Identity systems and trust

July 27, 2008 at 11:38 pm 2 comments

On reflection, it turns out that a trusted system may actually be untrustworthy.

I was looking at some of the recorded presentations that I missed at the Managing Identity in New Zealand conference in April. If the delightful Wordle tool could make word clouds from videos, then one of the prominent words in the presentations would be “trust.” There were probably few, if any, presentations that didn’t use that word in conjunction with identity systems.

Just what is the relationship between identity systems and trust? Given that every presenter thought it is a critical component of an identity system, it’s worth trying to uncover the relationship between the two.

To me the word trust seemed to cover a wide spectrum of meanings- different people used the word to mean different things. At one extreme is what I’d call technical trust while at the other is business trust.

A good example of technical trust is Stefan Brand’s presentation about Credentica’s U-Prove™ technology. He would probably define trust in terms of protocols, cryptographic proof, encryption, non-repudiation, digital signatures, message integrity, unlinkability, etc. Trust would, in this case, be the outcome from the technical features of an identity system.

At the other extreme is what a person like the Privacy Commissioner means by trust. She used it to mean “protect them [people] from the many possible harms that can arise from misuse of their personal information”; “to give credible, proveable reassurances”; and “people to feel too insecure to give out their information, and crippling e-govt and e-commerce systems.” She goes on to quote a minister that “Damage the trust of citizens and you damage the notion of citizenship, and governing becomes that much harder.”

I visualise the relationship between technical trust and business trust as two concentric circles. The smaller, inner one is technical trust and the larger, outer one business trust to represent:

– technical trust is a sub-set of business trust, i.e. it is impossible to achieve business trust without first getting technical trust; and

– technical trust on its own is insufficient, i.e. for an identity system to be trustworthy, it must have both technical trust and business trust. Otherwise, we get a (technically) trusted system that is untrustworthy from a business or user perspective.

Vendors of identity systems tend to focus on technical trust and make passing references to business trust. That’s one of the things that make the Liberty Alliance attractive- it has a focus on both technical and business trust.

As an aside, locally we seem to be getting there as evidenced by a recent post Govt moves forward with online ID by Richard Wood.

Entry filed under: government, identity, igovt, Lib_Alliance, NZ, personal_info, privacy, trust.

Invitation to become a bot herder UK: e-petition and proof of citizenship

2 Comments Add your own

  • 1. Adair  |  August 4, 2008 at 4:58 am

    Two things:

    1. Doesn’t ‘business trust’ imply a commercial/financial interest/priority in the relationship? When we are looking at the relationship between the state and the citizen concerning ‘identity management’ would it be more appropriate to think in terms of ‘professional trust’, such as is deemed to exist between an individual and their doctor/solicitor/priest? In these relationships the duty of the professional towards the individual client regarding the privacy of their records is primary, even sacrosanct, and only to be broken in the most serious and specific of circumstances (in the view of some, not to ever be broken). Once that professional promise of confidentiality is seen to be broken for lesser reasons and/or without the knowledge/consent of the client then ‘trust’ is destroyed, often irretrievably, and so the nature of the relationship between the two is profoundly altered.

    Where government agencies are seen to be selling/passing on citizens’ details to third parties, both civil and commercial, or otherwise using citizens’ data for its own purposes outside the relationship of trust in which the information was originally shared there can be no ‘trust’, because the relationship between the state and the citizen is clearly revealed to be secondary, or even unimportant, so far as a the state is concerned.

    The state is then perceived as ‘owning’ the citizen’s identity/data, rather than being a trusted guardian who puts the interests of the client (citizen) first, not just as a matter of expediency but as a matter of principle and honour. Ironically it may be best expressed by a ‘business trust’, that of the insurance industry—`Our word is our bond’. In past times that simple statement said all that a client needed to know.

    and, 2. ‘…it is impossible to achieve business trust without first getting technical trust’

    In the light of point one the philosophical and ethical understanding of ‘trust’ would seem to have to come first in order for the appropriate ‘technical trust’ to be assembled.

    Best regards, Adair.

  • 2. Vikram  |  August 5, 2008 at 11:16 pm

    Thanks Adair.

    I think we’re talking about two different things- you about intent, me about outcomes.

    From an intent perspective, you’re absolutely right. An interesting parallel is the Māori concept of Kaitiaki or trusted guardian/custodian. This concept has often been used in conjunction with identity management to describe the “business trust” between government and citizens.

    However, to translate the right intentions into the right outcomes, I think we still have the business trust outcome requiring the technical trust outcome first.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

This blog is no longer updated. See the About page for more info. I'm currently active on Twitter.

Follow me on twitter


%d bloggers like this: