Manage Learn to apply best practices and optimize your operations.

If my security policy from a privacy perspective does not allow one to use PKI due to linkage, how w

If my security policy from a privacy perspective does not allow one to use PKI due to linkage, how would I randomize the authentication assertions from various governmental program areas? The privacy legislation does not allow one to have linkages along the lines of a SPKI environment. How would one introduce entropy into the token with PKI to get around the privacy concerns?
The more secure the procedure, the more invasive to privacy. While PKI and privacy issues have been the most debated and published topics, there still lies confusion. Several SIG's are working with federal agencies in this area. One of the recommendations is to get a Privacy Impact Assessment done to clearly identify the information leakages. Further, in order to avoid the privacy issues, implement pseudonyms or basically pseudonym identifiers for users and map the same to attributes that can be validated. Since, this can't be explained in few lines, it would be better to direct you to the knowledgebase.

These papers will give you enough information on PKI as it relates to privacy issue and also outlines the proposed solutions and assertion mechanisms:

  • PKI assertion issues and proposed alternatives
  • Federal PKI initiative
  • Authentication and introduction of entropy in PKI
  • This was last published in June 2005

    Dig Deeper on Network Security Best Practices and Products

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.