Big DataEthics and Politics of Big Data
Ethics and Politics of Big Data
 
Self-Sovereign Identity for the Decentralized Web Summit
Self-Sovereign Identity for the Decentralized Web SummitSelf-Sovereign Identity for the Decentralized Web Summit
Self-Sovereign Identity for the Decentralized Web Summit
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
 
How To Prevent The World Wild Web Identity Crisis
How To Prevent The World Wild Web Identity CrisisHow To Prevent The World Wild Web Identity Crisis
How To Prevent The World Wild Web Identity Crisis
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
 
Oath appsec sf 2015 dem rev. 2
Oath appsec sf 2015 dem rev. 2Oath appsec sf 2015 dem rev. 2
Oath appsec sf 2015 dem rev. 2
 
Strong Authentication - Open Source
Strong Authentication - Open SourceStrong Authentication - Open Source
Strong Authentication - Open Source
 
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
 
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
 

Recently uploaded

[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
bseovas
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
saathvikreddy2003
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
SEO Article Boost
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
cuobya
 
Azure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdfAzure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdf
AanSulistiyo
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
cuobya
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
uehowe
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
bseovas
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Florence Consulting
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
Trending Blogers
 
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
zyfovom
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
Trish Parr
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
Danica Gill
 

Recently uploaded (20)

[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
 
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
 
Azure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdfAzure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdf
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
 
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
 

Lessons in privacy engineering from a nation scale identity system - connect id

  • 1. LESSONS IN PRIVACY ENGINEERING FROM A NATION-SCALE IDENTITY SYSTEM A DAVID KELTS DIRECTOR | ARCHITECT | PROOFING | MOBILE IDENTITY DIGITAL LABS @DAVIDKELTS
  • 2. WHAT IS IDENTITY?  A provisioned account from which SSO can happen  Confirmation of the physical user at transaction time  A large set of attributes that resolve to a single entity  The individual behind the resolved attributes
  • 3. THE LAWS OF IDENTITY SYSTEMS PUBLISHED IN 2005 BY KIM CAMERON, MICROSOFT DIRECTOR OF IDENTITY, TO SUCCEED, UNIFYING IDENTITY SYSTEMS MUST… 1.User Control and Consent 2.Minimal Disclosure for Limited Use 3.Law of Fewest Justifiable Parties 4.Directed Identity: don’t release correlation handles 5.Pluralism of Operators and Technologies 6.Integrated, Unambiguous Machine to Human Communication 7.Consistent Experience Across Contexts Systems that violate any of these laws will eventually fail since they fail their users and their own original intent https://msdn.microsoft.com/en-us/library/ms996456.aspx
  • 4. WHAT IS PRIVACY?  Giving our User a solid sense of control over their identifying information that is consistent with our systems’ actual functioning  Safeguarding all the identifying info that our systems collect  Covering our legal exposure against users who have a problem with the way that our systems use their PII  Reducing the “creepy” feeling users get when we use their identity attributes and identifying information
  • 5. FOUNDATIONAL PRINCIPLES OF PRIVACY CAPTURED IN 1995 BY ANN CAVOUKIAN, PH.D. INFORMATION & PRIVACY COMMISSIONER, ONTARIO, CANADA AND NETHERLANDS DATA PROTECTION AUTHORITY 1. Proactive not Reactive; Preventative not Remedial 2. Privacy as the Default Setting 3. Privacy Embedded into Design 4. Full Functionality — Positive-Sum, not Zero-Sum 5. End-to-End Security — Full Lifecycle Protection 6. Visibility and Transparency — Keep it Open 7. Respect for User Privacy — Keep it User-Centric So how can I take action to actualize these Principles? https://www.ryerson.ca/pbdce/certification/seven-foundational-principles-of-privacy-by-design/
  • 6. INFORMATION HANDLING PRINCIPLES • Collection Limitation • Data Quality & Integrity • Purpose Specification • Use Limitation Lifecycle: DestroyRetainDiscloseUseValidateCollect • Security Safeguards • Openness, Transparency • Individual Participation • Accountability http://www.oecd.org/sti/ieconomy/informationsecurityandprivacy.htm http://laws-lois.justice.gc.ca/eng/acts/P-8.6/index.html Assumption that data is an asset… and to be handled
  • 7. ACTUALLY… DATA IS A LIABILITY • Total Cost of Ownership is Very High • Absence of Data means an Absence of Leaks • To date, our mechanism to Collect has terrible usability
  • 8. INTERACTIVE INFORMATION PRIVACY Lifecycle: DestroyRespectLog • At LOA1 UseAsk • Individual Participation • Purposeful, Consent Driven, User-Managed • Supports Self-Sovereign Identity Wouldn’t a user grant persistent consent to an IIP System? ©⓴⓯ @davidkelts
  • 9. CONCEPTUALIZATION OF IIP INTERACTIVE INFORMATION PRIVACY User Knowledge and Control Over… Personal Info Retained Entities Shared With Core & Presented Attributes Behavior & Usage Data Purpose for Collecting or Sharing • An individual owns their identity • Return control and management to the owner of the identity • Be appropriate for transaction use cases • Establish Limits, Let User Establish Limits ©⓴⓯ @davidkelts Score your system on how close to center your implementation actually functions
  • 10. HOW DO I GET THERE? HOW TO DESIGN FOR INTERACTIVE INFORMATION PRIVACY, PBD 1) START WITH YOUR FIRST PRINCIPLES https://en.wikipedia.org/wiki/First_principle
  • 11. 2) ANALYZE YOUR APPLICATION DATA FLOWS Look at each step where you …collect, validate, use, disclose, retain, destroy… in your data flows with empathy for your user There isn’t really a shortcut to the art in this process until we make it a science within our industry
  • 12. 3) CONCEPTUALIZE WHAT YOUR APP DATA FLOWS CAN DO TO YOUR USER? Potential Harms Power Imbalance Discrimination Stigmatization Loss Self Determination Loss of Autonomy Exclusion Lack of Liberty Confusion Loss of Trust Economic Loss Physical Harm When you think of Potential Harm to your user, you can begin to find your Problematic Data Actions http://www.nist.gov/itl/csd/upload/nist_privacy_engr_objectives_risk_model_discussion_deck.pdf
  • 13. HOW WOULD YOU REDESIGN AGAINST? • Stigmatization • Loss of Self- Determination • Physical Harm • Loss of Trust • Morality aside… this is the poster child for use case of Anonymity and Pseudonymity • Breaks down when you “need” name to collect monthly payment using payment processors who don’t trust identity… w/o holding attributes
  • 14. 4) IDENTIFY YOUR PROBLEMATIC DATA ACTIONS WHEN YOUR SYSTEM DOES NOT PUT YOUR USER IN CONTROL OF THEIR PII… WHEN YOU “HANDLE” PII FOR THEM, YOU CAN CAUSE: http://www.nist.gov/itl/csd/upload/nist_privacy_engr_objectives_risk_model_discussion_deck.pdf Induced Disclosure Insecurity Distortion Surveillance Unanticipated Revelation Unwarranted RestrictionAppropriation ©⓴⓯ @davidkelts
  • 15. HOW DO YOU FEEL ABOUT? Name Cell phone number Date of Birth Marital Status Mother’s Maiden Name… Web sites you visit Where you were at 9pm? • Surveillance • Unanticipated Revelation? Induced Disclosure Appropriation Unanticipated Revelation Privacy as the Default Setting
  • 16. HOW WOULD YOU DESIGN FOR US SOCIETY? • Lack of Liberty • Stigmatization • Loss of Trust • Surveillance • Economic Loss Follow law of Directed Identity: Prevent unnecessary release of correlation handles • US Citizens - 240 year old distrust of Big Government… grown stronger • eGov SSO breaks down if correlated or can trace citizen daily life • Cannot leak identifying info about FNS beneficiaries • Medical situation can’t stigmatize user from services or privs • Would citizen stop carrying phone if they feel surveillance?
  • 17. Ownership Purpose for Use Consent User Experience IIP, Privacy gets DESIGNED into a System as the Default Data Security Redress & Support Happy Consumer (Sales) Principles, Policy Design Operational Mechanisms Enforcement
  • 18. TOP PRIVACY CONCERNS OF THE USER OF MDL A. Correlating/Tracking my ID usage across RPs 1. State Gov’t Tracking Across Commercial RPs 2. My IDP Tracking Across State Gov’t sites B. People will steal my official verified data from my phone (Wi-Fi, Bluetooth) without me knowing C. Now my real DL is in cloud for hackers to steal D. My IDP will share or resell my data with entities I don’t specifically authorize E. I hate reading legal privacy notices, they’re going to grab and use my data no matter what I do F. State (or My IDP) will track my location using identity G. Help desk access to my PII -resells, misuses it PNF RegLoc Bar CloudDL Biom GvTrack MTTrack RPs DataTrvl StigFNSSelfie LoseBiom StolenPh UsgLoc PhDataHack HelpDsk MTResell DataSync Accurate ChPolicy 0 5 10 15 20 25 30 35 40 45 50 0 2 4 6 8 10 Impact Likelihood Problem Prioritization Heat Map NISTIR 8062 Privacy Risk Assessment Methodology (PRAM)
  • 19. PAIRWISE PSEUDONYMOUS (NON- CORRELATABLE) USER IDENTIFIERS A/K/A PRIVACY PROTECTING USER IDENTIFIERS (PPUID) Unique identifiers to each different service the user accesses Support added to open source and Gluu Server Service Providers who utilize pair-wise cannot correlate usage Coordinating all of a User’s state-level services could be seen as a benefit of using an online SSO system Who does the User believe she has a relationship with? 1 2 3 A Correlating/Tracking my ID usage across RPs
  • 20. PRIVACY AND LEGAL NOTIFICATIONS WHAT THE APP WILL DO WITH MY PII Citizen Managed Identity App User Managed Access Policies for Attribute Sharing – Scopes that have LOA attached to them within the IDP software itself. You can always access our privacy policy through the menu on the top right of the App. D My IDP will share or resell my data with entities I don’t authorize E I hate reading legal privacy notices, they’re going to grab and use my data no matter what I do Your data will not be shared with any Entity by our IDP without your explicit approval using a card like this one. AgreeCancel
  • 21. IT IS IMPERATIVE THAT WE GET PRIVACY RIGHT SOON… • Imagine IoT devices sensing & posting • And turning data loose to fast Analytics algorithms across grid computing In just 5 years we have already seen the buildup of negative reaction from consented posting of personal actions, data, life events, and relationships (even with untagging) Consumers will figure this out and redress the impact to their life, they will make purchase decisions in their best interest, which is privacy. IIP – Interactive Information Privacy @DavidKelts