This page is powered by Blogger. Isn't yours?

 Feedblitz email:
 RSS: http://linkingintegrity.blogspot.com/atom.xml



Integrity - use of values or principles to guide action in the situation at hand.

Below are links and discussion related to the values of freedom, hope, trust, privacy, responsibility, safety, and well-being, within business and government situations arising in the areas of security, privacy, technology, corporate governance, sustainability, and CSR.

Liberty Alliance Project - Trust and Security - It's all about privacy!, 16.6.05


The Liberty Specifications were built with privacy in mind.

The decisions made in developing technology were all made to enhance privacy and make it easier to implement good privacy practices.

Non Technical Privacy Features

  • Consumer consent
    • All of the relevant specifications include the reference to the need of consumer consent for relevant transactions.

  • Consumer choice of Identity Providers
    • Federated architecture allows consumer to choose an Identity Provider independent of the used network or service.
    • Selection is only constrained by laws, regulations and business models, not the Liberty specifications

  • Decentralized or federated storage of PII or other information related to your identity
    • Federated architecture allows the information related to a specific identity to be stored in relevant locations defined by the consumer, government or business relationship between the consumer and certain Service Provider
    • Storage of PII or other identity related information is only constrained by laws, regulations and business models, not the Liberty specifications
    • Simplified password management

    Technical Privacy Features

  • XML Signature - XMLDSig allow a proper verification of the transaction parties, and if messages are signed and stored, allows for later auditing
  • Pseudonymous access - Identity Federation in Liberty creates a pseudonym, constructed of a random set of characters and being unique in the context of a specific Identity Provider and Service Provider
  • Anonymous Access - Liberty specs provide means for a Service Provider to access Identity Services without a need to know who the consumer they are providing services to really is.
  • Usage Directives - Allows for indication of associated privacy policy in both a request and reply for principal attributes
  • Consent header block - SOAP header block used to explicitly assert that the Principal consented to the present interaction
  • Interaction Service - The Interaction Service specification defines schemas and profiles that enable an Identity Service to interact with the owner of the information exposed by that Identity Service

  • Comments

    Post a Comment



    Integrity Incorporated

    Site Feed

     Feedblitz email:

     RSS: http://linkingintegrity.blogspot.com/atom.xml


    "We shall need compromises in the days ahead, to be sure. But these will be, or should be, compromises of issues, not principles. We can compromise our political positions, but not ourselves. We can resolve the clash of interests without conceding our ideals. And even the necessity for the right kind of compromise does not eliminate the need for those idealists and reformers who keep our compromises moving ahead, who prevent all political situations from meeting the description supplied by Shaw: "smirched with compromise, rotted with opportunism, mildewed by expedience, stretched out of shape with wirepulling and putrefied with permeation.
    Compromise need not mean cowardice. .."

    John Fitzgerald Kennedy, "Profiles in Courage"


    07.03   08.03   09.03   10.03   11.03   12.03   01.04   02.04   03.04   04.04   05.04   06.04   07.04   08.04   09.04   10.04   11.04   12.04   01.05   02.05   03.05   04.05   05.05   06.05   07.05   08.05   09.05   10.05   11.05   12.05   01.06   02.06   03.06   04.06   05.06   06.06   08.06   09.06   10.06   11.06   01.07   02.07   03.07   04.07   07.07   08.07   09.07   10.07   05.08   06.08