Principal, Xamax Consultancy Pty Ltd, Canberra
Visiting Fellow, Department of Computer Science, Australian National University
Prepared for presentation at the
E-Authentication Symposium and Consultation
run by the Baker & McKenzie Cyberspace Law and Policy Centre, Faculty of Law, University of NSW and The National Office for the Information Economy (NOIE), on 11 July 2002
Version of 9 July 2002
© Xamax Consultancy Pty Ltd, 2002
This document is at http://www.anu.edu.au/people/Roger.Clarke/EC/eAuthCLPC020711.html
The accompanying PowerPoint slide-set is at http://www.anu.edu.au/people/Roger.Clarke/EC/eAuthCLPC020711.ppt
The term 'e-authentication' is coming to be used as a catch-all for a wide array of means whereby assertions made over telecommunications networks are tested for reasonableness. Many people who use the term mistakenly assume that the only kinds of assertion that matter are assertions that a person has a particular identity. The reality is much more complicated.
In many circumstances, what needs to be authenticated is not a person's identity, but rather an attribute that they have (such as their age, their membership of an organisation, their legal power to represent that organisation, or their location). Sometimes nothing at all about the person actually matters, because it is the value that they are offering that needs to be tested (e.g. the validity of the cash or credit card details). This is supported by slides 2-5, with an overview and a fuller description provided in Clarke (2001e).
A further concern is that discussions to date mostly overlook the real nature of identity, identifiers and identification. Little real progress can be expected until technologists and scheme designers have appreciated the concepts of entities, entifiers, entification, and nyms. This is supported by slides 6-10, with a description provided in Clarke (2002a).
A range of tools are used, such as signatures, passwords, PINs, 'photo-id', digital signatures, 'smartcards' and biometrics. For these tools to be effective, schemes need to be carefully designed, implemented and used, in order to satisfy a number of requirements.
This is supported by slide 11, with a description in Clarke (1999).
Many of the more recent proposals for e-authentication are highly intrusive. They threaten privacy of the physical person, of personal behaviour, of peronsal data, and potentially even of one's personal fate.
Conventional, X.509-based PKI (which is what is supposed to support current applications of digital signatures) is so riddled with inadequacies that it simply doesn't work; yet it imposes mightily on people who are subjected to it. This is supported by slides 12-15 and explained at length in Clarke (2001b). Here is an index of my analyses of the threats inherent in PKI.
Biometrics technologies are being touted as a means of achieving high levels of physical security, e.g. by somehow preventing terrorists from gaining access to places where they can do damage. A vast array of misinformation is being perpetrated by suppliers, and cheerfully accepted by national security and law enforcement agencies. The whole biometrics industry is built on myths, none moreso than so-called 'face recognition' technology, the promotion of which is downright fraudulent. See slides 16-19, a more detailed PowerPoint slide-set.
Biometric techniques of all kinds embody serious impacts and implications for people, ranging from imposition and inconvenience, through unjustified suspicion and arrest, to masquerade, identity theft, access denial and potentially even identity denial. If current proposals ever come to fruition, the result will be the severe chilling of democratic, social and artistic freedoms. See slides 20-24, Clarke (2001a), and Clarke (2002b).
11 September was frightening, but it didn't change the world. What did change the world was the remarkably rapid exploitation of the terrorist strikes by the 'smart right'. The harm being done in the name of physical security is much deeper even than that done by the terrorists, because it strikes not just at the life of some, but at the quality of life of all. See slides 25-26.
The public interest is seriously under-represented in the fora in which e-authentication is discussed and promoted, and is largely excluded from the design and implementation of schemes. See slide 27.
If this is to change, and if the public is expected to become interested in intrinsically intrusive e-authentication schemes, public interest organisations must have a seat at all relevant fora, and a voice in all relevant processes. This requires action by government, driven by NOIE, and financial support to enable travel to and participation in meetings. See slide 28.
Clarke R. (1994) 'Human Identification in Information Systems: Management Challenges and Public Policy Issues' Information Technology & People 7,4 (December 1994) 6-37, at http://www.anu.edu.au/people/Roger.Clarke/DV/HumanID.html
Clarke R. (1999) 'Identified, Anonymous and Pseudonymous Transactions: The Spectrum of Choice' Proc. User Identification & Privacy Protection Conf., Stockholm, 14-15 June 1999, at http://www.anu.edu.au/people/Roger.Clarke/DV/UIPP99.html
Clarke R. (2001a) 'Biometrics and Privacy' April 2001, at http://www.anu.edu.au/people/Roger.Clarke/DV/Biometrics.html
Clarke R. (2001b) 'The Fundamental Inadequacies of Conventional Public Key Infrastructure' Proc. Conf. ECIS'2001, Bled, Slovenia, 27-29 June 2001, at http://www.anu.edu.au/people/Roger.Clarke/II/ECIS2001.html
Clarke R. (2001c) 'Person-Location and Person-Tracking: Technologies, Risks and Policy Implications' Information Technology & People 14, 2 (Summer 2001) 206-231. Original version in Proc. 21st International Conference on Privacy and Personal Data Protection, pp.131-150, Hong Kong, 13-15 September 1999, at http://www.anu.edu.au/people/Roger.Clarke/DV/PLT.html
Clarke R. (2001d) 'Trust in the Context of e-Business' 1 October 2001, at http://www.anu.edu.au/people/Roger.Clarke/EC/Trust.html
Clarke R. (2001e) 'Authentication: A Sufficiently Rich Model to Enable e-Business' , December 2001, at http://www.anu.edu.au/people/Roger.Clarke/EC/AuthModel.html
Clarke R. (2001f) 'The Re-Invention of Public Key Infrastructure', December 2001, at http://www.anu.edu.au/people/Roger.Clarke/EC/PKIReinv.html
Clarke R. (2002a) 'Why Do We Need PKI? Authentication Re-visited' January 2002, at http://www.anu.edu.au/people/Roger.Clarke/EC/PKIRW02.html
Clarke R. (2002b) 'Can Biometrics Systems Promise Better Security without Destroying Privacy and Civil Rights?', in 'Personal Notes on Computers, Freedom & Privacy', San Francisco, 16-19 April 2002, at http://www.anu.edu.au/people/Roger.Clarke/DV/NotesCFP02.html#BiomRC
Go to Roger's Home Page.
Go to the contents-page for this segment.
Send an email to Roger
Created: 8 July 2002
Last Amended: 9 July 2002
|These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content).|
| The Australian National University|
Visiting Fellow, Faculty of
Engineering and Information Technology,
Information Sciences Building Room 211
Pty Ltd, ACN: 002 360 456|
78 Sidaway St
Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, 6288 6916