Q

If my security policy from a privacy perspective does not allow one to use PKI due to linkage, how w

If my security policy from a privacy perspective does not allow one to use PKI due to linkage, how would I randomize the authentication assertions from various governmental program areas? The privacy legislation does not allow one to have linkages along the lines of a SPKI environment. How would one introduce entropy into the token with PKI to get around the privacy concerns?
The more secure the procedure, the more invasive to privacy. While PKI and privacy issues have been the most debated and published topics, there still lies confusion. Several SIG's are working with federal agencies in this area. One of the recommendations is to get a Privacy Impact Assessment done to clearly identify the information leakages. Further, in order to avoid the privacy issues, implement pseudonyms or basically pseudonym identifiers for users and map the same to attributes that can be validated. Since, this can't be explained in few lines, it would be better to direct you to the knowledgebase.

These papers will give you enough information on PKI as it relates to privacy issue and also outlines the proposed solutions and assertion mechanisms:

  • PKI assertion issues and proposed alternatives
  • Federal PKI initiative
  • Authentication and introduction of entropy in PKI
  • This was first published in June 2005

    Dig deeper on Network Security Best Practices and Products

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchSDN

    SearchEnterpriseWAN

    SearchUnifiedCommunications

    SearchMobileComputing

    SearchDataCenter

    SearchITChannel

    Close