Roger Clarke's Web-Site
© Xamax Consultancy Pty Ltd, 1995-2018
|Identity Matters||Other Topics||Waltzing Matilda||What's New|
Principal, Xamax Consultancy Pty Ltd, Canberra
Visiting Professor, Baker & McKenzie Cyberspace Law & Policy Centre, University of N.S.W.
Visiting Fellow, Department of Computer Science, Australian National University
Version of 8 May 2004
© Xamax Consultancy Pty Ltd, 2003-04
Available under an AEShareNet licence
This document is at http://www.rogerclarke.com/DV/IdAuthFundas.html
Identification is such an obvious idea that people take it for granted, and discussions about authentication during the last decade have assumed that the meaning of that term is self-evident as well. But they are in fact subtle and multi-faceted. A great deal of the confusion and lack of progress in gaining trust in eBusiness can be traced back to failure to grasp important fundamentals. This paper provides a brief explanation and definitions of the key ideas. It is supported by a set of PowerPoint slides.
The first requirement is that a distinction be made between the real world of people and their behaviour, on the one hand, and the abstract world of records stored in databases, on the other.
The following sections address in turn concepts related firstly to identity and entities, then to nymity, and then to the authentication of various kinds of assertions. A Bibliography provides access to a set of papers which investigate all of these concepts in depth.
An identity exists in the real world, not on disk drives. It is a presentation or role of some underlying entity. An entity may be a pallet full of cartons, or an artefact such as a computer, or a mobile phone; or a human being.
An artefact may present many identities, corresponding to the processes that are running in it, or the particular SIM-card inserted into the mobile-phone housing. A person may also present many identities. Most commonly, these correspond in some way with roles that the person performs.
Entities have attributes. For example, an artefact may have a limited memory-size, and a screen-size, and a processor-id; and a person has physical features, some of which like height and weight are shared with other people, and others of which are unusual and possibly unique, such as their thumbprint and their DNA.
Identities also have attributes. A process running in a computer has a process-id and may have memory-size constraints. A SIM-card installed in a mobile phone may have a credit-limit still available. A human identity may have associated with it an identifier such as a username, or staff-number, and other features such as password, date-of-commencement, and qualifications.
An important category of attributes is referred to as authorisations, permissions or privileges. For example, a supervisor may be able to sign sick leave forms for the people they are responsible for, but while acting up in their boss's role they may be able to sign purchase orders as well; and when they're the fire warden for the fourth floor, they can order to the CEO's secretary to get out of the building. In performing these various functions, the person concerned might use one identity, or multiple identities.
In the abstract world of information systems, identities and their attributes are represented by data-items expressed in digital form. A collection of data-items that refers to a single identity or entity is referred to as a record. A collection of such records may be referred to as a file or data-set, or possibly database.
Some of the data-items are used to distinguish the identity. Such a data-item or items is called an identifier. Common examples are process-id and SIM-card; and a person's commonly-used name, or some kind of organisation-imposed 'username' or code. An identifier is associated with an identity or role, not directly with the underlying entity, i.e. not directly with the computer, the mobile-phone, or the person.
To get to the underlying entity requires a processor-id, a mobile-phone-id, or a biometric measure of the particular instance of homo sapiens. A useful general term for the means of distinguishing entities from one another is an entifier.
The term 'identification' is used in several ways. The most useful meaning to apply is that identification is the process whereby data is associated with a particular real-world identity. It involves the acquisition of an identifier; for example, the act of acquiring a process-id, SIM-card-id or username is an act of identification.
It is important to clearly distinguish this from the acquisition of an entifier for a particular real-world entity. The word entification is an obvious contender as a generic term for the process of acquiring an entifier such as a processor-id, a mobile-phone-id, or a person's biometric.
(As far as I am aware, the terms 'entifier' and 'entification' are original suggestions of my own. I first used them in published materials in the 4th quarter of 2001, in a paper on authentication models. I would appreciate it if anyone who discovers any earlier uses would inform me of them).
Identifiers need closer attention. In some circumstances, it may be apparent which entity is using a particular identity. In others, it may not be apparent, but there may be means available to discover the entity underlying an identity. But yet other circumstances, no such means may be available.
An identifier that can be linked to the underlying entity only with considerable difficulty is commonly called a pseudonym. If an identifier cannot be linked to an entity at all, then it is usefully called an anonym. And a term that usefully encompasses both pseudonyms and anonyms is nym.
This gives rise to the need to differentiate between several states. A transaction or record that is able to be associated with a particular identity is usefully referred to as being an identified transaction or record. If data is associated directly with an entity, or indirectly (by being associated with an identity that is directly associated with an underlying entity), then it is usefully referred to as being an entified transaction or record.
Anonymity is a characteristic of records and transactions, such that they cannot be associated with any particular entity, whether from the data itself, or by combining it with other data. Pseudonymity is a characteristic of Records and Transactions, such that they cannot be associated with any particular entity unless legal, organisational and technical constraints are overcome. And a term that encompasses both anonymity and pseudonymity is nymity.
There are many cricumstances in which parties to a transaction need to have confidence in an assertion of some kind. The term authentication is a process whereby confidence is established in an assertion. It is performed by cross-checking against one or more authenticators, or items of evidence.
There are many categories of assertion that are important in particular contexts. Of particular interest to eBusiness, including both eCommerce and eGovernment are the following:
Authentication processes need to be applied to any assertion whose truth is important. Where the assertion is one of identity, then the term identity authentication is appropriate. It may be important to authenticate the identities of processes, or of SIM-cards, or of people.
Authenticators for assertions of human identity are of various kinds. They include things that the person knows (such as a password or PIN), things that the person does (such as the act of providing a written signature), and things that the person has (such as credentials with physical or digital existence, including tokens and documents).
Where the assertion is one of entity, then the term entity authentication needs to be applied. It may be important to authenticate the entity of processors, or mobile-phones, or people. The appropriate authenticator for a human entity is what the person is (i.e. a biometric).
These matters are dealt with in considerably greater detail in a long series of formal papers indexed here, which contain many references to the literature.
The papers that are of especial relevance are:
Clarke R. (1994) 'Human Identification in Information Systems: Management Challenges and Public Policy Issues' Info. Technology & People 7,4 (December 1994). At http://www.rogerclarke.com/DV/HumanID.html
Clarke R. (1999) 'Anonymous, Pseudonymous and Identified Transactions: The Spectrum of Choice ', Proc. IFIP User Identification & Privacy Protection Conference, Stockholm, June 1999, at http://www.rogerclarke.com/DV/UIPP99.html
Clarke R. (2001) 'Authentication: A Sufficiently Rich Model to Enable e-Business', at http://www.rogerclarke.com/EC/AuthModel.html
Clarke R. (2003) 'Authentication Re-visited: How Public Key Infrastructure Could Yet Prosper' Proc. 16th Int'l eCommerce Conf., at Bled, Slovenia, 9-11 June 2003m at http://www.rogerclarke.com/EC/Bled03.html
Clarke R. (2004) 'Identity Management: The Technologies, Their Business Value, Their Problems, and Their Prospects' Xamax Consultancy Pty Ltd, March 2004, purchasable from http://www.xamax.com.au/EC/IdMngt.html
An earlier version of this document was presented in a session on 'Authentication and Identification: New Paradigms', at the Conference on 'State Surveillance after September 11', at U.N.S.W. on 8 September 2003
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.
From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 50 million in early 2015.
Sponsored by Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916
Created: 22 August 2003 - Last Amended: 8 May 2004 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/DV/IdAuthFundas.html