| |
linking INTEGRITY
Integrity - use of values or principles to guide action in the situation at hand. Below are links and discussion related to the values of freedom, hope, trust, privacy, responsibility, safety, and well-being, within business and government situations arising in the areas of security, privacy, technology, corporate governance, sustainability, and CSR.
Liberty Alliance Project - Trust and Security - It's all about privacy!, 16.6.05
 ProjectLiberty.orgThe Liberty Specifications were built with privacy in mind.
The decisions made in developing technology were all made to enhance privacy and make it easier to implement good privacy practices.
Non Technical Privacy Features
Consumer consent
- All of the relevant specifications include the reference to the need of consumer consent for relevant transactions.
Consumer choice of Identity Providers
- Federated architecture allows consumer to choose an Identity Provider independent of the used network or service.
- Selection is only constrained by laws, regulations and business models, not the Liberty specifications
Decentralized or federated storage of PII or other information related to your identity
- Federated architecture allows the information related to a specific identity to be stored in relevant locations defined by the consumer, government or business relationship between the consumer and certain Service Provider
- Storage of PII or other identity related information is only constrained by laws, regulations and business models, not the Liberty specifications
- Simplified password management
Technical Privacy Features
XML Signature - XMLDSig allow a proper verification of the transaction parties, and if messages are signed and stored, allows for later auditing
Pseudonymous access - Identity Federation in Liberty creates a pseudonym, constructed of a random set of characters and being unique in the context of a specific Identity Provider and Service Provider
Anonymous Access - Liberty specs provide means for a Service Provider to access Identity Services without a need to know who the consumer they are providing services to really is.
Usage Directives - Allows for indication of associated privacy policy in both a request and reply for principal attributes
Consent header block - SOAP header block used to explicitly assert that the Principal consented to the present interaction
Interaction Service - The Interaction Service specification defines schemas and profiles that enable an Identity Service to interact with the owner of the information exposed by that Identity Service
|
|
Integrity Incorporated
Site Feed
|
"We shall need compromises in the days ahead, to be sure. But these will be, or should be, compromises of issues, not
principles. We can compromise our political positions, but not ourselves. We can resolve the clash of interests without
conceding our ideals. And even the necessity for the right kind of compromise does not eliminate the need for those
idealists and reformers who keep our compromises moving ahead, who prevent all political situations from meeting the
description supplied by Shaw: "smirched with compromise, rotted with opportunism, mildewed by expedience, stretched out
of shape with wirepulling and putrefied with permeation.
Compromise need not mean cowardice. .."
John Fitzgerald Kennedy, "Profiles in Courage"
|
Archives
07.03
08.03
09.03
10.03
11.03
12.03
01.04
02.04
03.04
04.04
05.04
06.04
07.04
08.04
09.04
10.04
11.04
12.04
01.05
02.05
03.05
04.05
05.05
06.05
07.05
08.05
09.05
10.05
11.05
12.05
01.06
02.06
03.06
04.06
05.06
06.06
08.06
09.06
10.06
11.06
01.07
02.07
03.07
04.07
07.07
08.07
09.07
10.07
05.08
06.08
| |
