If my security policy from a privacy perspective does not allow one to use PKI due to linkage, how w
If my security policy from a privacy perspective does not allow one to use PKI due to linkage, how would I randomize the authentication assertions from various governmental program areas? The privacy legislation does not allow one to have linkages along the lines of a SPKI environment. How would one introduce entropy into the token with PKI to get around the privacy concerns?
The more secure the procedure, the more invasive to privacy. While PKI and privacy issues have been the most debated and published topics, there still lies confusion. Several SIG's are working with federal agencies in this area. One of the recommendations is to get a Privacy Impact Assessment done to clearly identify the information leakages. Further, in order to avoid the privacy issues, implement pseudonyms or basically pseudonym identifiers for users and map the same to attributes that can be validated. Since, this can't be explained in few lines, it would be better to direct you to the knowledgebase.
These papers will give you enough information on PKI as it relates to privacy issue and also outlines the proposed solutions and assertion mechanisms:
PKI assertion issues and proposed alternatives
Federal PKI initiative
Authentication and introduction of entropy in PKI
This was first published in June 2005