White House/Bankster Online "Identity Ecosystem" Agenda Exposed [Enslavement]

Author Topic: White House/Bankster Online "Identity Ecosystem" Agenda Exposed [Enslavement]  (Read 7653 times)

0 Members and 1 Guest are viewing this topic.

Offline Freebird100

  • Member
  • *****
  • Posts: 2,834
The Obama administration said today that it's moving ahead with a plan for broad adoption of Internet IDs despite concerns about identity centralization, and hopes to fund pilot projects next year.

At an event hosted by the U.S. Chamber of Commerce in Washington, D.C., administration officials downplayed privacy and civil liberties concerns about their proposal, which they said would be led by the private sector and not be required for Americans who use the Internet.

There's "no reliable way to verify identity online" at the moment, Commerce Secretary Gary Locke said, citing the rising tide of security threats including malware and identity theft that have grown increasingly prevalent over the last few years. "Passwords just won't cut it here."

During his speech, Locke lashed out at the "conspiracy theory set" who have criticized the proposal. A column in NetworkWorld.com, for instance, called NSTIC a "great example of rampant, over-reaching, ignorant, and ill-conceived political foolishness."

http://news.cnet.com/8301-31921_3-20054342-281.html
"The two enemies of the people are criminals and government, so let us tie the second down with the chains of the Constitution so the second will not become the legalized version of the first."

Thomas Jefferson

Offline ekimdrachir

  • Member
  • *****
  • Posts: 7,147
  • METATRON ON
    • Go Outside
Re: Obama moves forward with Internet ID plan
« Reply #1 on: April 15, 2011, 09:39:02 pm »
The pressing issues of our time. Feeding the poor? Nah let's figure out how to identify people online.

wvoutlaw2002

  • Guest
Re: Obama moves forward with Internet ID plan
« Reply #2 on: April 15, 2011, 09:39:20 pm »
During his speech, Locke lashed out at the "conspiracy theory set" who have criticized the proposal.

They've been propagandizing for years in favor of an "internet license". And I just knew that they would just label you a "conspiracy theorist" if you speak out against internet licenses.

Hey feds, you can label me all you want. All I'm saying is you can take your internet licenses and internet taxes and biometric logins and stick it straight up your ass.

Offline Freeski

  • Member
  • *****
  • Posts: 20,732
Re: Obama moves forward with Internet ID plan
« Reply #3 on: April 15, 2011, 09:53:15 pm »
Just what the f**k is he doing being president, anyway?

To be "President", should you not at least like the idea of life, liberty and the pursuit of happiness?

He's not a puppet! None of our so-called leaders are. They are complicit in this tyranny. (unless they're flat-lined morans)

Arrest the bastards for disgrace of freedom!
"He who passively accepts evil is as much involved in it as he who helps to perpetrate it. He who accepts evil without protesting against it is really cooperating with it." Martin Luther King, Jr.

Offline Optimus

  • Globalist Destroyer
  • Global Moderator
  • Member
  • *****
  • Posts: 11,969
  • The banksters are steaming piles of dog shit!
    • GlobalGulag.com
White House unveils cyber ID proposal

WASHINGTON (AFP) - The White House unveiled a plan on Friday designed to boost confidence and business in cyberspace through the creation of a single, secure online credential.

"By making online transactions more trustworthy and better protecting privacy, we will prevent costly crime, we will give businesses and consumers new confidence, and we will foster growth and untold innovation," President Barack Obama said in a statement.

"That's why this initiative is so important for our economy," Obama said.

The National Strategy for Trusted Identities in Cyberspace (NSTIC) proposes the creation of secure and reliable online credentials that would be available to consumers who want to use them.
Read more » http://www.activistpost.com/2011/04/white-house-unveils-cyber-id-proposal.html
“The Constitution is not an instrument for the government to restrain the people,
it's an instrument for the people to restrain the government.” – Patrick Henry

>>> Global Gulag Media & Forum <<<

Offline Scarbo

  • Member
  • *****
  • Posts: 854
*sells computer on ebay*  >:(

Offline ekimdrachir

  • Member
  • *****
  • Posts: 7,147
  • METATRON ON
    • Go Outside

Obama administration unveils online ID system

A plan to create a national online identity system was launched today to help combat cyber crime.

Commerce Secretary Gary Locke claimed the move will protect Internet consumers from fraud and identity theft.

Unveiling the scheme, he insisted the cyber ID was not a Big Brother plan by the government to snoop on web users.

Mr Locke said it would mean people would no longer have to remember a variety of different passwords to do business and social networking online.

He claims that the current system of half-remembered passwords jotted down on post it notes and based on pets and mother’s maiden names is not enough.

‘Passwords just won’t cut it here,’ he said. ‘We must do more to help consumers protect themselves, and we must make it more convenient than remembering dozens of passwords.’

The Commerce Department said 8.1 million people fell prey to online identity thieves last year at a cost of $27 billion.

By using a single identification- which could come in the form of a unique piece of software on a cell phone, a keychain fob, or some other type of gadget- the administration believes it will be easier and safer to navigate the web.

Instead of having to remember all those disparate passwords, one for each site that conducts a secure transaction, a consumer would use that single credential to log in, with far more security than a password alone would provide, the agency said.

The National Strategy for Trusted Identities in Cyberspace will be voluntary, but some computer experts believe it is inevitable that most computer users will had a single ID for transactions in the future.

Officials say the ID will also help protect consumers from spammers and companies that collect data on their websurfing activity, letting them surf anonymously online.

It would not create a centralized database of information, the agency said, because consumers will be able to choose from a variety of programmes within the cyber-identity system.

Although the system is not yet up and running, the Commerce Secretary said a number of leading computer companies, including Microsoft, IBM, the Secure ID Coalition, and Wave Systems Corp, are developing ways to make the system most efficient and effective.

Scott Charney, corporate vice president of Microsoft, told Fox News: ‘This ecosystem will provide citizens with a variety of choices for authenticating their identity online while helping to protect their security and privacy.’

Jim Dempsey, a vice president for the Center of Democracy and Technology, added: ‘I think there’s a model here perhaps for the broader question of cybersecurity … the Administration, to my view, has conducted a very open process here.’

http://www.dailymail.co.uk/news/article-1377479/Obama-administration-unveils-national-online-ID-system.html


Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
Hey look...it is part of the wording in the Deathcare Bill that RAND CORPORATION put in...



RAND CORPORATION SPECIAL REPORT
Creating Unique Health ID Numbers Would Facilitate Improved Efficiency in Depopulation Planning and Execution

http://www.rand.org/news/press/2008/10/20.html
RAND Office of Media Relations
FOR RELEASE
Monday October 20, 2008

Creating a unique patient identification number for every person in the United States would facilitate a reduction in medical errors, simplify the use of electronic medical records, increase overall efficiency and help protect patient privacy, according to a new RAND Corporation study. Although creating such an identification system could cost as much as $11 billion, the effort would likely return even more in benefits to the nation's health care system, according to researchers from RAND Health. "Establishing a system of unique patient identification numbers would help the nation to enjoy the full benefits of electronic medical records and improve the quality of medical care," said Richard Hillestad, the study's lead author and a senior principal researcher at RAND, a nonprofit research organization. "The alternative is to rely on a system that produces too many errors and puts patients' privacy at risk." Federal legislation passed over a decade ago supported the creation of a unique patient identifier system, but privacy and security concerns have stalled efforts to put the proposal into use. As adoption of health information technology expands nationally and more patient records are computerized, there have been increasing calls to create a system that would make it easier to retrieve records across varying systems such as those used by doctors and hospitals. RAND researchers examined the costs of creating a unique patient identification system, compared the error rates of such a system and its alternatives, and examined the operational advances and disadvantages of the technology.

The RAND study concluded that one of the primary benefits created by broad adoption of unique patient identifiers would be to eliminate record errors, and help reduce repetitive and unneeded care. In the absence of unique patient identifiers, most health systems use a technique known as statistical matching that retrieves a patient's medical record by searching for attributes such as name, birth date, address, gender, medical record numbers, and all or part of a person's Social Security Number. Reviewing past research studies, RAND researchers estimated that statistical matching returns incomplete medical records about 8 percent of the time and exposes patients to privacy risks because a large amount of personal information is exposed to computer systems during a search. The study also concluded that many of the privacy concerns related to a unique patient identification system could be addressed through the creation and enforcement of laws that severely punish those who misuse information retrieved with a health ID number. "Our research suggests that it's easier to safeguard patient privacy with a records system that makes use of a unique health ID rather than a system that uses statistical matching," Hillestad said. One way to deal with privacy concerns might be to allow to people to voluntarily enroll in a unique patient identification system, researchers say. Such an approach would allow a unique health identifier system to demonstrate that it can be used without compromising patient privacy and can be more accurate than current statistical matching systems. Some proposals have suggested using patients' Social Security Numbers as a medical identifier. But the RAND study found Social Security Numbers are a poor option because they are so widely used and they pose risks of identify theft.

A genuine unique patient identification system would be more secure because it could include safeguards such as check codes that allow numbers to be easily screened for input errors. Such check codes are mathematical combinations of the other digits in the number and are commonly used in other digital IDs such as those in the product bar codes scanned at checkout counters.

Support for the study was provided by a consortium of health information technology companies. They include Cerner Corporation, CPSI, Intel, IBM, Microsoft, MISYS, Oracle and Siemens. The study, "Identity Crisis: An Examination of the Costs and Benefits of a Unique Patient Identifier for the U.S. Health Care System," is available at www.rand.org. Other authors of the report are James H. Bigelow, Basit Chaudhry, Paul Dreyer, Michael D. Greenberg, Robin C. Meili, M. Susan Ridgely, Jeff Rothenberg and Roger Taylor. RAND Health, a division of the RAND Corporation, is the nation's largest independent health policy research program, with a broad research portfolio that focuses on quality, costs and health services delivery, among other topics.


Using SS#'s instead...

Unique Patient Identification Numbers, Electronic Heath Records (EHR), Electronic Medical Records (EMR), and Social Security Numbers (SSN)
http://information-technology-forum.blogspot.com/2009/11/electronic-heath-records-ehr-electronic.html
Tuesday, November 17, 2009

Unique Patient Identification Numbers, Electronic Heath Records (EHR), Electronic Medical Records (EMR), and Social Security Numbers (SSN) Creating a unique patient identification number for every person in the United States would help reduce medical errors, simplify the use of electronic medical records, increase overall efficiency, and protect patient privacy, according to a recent RAND Corp. study.  Creating such an ID system could cost as much as $11 billion, but the effort would likely return even more in benefits to the nation's healthcare system, said researchers from RAND Health, a nonprofit research organization.  As adoption of health IT expands nationally and more patient records are computerized, there have been increasing calls to create a system that would include such an ID. So, as segue to an upcoming post here on the challenges presented by an electronic health records system based on a unique patient identification number, let’s take a brief look at the closest thing to it in the U.S.: The Social Security Number.

Introduction
The Social Security Number (SSN) was created in 1936 as a nine-digit account number assigned by the Secretary of Health and Human Services for the purpose of administering the Social Security laws. SSNs were first intended for use exclusively by the federal government as a means of tracking earnings to determine the amount of Social Security taxes to credit to each worker's account. Over time, however, SSNs were permitted to be used for purposes unrelated to the administration of the Social Security system. For example, in 1961 Congress authorized the Internal Revenue Service to use SSNs as taxpayer identification numbers. In response to growing concerns over the accumulation of massive amounts of personal information, Congress passed the Privacy Act of 1974. Among other things, this Act makes it unlawful for a governmental agency to deny a right, benefit, or privilege merely because the individual refuses to disclose his SSN. Section 7 of the Privacy Act further provides that any agency requesting an individual to disclose his SSN must "inform that individual whether that disclosure is mandatory or voluntary, by what statutory authority such number is solicited, and what uses will be made of it." At the time of its enactment, Congress recognized the dangers of widespread use of SSNs as universal identifiers. In its report supporting the adoption of this provision, the Senate Committee stated that the widespread use of SSNs as universal identifiers in the public and private sectors is "one of the most serious manifestations of privacy concerns in the Nation." Short of prohibiting the use of the SSN outright, the provision in the Privacy Act attempts to limit the use of the number to only those purposes where there is clear legal authority to collect the SSN. It was hoped that citizens, fully informed where the disclosure was not required by law and facing no loss of opportunity in failing to provide the SSN, would be unlikely to provide an SSN and institutions would not pursue the SSN as a form of identification. Large amounts of personal information, including tax information, credit information, school records, and medical records, is keyed to your Social Security Number. Because this data is often sensitive, you should keep it private.

The Structure of the SSN
The SSN is not entirely randomly-generated. Although the procedures for issuing SSNs have changed over the years, a SSN can reveal an individual's relative age and place of origin. The first three numbers (area number) are keyed to the state in which the number was issued. The next two (group numbers) indicate the order in which the SSN was issued in each area. The last four (serial numbers) are randomly generated.

The SSN and Privacy
Today, the Social Security Number plays an unparalleled role in identification, authentication, and tracking of Americans. Because the identifier is used for many purposes, it is valuable to those who wish to acquire credit, commit crimes, or masquerade as another person. The SSN has been increasingly used in the private sector. The SSN is the record locator for many private-sector profilers, credit bureaus, and credit card companies. It is also used extensively outside the financial services sector. And, while some businesses use the SSN to identify individuals, others use the SSN as a password. This means that the SSN is widely used both as an identifier and as an authenticator. Serious security problems are raised in any system where a single number is used both as identifier and authenticator. It is not unlike using a password identical to a user name for signing into e-mail. Or like using the SSN as a bank account number and the last four of the SSN as a PIN for automated teller machines.

The SSN as National Identifier
The issuance of a single, unique number to Americans raises the risk that the SSN will become a de jure or de facto national identifier. This risk is not new; it was voiced at the creation of the SSN and has since been raised repeatedly. The SSN was created in 1936 for the sole purpose of accurately recording individual worker's contributions to the social security fund. The public and legislators were immediately suspicious and distrustful of this tracking system fearing that the SSN would quickly become a system containing vast amounts of personal information, such as race, religion and family history, that could be used by the government to track down and control the action of citizens. Public concern over the potential for abuse inherent in the SSN tracking system was so high, that in an effort to dispel public concern the first regulation issued by the Social Security Board declared that the SSN was for the exclusive use of the Social Security system. In passing the Privacy Act of 1974, Congress was specifically reacting to and rejecting calls for the creation of a single entity for the reference and storage of personal information. A 1977 report issued as a result of the Privacy Act highlighted the dangers and transfer of powers from individuals to the government that occur with centralization of personal information: In a larger context, Americans must also be concerned about the long-term effect record-keeping practices can have not only on relationships between individuals and organizations, but also on the balance of power between government and the rest of society. Accumulations of information about individuals tend to enhance authority by making it easier for authority to reach individuals directly. Thus, growth in society's record-keeping capability poses the risk that existing power balances will be upset. Many medical providers are using the SSN as a patient identifier, thus hardening the number as a de facto national identifier. As David Miller noted in testimony before the National Committee on Vital Health Statistics: "It should be noted that the 1993 WEDI [Workgroup for Electronic Data Interchange] Report, Appendix 4, Unique Identifiers for the Health Care Industry, Addendum 4 indicated 71% of the payers responding to the survey based the individual identifier on the Member's Social Security Number. However 89% requested the insured's Social Security Number for application of insurance. Clearly the Social Security Number is the current de facto identifier..." But individuals and companies are resisting such use of the SSN. Acting on employees' suggestions, I.B.M. has requested that health companies stop using the SSN on insurance cards. According to IBM, fifteen insurers, which cover about 30,000 of the company's 500,000 employees worldwide have either not responded or indicated that they will not comply with the request.

The SSN and Identity Theft
The widespread use of the SSN as an identifier and authenticator has lead to an increase in identity theft. According to the Privacy Rights Clearinghouse, identity theft now affects between 500,000 and 700,000 people annually. Victims often do not discover the crime until many months after its occurrence. Victims spend hundreds of hours and substantial amounts of money attempting to fix ruined credit or expunge a criminal record that another committed in their name. Identity theft litigation also shows that the SSN is central to committing fraud. In fact, the SSN plays such a central role in identification that there are numerous cases where impostors were able to obtain credit with their own name but a victim's SSN, and as a result, only the victim's credit was affected. In June 2004, the Salt Lake Tribune reported: "Making purchases on credit using your own name and someone else's Social Security number may sound difficult -- even impossible -- given the level of sophistication of the nation's financial services industry. But investigators say it is happening with alarming frequency because businesses granting credit do little to ensure names and Social Security numbers match and credit bureaus allow perpetrators to establish credit files using other people's Social Security numbers." The same article reports that Ron Ingleby, resident agent in charge of Utah, Montana and Wyoming for the Social Security Administration's Office of Inspector General, as stating that SSN-only fraud makes up the majority of cases of identity theft. Because creditors will open new accounts based only on a SSN match, California has passed legislation requiring certain credit grantors to comply with heightened authentication procedures. California Civil Code § 1785.14 requires credit grantors to actually match identifying information on the credit application to the report held at the credit reporting agency. Credit cannot be granted unless three identifiers from the application match those on file at the credit bureau.
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
RAND CORPORATION SPECIAL REPORT
Should RAND Corporation use the American Soldier for Experimentation of a Global Identification System?
The answer is yes according to this study

http://www.rand.org/pubs/research_briefs/RB3024.html
John D. Woodward, Katharine Watkins Webb, Elaine M. Newton, Melissa A. Bradley, David Rubenson

This research brief describes work documented in Army Biometric Applications: Identifying and Addressing Sociocultural Concerns (MR-1237-A).

Excerpt: The Army is having an identity crisis, and it affects both its wartime and peacetime operations. Simply put, the Army needs to ensure that the right people — and only the right people — can get access to its information systems, its weapons, and its many databases that serve the Army community. Biometrics — that is, physical characteristics or personal traits that can be measured quickly — may offer a solution. But using biometrics raises some knotty legal, ethical, and sociological issues — for example, how to safeguard biometric information so it cannot be used for other, possibly nefarious, purposes. The Army has been studying these issues and has been considering the feasibility of establishing a biometric research center that could serve as a central data repository and carry out test and evaluation.[1]
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
Internet Identity System Said Readied by Obama Administration
http://www.businessweek.com/news/2011-01-07/internet-identity-system-said-readied-by-obama-administration.html
January 07, 2011, 7:10 AM EST By James Sterngold

Jan. 7 (Bloomberg) -- The Obama administration plans to announce today plans for an Internet identity system that will limit fraud and streamline online transactions, leading to a surge in Web commerce, officials said. While the White House has spearheaded development of the framework for secure online identities, the system led by the U.S. Commerce Department will be voluntary and maintained by private companies, said the officials, who spoke on condition of anonymity ahead of the announcement. A group representing companies including Verizon Communications Inc., Google Inc., PayPal Inc., Symantec Corp. and AT&T Inc. has supported the program, called the National Strategy for Trusted Identities in Cyberspace, or NSTIC. “This is going to cause a huge shift in consumer use of the Internet,” said John Clippinger, co-director of the Law Lab at Harvard’s Berkman Center for Internet and Society in Cambridge, Massachusetts. “There’s going to be a huge bump and a huge increase in the amount and kind of data retailers are going to have.” Most companies have separate systems for signing on to e- mail accounts or conducting secure online transactions, requiring that users memorize multiple passwords and repeat steps. Under the new program, consumers would sign in just once and be able to move among other websites, eliminating the inconvenience that causes consumers to drop many transactions.

Fewer Passwords
For example, once the system is in place, Google would be able to join a trusted framework that has adopted the rules and guidelines established by the Commerce Department. From that point, someone who logged into a Google e-mail account would be able to conduct other business including banking or shopping with other members of the group without having to provide additional information or verification. Bruce McConnell, a senior counselor for national protection at the Department of Homeland Security, said NSTIC may lead to a big reduction in the size of Internet help desks, which spend much of their time assisting users who have forgotten their passwords. Because the systems would be more secure, he said, it may also result in many transactions that are now done on paper, from pharmaceutical to real estate purchases, to be done online faster and cheaper. A draft paper outlining NSTIC was released for comment by the White House in June.

‘Who Do You Trust?’
“NSTIC could go a long way toward advancing one of the fundamental challenges of the Internet today, which is -- Who do you trust?” said Don Thibeau, chairman of the Open Identity Exchange, an industry group based in San Ramon, California, representing companies that support development of the new framework. “What is holding back the growth of e-commerce is not technology, it’s policy. This gives us the rules, the policies that we need to really move forward.” The new system will probably hasten the death of traditional passwords, Clippinger said. Instead, users may rely on devices such as smartcards with embedded chips, tokens that generate random codes or biometric devices. “Passwords will disappear,” said Clippinger. “They’re buggy whips. The old privacy and security conventions don’t work. You need a new architecture.”

Secure, Efficient
Development of a more advanced security system began in August 2004, when President George W. Bush issued a Homeland Security Presidential Directive that required all federal employees be given smartcards with multiple uses, such as gaining access to buildings, signing on to government websites and insuring that only people with proper clearances would have access to restricted documents. The system was intended to be more secure and more efficient. The Obama administration advanced the process when it issued its “Cyberspace Policy Review” in 2009. One of the 10 priorities was the security identification system. The federal government is facilitating what it calls a “foundational” system in two ways. It is developing the framework for the identification plan, and it will make a large number of government agencies, services and products available through the secure system, from tax returns to reserving campsites at national parks. “Innovation is one of the key aspects here,” said Ari Schwartz, a senior adviser for Internet policy at the Department of Commerce. “There’s so much that could be done if we could trust transactions more.” Schwartz said use of the system, once companies voluntarily choose to participate, may spur a range of efficiencies and e- commerce similar to the way ATM machines transformed banking, opening the way to a growing number of services little by little.

Privacy Concerns
Civil libertarians have expressed concern that the system may not protect privacy as well as the government is promising. “If the concept were implemented in a perfect way it would be very good,” said Jay Stanley, a senior policy analyst for privacy and technology at the New York-based American Civil Liberties Union. “It’s a convenience. But having a single point of failure may not be good for protecting privacy. The devil’s really in the details.” He said the ACLU would “vehemently oppose” anything that resembled a national ID card. Aaron Brauer-Rieke, a fellow at the Center for Democracy & Technology in Washington, a civil liberties group, said it was important that the system would be operated by private companies, not the government. He said he was concerned about how the data on consumer online transactions would be used. “New identity systems will allow moving from one site to another with less friction and open up data flows, but might also enable new kinds of targeted advertising,” he said. “We have to make sure privacy doesn’t get lost in this.” Schwartz and McConnell said the new system wouldn’t be a national identity card and that companies, not the government, would manage the data being passed online. “There will not be a single data base for this information,” McConnell said.
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
From 6/2010...

White House Preparing National Online ID Plan
The proposed system for authenticating people, organizations and infrastructure on the web at the transactional level...
will require an identity ecosystem.

http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=225701456&cid=RSSfeed_IWK_News
By Mathew J. Schwartz InformationWeek
June 25, 2010 08:00 AM

The Obama administration is set to propose a new system for authenticating people, organizations and infrastructure on the Web. The online authentication and identity management system would be targeted at the transactional level -- for example, when someone logs into their banking website or completes an online e-commerce purchase. Making such a system effective, however, will require creating an "identity ecosystem," backed by extensive public/private cooperation, said White House cybersecurity coordinator Howard Schmidt, delivering the opening keynote speech at the Symantec Government Symposium 2010 in Washington on Tuesday. "This strategy cannot exist in isolation," he said. "It's going to take all of us working together." Furthermore, "we should not have to dramatically change the way we do business -- this should be a natural path forward," he said. That path forward will hinge on a new draft of the National Strategy for Trusted Identities in Cyberspace, due to be released Friday for the first time to the public, for a three-week comment period. Formerly known as the National Strategy for Secure Online Transactions, the report offers specific strategy and implementation recommendations, and may also recommend more sweeping policy and privacy changes. The report builds on the Obama-commissioned Cyberspace Policy Review, which analyzed the government's information and communications infrastructure defensive capabilities. One of the report's recommendations was to "build a cybersecurity-based identity management vision and strategy that addresses privacy and civil liberties interests, leveraging privacy-enhancing technologies for the nation."  Simply issuing a Web-friendly biometric identification card to everyone in the country, of course, wouldn't necessarily make anyone or anything more secure, including online transactions. As the report also notes, to be effective, security tools and technology must be complemented by education. "There is always a necessity to do awareness and education of the end user," said Schmidt. "But you're not trying to teach the end user how to be a security expert."
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
Obama administration unveils online ID system
(but insists it's not a Big Brother plan to snoop on Internet users)

http://www.dailymail.co.uk/news/article-1377479/Obama-administration-unveils-national-online-ID-system.html
By David Gardner
Last updated at 2:45 AM on 16th April 2011

A  plan to create a national online identity system was launched today to help combat cyber crime. Commerce Secretary Gary Locke claimed the move will protect Internet consumers from fraud and identity theft. Unveiling the scheme, he insisted the cyber ID was not a Big Brother plan by the government to snoop on web users.

National Strategy for Trusted Identities in Cyberspace is voluntary, but IT experts believe it is inevitable that users will have one ID for transactions in the future Mr Locke said it would mean people would no longer have to remember a variety of different passwords to do business and social networking online. He claims that the current system of half-remembered passwords jotted down on post it notes and based on pets and mother's maiden names is not enough. 'Passwords just won't cut it here,' he said. 'We must do more to help consumers protect themselves, and we must make it more convenient than remembering dozens of passwords.' The Commerce Department said 8.1 million people fell prey to online identity thieves last year at a cost of $27 billion.

By using a single identification- which could come in the form of a unique piece of software on a cell phone, a keychain fob, or some other type of gadget- the administration believes it will be easier and safer to navigate the web.  'Passwords just won't cut it here. We must do more to help consumers protect themselves, and we must make it more convenient than remembering dozens of passwords.' Instead of having to remember all those disparate passwords, one for each site that conducts a secure transaction, a consumer would use that single credential to log in, with far more security than a password alone would provide, the agency said.  The National Strategy for Trusted Identities in Cyberspace will be voluntary, but some computer experts believe it is inevitable that most computer users will had a single ID for transactions in the future.

Officials say the ID will also help protect consumers from spammers and companies that collect data on their websurfing activity, letting them surf anonymously online.  It would not create a centralized database of information, the agency said, because consumers will be able to choose from a variety of programmes within the cyber-identity system. Although the system is not yet up and running, the Commerce Secretary said a number of leading computer companies, including Microsoft, IBM, the Secure ID Coalition, and Wave Systems Corp, are developing ways to make the system most efficient and effective.  Scott Charney, corporate vice president of Microsoft, told Fox News: 'This ecosystem will provide citizens with a variety of choices for authenticating their identity online while helping to protect their security and privacy.' Jim Dempsey, a vice president for the Center of Democracy and Technology, added: 'I think there's a model here perhaps for the broader question of cybersecurity ... the Administration, to my view, has conducted a very open process here.'
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
The entire reason for this?

Online identity theft.

Who engages in online identity theft?



EXPOSED: All Identity Theft Operations are directed by the US Secret Service!!!
http://forum.prisonplanet.com/index.php?topic=205593.0
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
US prods companies to develop secure, easy-use ID
http://www.reuters.com/article/2011/04/15/internet-security-idUSN1522207720110415 
Fri Apr 15, 2011 3:02pm EDT

(Reuters) - The Obama administration urged the private sector on Friday to develop methods that consumers can use instead of passwords to identify themselves online and, in some cases, in brick and mortar stores. "The Internet has transformed how we communicate and do business," said President Barack Obama in a statement accompanying release of a national strategy to safeguard identity on the Internet. "But it has also led to new challenges, like online fraud and identity theft, that harm consumers and cost billions of dollars each year," the president said. As part of the strategy, the Commerce Department is asking the private sector to create a system or systems that can identify Internet users in a way that safeguards their privacy, is secure, is interoperable and is cost-effective. Participation would be voluntary. "Consumers who want to participate will be able to obtain a single credential -- such as a unique piece of software on a smart phone, a smart card, or a token that generates a one-time digital password," the Commerce Department said in a statement. Millions of people are victims each year of identity theft, which costs victims an average of $631 and 130 hours to recover from, the Commerce Department said. Earlier this month, a long list of hotels, financial institutions, retailers and others revealed that customer names and email addresses had been stolen by hackers, giving the criminals useful information to be used in identity theft. [ID:nN04291504] The strategy is a way to eliminate passwords -- which are unwieldy for users and ineffective in many cases -- to have them go the way of the dodo. But the Commerce Department is also keenly aware that any attempt by the federal government to create a national identity card would be extremely controversial. Companies at a Chamber of Commerce event to kick off the effort included Google (GOOG.O), Symantec (SYMC.O), eBay (EBAY.O) subsidiary PayPal, Microsoft (MSFT.O) and Northrop Grumman Corp (NOC.N). (Reporting by Diane Bartz; Editing by Steve Orlofsky)
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

wvoutlaw2002

  • Guest
I'm sure the major OS companies already have "security" updates lined up to force their users to comply with Obama's cyber-enslavement agenda. After all, the CEOs of the major OS companies have ties to the Military-Industrial Complex...including Canonical/Ubuntu CEO Jane Silber.

http://distrowatch.com/weekly.php?issue=20091221#news

Mark Shuttleworth, the founder of Ubuntu and Canonical, has announced his resignation from the position of CEO (http://www.markshuttleworth.com/archives/295) of Canonical, effective March 2010: "From March next year, I'll focus my Canonical energy on product design, partnerships and customers. Those are the areas that I enjoy most and also the areas where I can best shape the impact we have on open source and the technology market. I'm able to do this because Jane Silber, who has been COO at Canonical virtually from the beginning, will take on the job of CEO." The new CEO, Jane Silber (pictured on the right), has been with the company for over five years. A brief interview on Canonical blogs (http://blog.canonical.com/?p=307) tells us more about her background: "I am currently Chief Operating Officer and Director of Online Services. I joined Canonical in 2004, and since then have been closely involved in the establishment and management of most Canonical functions. I have a technical background and started my career as a software developer, and have since held engineering and senior management positions at companies as diverse as a health and wellness promotion start-up, a large technology and manufacturing company in Japan, and the US defence contractor General Dynamics. I am American, and came to the UK in 2002 to complete an MBA at Oxford."

Jane Silber runs Canonical while Mark Shuttleworth gallivants http://blip.tv/file/1105916

http://www.canonical.com/aboutus/team

Jane Silber - Chief Operating Officer

Jane joined Canonical Ltd in 2004, prior to the first release of Ubuntu. Based in London, she currently oversees all business development and operational activities, including customer support and services, marketing and partnerships, as well as the corporate financial and administrative functions.

Prior to joining Canonical, Jane was Vice President of Command and Control Systems at General Dynamics C4 Systems, and her early career included artificial intelligence research and product development for Teijin Ltd in Yokohama, Japan. She holds degrees from the University of Oxford, Vanderbilt University and Haverford College.

-----------------------------------------------

General Dynamics Given $10 Million To Set Up “Psy-Op” Websites To Support War On Terror

Steve Ballmer, Steve Jobs, and Jane Silber are all waiting for Obama's cyber-9/11 so they can force their users to submit to cyber-enslavement.

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
ORACLE IDENTITY MANAGER 11g
A Framework for A National On-Line Identification System


http://www.oracle.com/technetwork/middleware/id-mgmt/overview/identity-manager-ds-11gr1-154350.pdf

KEY FEATURES
• Self-service identity management drives user productivity, increases user satisfaction and optimizes IT efficiency
• Universal delegated administration enhances security and reduces costs
• Requests with approval workflows and policy-driven provisioning improves IT efficiency, enhances security and enables compliance
• Password management reduces IThelp desk costs, and improves service levels
• Integration solutions featuring Adapter Factory and pre-configured connectors enables quick and low cost system integration

KEY BENEFITS
• Increased security: Enforce internal security policies and eliminate potential security threats from rogue, expired and unauthorized accounts and privileges.
• Enhanced regulatory compliance: Cost-effectively enforce and attest to regulatory requirements (e.g. Sarbanes-Oxley, 21 CFR Part 11, Gramm-Leach-Bliley, HIPAA) associated with identifying who has access privileges to sensitive data
• Streamlined operations: Reduce inefficiency and improve service levels by automating repeatable user administration tasks
• Improved business responsiveness: Get users productive faster through immediate access to key applications and systems
• Reduced costs: Reduce IT costs through efficient staff usage and common security infrastructure

Oracle Identity Manager is a highly flexible and scalable enterprise identity administration system that provides operational and business efficiency by providing centralized administration & complete automation of identity and user provisioning events across enterprise as well as extranet applications. It manages the entire identity and role lifecycle to meet changing business and regulatory requirements and provides essential reporting and compliance functionalities. By applying the business rules, roles, and audit policies, it ensures consistent enforcement of identity based controls and reduces ongoing operational and compliance costs.


Introduction


Oracle Identity Manager is a highly flexible and scalable enterprise identity management system that is designed to administer user access privileges across a company's resources throughout the entire identity management life cycle, from initial on-boarding to final de- provisioning of an identity. Oracle Identity Manager is built on a state-of-the-art Java EE architecture. Java EE is a standard, robust, scalable, and secure platform that forms the basis for many of today’s enterprise applications. Additionally, Oracle Identity Manager’s flexible architecture can handle the most complex IT and business requirements without requiring changes to existing infrastructure, policies or procedures. Its architecture elegantly abstracts core identity administration and provisioning functions into discrete layers. This hallmark flexibility also enables Oracle Identity Manager to excel at handling the constant flow of business changes that impact real-world identity management deployments.


User Self Service
Registration & Profile Management


Using Oracle Identity Manager’s self-service interface, end users can create self registration requests. They can additionally view, manage and update their own profile data. This reduces administrative overhead and provides users with control over their identity profiles. The user forms for registration and profile management are extensible. Oracle Identity Manager leverages Oracle Metadata Services (MDS) that allows the structural and behavioral aspects of the configuration to be declaratively described using XML based metadata. This separation of configuration metadata from core UI results into significant reduction in customizations and also provides a simplified development, configuration and deployment experience for self service features.


Password Management


Using Oracle Identity Manager’s self-service interface, end users can manage their enterprise

ARCHITECTURE OVERVIEW
• Ease of Deployment: Deployment Manager assists in the migration of integration and configuration between environments.
• Flexible and Resilient: Oracle Identity Manager can be deployed in single or multiple server instances. Multiple server instances provide optimal configuration options, fault tolerance, redundancy, fail-over and system load balancing.
• Maximum Reuse of Incumbent Infrastructure: Oracle Identity Manager is built on an open architecture to integrate with and leverage existing software and middleware already implemented within an organization’s IT infrastructure.
• Modular Architecture: Oracle Identity Manager is made up of abstraction layers, which allows the execution logic to be changed and refined without affecting logic or definitions that still apply.
• Standards-based: Oracle Identity Manager incorporates leading industry standards, such as J2EE and Organization for the Advancement of Structured Information Standards (OASIS) password that is used in Single Sign-On and gets synchronized or mapped to passwords across managed resources.

Oracle Identity Manager enforces compliance of this password with enterprise password policies as well. For the recovery of forgotten passwords, Oracle Identity Manager employs the security challenge questions. This self-service capability easily pays for itself many times over through reduced help desk calls. Oracle Identity Manager also provides random password generation capabilities that may be invoked during registration or administrator-based password reset. Additionally, Oracle Identity Manager’s password management features are out-of-box, pre-integrated with all login and password related flows in Oracle Access Manager and Oracle Adaptive Access Manager. Integration with Oracle Adaptive Access Manager includes password recovery mechanism using KBA or OTP based challenge questions and responses. The integration thus serves as a pre-integrated platform for advanced user and administrator authentication scenarios that provide stronger security control.


User Interface


Oracle Identity Manager provides a multi-tab, desktop-like, dynamic Web 2.0 user experience based on Oracle’s ADF technology. In addition to great usability, it also provides high performance architecture, such as real-time scrolling and transparent paging. This UI framework allows high level of meta-data driven customization such as branding changes, label changes or changes in default sorting schemes etc. It also includes built-in globalization support. It provides very advanced browse, keyword based search and advanced search capabilities. It also tailors the user experiences for different user groups for example a task-oriented desktop-application-like UI model for administrators and guided wizards for business end-users.

Request Management-Request Service

Oracle Identity Manager allows users to create requests for business & IT roles, new application accounts, modifications to existing application accounts and application entitlements or privileges. It provides a very flexible, simplified, business-centric, and context sensitive request creation wizard that allows users to create these requests in context of their current views. As an example, the users may create requests for additional roles while viewing their existing role assignments, create request for additional accounts or modification to existing accounts while viewing the provisioned resource lists, or create a complex request including multiple roles & resources for self or others from their home page. By placing the request and approval process closer to the business, enterprises realize better service levels and reduced costs.


Approval Orchestration


Oracle Identity Manager relies on the Oracle BPEL Process Manager, an integral component of Oracle SOA Suite for its approval workflow and routing engine. Developers can use Oracle JDeveloper as their Integrated Development Environment that offers a rich visual design paradigm for creating and deploying BPEL based processes. Additionally developers can also leverage Oracle BPEL Process Manager’s advanced approval features like email based approvals, serial or parallel approval orchestrations or voting based approval etc. This not only results into significantly faster deployment time, but also provides the architecture agility to adjust workflows quickly when business processes and enterprise policies change for the approval needs.

Request Templates

Request Management allows administrators to create job or role specific request templates. The template is a simplified overlay on top of a request model that allows the person defining that template to control how a request gets created, and add additional layers of approval, authorization and data restrictions over those already defined in the model. Once configured by the administrators, the request templates provide the much-desired request catalog services to the end users. This results into significantly enhanced usability experience for the end users while creating access requests by providing them with a narrowing down the list of roles, resources and entitlements specific to their job functions.

Identity & Role Administration
Universal Delegated Administration


Delegated administration plays an increasingly important role as the already extended enterprise becomes increasingly virtualized and the service provider delivery model becomes increasingly prevalent. Oracle Identity Manager’s Universal Delegated Administration provides highly flexible authorization model without compromising corporate security policies by moving administration points as close to the user as possible. This ensures that the enterprise can achieve tighter control and better security, all the while increasing productivity of their users. Oracle Identity Manager embeds a fine-grained authorization service based on Oracle Entitlement Server (OES). Using this authorization service, Oracle Identity Manager provides advanced, attribute level delegated administration policies using dynamic & declarative constructs. For example, administrators can configure a policy stating that the helpdesk can only change the password of the users in certain organizations, or an organization administrator can unlock a locked out user only in her organization.


Role & Policy Administration


Oracle Identity Manager enables policy-based automated provisioning of resources with fine-grained entitlements. For any set of users, administrators may specify access levels for each resource to be provisioned, granting each user only the exact level of access required to perform his job, no more and no less. These policies can be driven by user roles or attributes, enabling implementation of role based access control (RBAC), as well as attribute based access control. Effective blending of role and attribute based policies is key to a scalable and manageable enterprise provisioning solution. Oracle Identity Manager also ensures that any entitlements granted to a user based on policy get revoked when that policy no longer applies to that user (due to role or context changing).  Oracle Identity Manager provides advanced role administration features that allow administrators to browse and search roles, define role hierarchies, manage role membership rules and existing memberships etc. Additionally role administration capabilities include a role category service that provides a navigation catalog for roles while browsing, searching, administering or requesting roles enhancing the user experience for the end users, line managers as well as delegated administrators.  Oracle Identity Manager also provides out of box integration with Oracle Identity Analytics to provide end to end role lifecycle management, integrated role engineering and closed loop remediation services.


Guaranteed De-provisioning


When a user leaves the organization or her access is no longer required or valid due to a job change, Oracle Identity Manager revokes access on demand or automatically, as dictated by role or attribute based policies. This ensures that a user’s access is promptly terminated across all no-longer-required resources to minimize security risks, as well as to prevent paying for access to costly resources, such as data services.


Audit & Compliance-Reconciliation Services


Oracle Identity Manager’s Reconciliation Engine component ensures consistency between Oracle Identity Manager’s provisioning environment and Oracle Identity Manager's managed resources within the enterprise. The Reconciliation Engine discovers directly managed or unauthorized accounts or entitlements provisioned outside of Oracle Identity Manager. It also provides bulk load utilities to support day-one bootstrap scenarios for on-boarding a new identity store or a new target system under Oracle Identity Manager management. This engine is specifically architected to provide high performance & internet-grade scalability in multi- million user populations. For extranet and enterprise deployments with such high volume scenarios, more than 10x performance gains have been observed when compared with previous releases. Oracle Identity Manager also provides web based reconciliation event management UI capabilities that allow application as well as IT administrators to view the current state of all reconciliation jobs, tasks and events. They may also perform additional operations like retrying events etc. Administrators can also perform manual linking for orphan accounts in this easy to use, intuitive event manager UI. An orphan account is an operational account without a valid user. Oracle Identity Manager can also manage the lifecycle of special service accounts, also known as administrator accounts, which have special life cycle requirements that extend beyond the lifecycle of an assigned user and across the lifecycles of multiple assigned users. Proper management of service accounts can help to eliminate another source of potential orphan accounts.


Policy Enforcement & Compliant Provisioning


Oracle Identity Manager ensures that all provisioning triggered from it is compliant to various enterprise-IT Audit policies defined in Oracle Identity Analytics. It also integrates with ERP Segregation of Duty (SoD) policy engines like such as Oracle Application Access Controls Governor and SAP BusinessObjects GRC Access Control for ERP level SoD enforcement. This ensures that policy violations are caught while provisioning rather than “after the fact” in the detective controls.

Reporting

Oracle Identity Manager reports on both the history and the current state of the provisioning environment. The system captures all necessary data to answer the question “Who has access to What, When, How, and Why?” and make this data available in reports through 30+ out-of-the-box reports. Some of the identity data captured includes user identity profile history, user group membership history, user resource access and fine-grained entitlement history. When combined with the transaction data generated and captured by Oracle Identity Manager’s workflow, policy, and reconciliation engines, an enterprise has all the required data to address any identity and access related audit inquiry. Oracle Identity Manager's reporting and auditing capabilities enable an enterprise to cost effectively cope with ever increasingly stringent regulatory requirements, such as Sarbanes-Oxley, 21 CFR Part 11, Gramm-Leach-Bliley, HIPAA, and HSPD-12.

Integration Solutions

Connector Framework

Oracle Identity Manager’s Connector Framework eliminates the complexity associated with creating and maintaining connections to the proprietary interfaces in business applications.

Connector Framework provides rapid integration to commercial or custom systems. The connector framework separates connector code (integration libraries specific and optimized for the target system) from connector meta-data (data models, forms, connectivity information and process). This separation makes extending, maintaining and upgrading connectors a manageable and straightforward process. This also enables custom logic to be more easily pluggable in through custom extensions that do not prevent customers from upgrading to the improved versions of the connector code. Oracle Identity Manager provides the following integration technologies for the connector development:

1. Adapter Factory: Oracle Identity Manager’s Adapter Factoryо technology eliminates the complexity associated with creating and maintaining the connections to target systems. Users can create new or modify existing integrations using Adapter Factory’s graphical user interface, without programming or scripting. Once connectors have been created, their definitions are maintained within the Oracle Identity Manager repository, creating self- documenting views. These views make extending, maintaining and upgrading connectors a manageable and straightforward process.

2. Generic Technology Connector: The Generic Technology Connector framework provides a complimentary solution for identity repository based data flows. It is a framework with basic building blocks that allows system administrators to design custom connectors quickly and easily. Generic Technology Connector may communicate with any target resource by using standard protocols such as HTTP, SMTP, FTP, and Web Services combined with generic message formats such as CSV, SPML, and LDIF.

Pre-Configured, Out-of-the-Box Connectors

For the most popular commercial applications and interface technologies, Oracle Identity Manager offers an extensive and rapidly expanding library of pre-configured connectors. With these connectors, an enterprise can get a head start on application integration. Each connector supports a wide range of identity management functions and uses the most appropriate integration technology recommended for the target resource, whether it’s proprietary or based on open standards. These connectors enable out-of-the-box integration, but can be enhanced to work with each enterprise’s unique integration requirements.

Applications Integration

Service Oriented Security

Oracle Identity Manager enables Oracle Fusion Middleware & Applications as well as custom applications that customers may have to externalize their identity administration services through its XSD profile SPML web service. This service defines the interfaces for applications to interact with Oracle Identity Manager. Additionally, Oracle Identity Manager supports a LDAP identity repository for managing users, roles and role assignments.

SPML web service can thus be used by applications to achieve LDAP integration. Oracle Identity Manager also provides identity services for example, generating a username or a random password for the user, reserving username in LDAP while user registration is goingthrough approval etc. Applications leveraging such a service oriented security strategy are able to benefit from the innovation in Oracle Identity Manager on day 1. Additionally, applications customers looking for enterprise provisioning solutions face a much shorter & smoother learning curve given that they are already well versed with provisioning technology powering their applications such as those from Oracle Fusion Middleware & Applications.

Simplified Identity Administration for Oracle Applications Unlimited Products Oracle Identity Manager provides simplified identity administration for all Oracle Applications Unlimited products including Oracle E-Business Suite, PeopleSoft, Siebel and JD Edwards products. These applications typically are deployed in an identity ecosystem involving SSO solutions, LDAP directories, GRC SoD application, and one or more internal user repositories. For example, Oracle E-Business Suite is usually deployed with Oracle SSO, Oracle Internet Directory, Oracle Application Access Controls Governor, and FND, TCA, HRMS store. Oracle Identity Manager abstracts the identity administration challenges of managing user accounts and entitlements in such a deployment by providing provisioning orchestration across the entire ecosystem. Customer’s total cost of ownership associated with securing their Applications Unlimited products is greatly reduced
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
"Identity Ecosystem" is public consumption psyops for cybernetics
« on: January 09, 2011, 02:46:35 PM »
Anti_Illuminati
http://forum.prisonplanet.com/index.php?topic=197647.0
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
Obama's 'Identity Ecosystem' will tie our names to EVERY device we use, replace all passwords
http://www.abovetopsecret.com/forum/thread588222/pg1
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
From the guys that are conspirators after the fact to the mass murder on 9/11/2001:

The Identity Ecosystem: Use Examples
http://www.nist.gov/nstic/identity-ecosystem.html

The National Strategy for Trusted Identities in Cyberspace describes a vision of the future—an Identity Ecosystem—where individuals, businesses, and other organizations enjoy greater trust and security as they conduct sensitive transactions online. The Identity Ecosystem is a user-centric online environment, a set of technologies, policies, and agreed upon standards that securely supports transactions ranging from anonymous to fully authenticated and from low to high value.

Key attributes of the Identity Ecosystem include privacy, convenience, efficiency, ease-of-use, security, confidence, innovation, and choice.

Below are brief examples of how the Identity Ecosystem would work. More detailed versions of these and other examples are included in the Strategy.

Faster Online Errands—Mary is tired of memorizing dozens of passwords to conduct her personal online errands. She opts instead to get a smart card issued by her Internet service provider. She inserts the card into her computer and in a matter of minutes, with just clicks of her mouse, she is able to securely conduct business with her bank, mortgage company, and doctor, while also sending an email to her friend and checking her office calendar hosted by her employer.

Age Appropriate Access—Antonio, age 13, loves to visit online chat rooms to talk to other students his age. His parents give him permission to get an identity credential, stored on a keychain fob, from his school. The credential verifies his age so that he can visit chat rooms for adolescents, but it does not reveal his birth date, name, or other information. Nor does it inform the school about his online activities.

Smart Phone Transactions—Parvati does most of her online transactions using her smart phone. She downloads a "digital certificate" from an ID provider that resides as an application on her phone. Used with a single, short PIN or password, the phone's application is used to prove her identity. She can do all her sensitive transactions, even pay her taxes, through her smart phone without remembering complex passwords whenever and wherever it is convenient for her.

Efficient and Secure Business Operations—Juan owns a small business and is setting up a new online storefront. Without making large investments, he wants customers to know that his small firm can provide the same safety and privacy for their transactions as sites for larger companies. He agrees to follow the Identity Ecosystem privacy and security requirements, earning a "trustmark" logo for his Web site. To reduce his risk of fraud, he needs to know that his customers' credit cards or other payment mechanisms are valid and where to ship his merchandise. There are a number of different ID providers that can issue credentials that validate this information. Millions of individuals can now use his Web site without having to share extra personal information or even set up accounts with Juan's company. This saves his customers time, increases their confidence, and saves Juan money.

Enhanced Public Safety—Joel is a doctor. A devastating hurricane occurs close to his home. Using his interoperable ID credential embedded in his cell phone and issued by his employer, he logs in to a Web portal maintained by a federal agency. The site tells him that his medical specialty is urgently needed at a triage center nearby. When he arrives, officials at the center use his credential to verify that he is a licensed doctor, and Joel is able to provide medical attention for victims.
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
White House debuts ‘Identity Ecosystem’
http://www.cmio.net/index.php?option=com_articles&view=article&id=27285&division=cmio
April 15, 2011

The Obama Administration has unveiled a national strategy to safeguard internet users against fraud and identity theft and enhance individuals’ privacy by creating trusted entities that develop unique credentials for each user.

The National Strategy for Trusted Identities in Cyberspace (NSTIC) aims to make online transactions more trustworthy by creating create an “Identity Ecosystem” in which interoperable, secure and reliable credentials will available to users. Consumers who want to participate will be able to obtain a single credential, such as unique software on a smartphone, a smart card or a token that generates a one-time digital password. Instead of having to remember myriad passwords, credentialed users can log into any website with more security than passwords alone provide, according to an April 15 White House statement.

As envisioned in the 45-page National Strategy document, the federal government will facilitate a private-sector-led effort to develop Identity Ecosystem technologies, standards and policies, and to enable a self-sustaining market of credential providers. There will be no single, centralized database of information, and users will be able to choose among different providers of credentials and easily change credential types and providers.

The NSTIC seeks to drive the development of privacy-enhancing policies as well as innovative privacy-enhancing technologies to ensure that the ecosystem provides strong privacy protections for consumers, according to the statement.

When implemented, the platform will enable users to:

Choose one or more identity providers, whether public or private.
Choose credential types that meet their needs, including smart cards, cellphones, keychain fobs, one-time password generators and future credentialing technology that hasn't been invented, according to the statement.

Consumers can use their credential to prove their identity when they’re carrying out sensitive transactions, such as viewing personal healthcare information. Once the Identity Ecosystem is in place, consumers would be able to connect to businesses and other online entities using a credential they already have, avoiding the hassle of creating usernames and passwords, according to the strategy.

The NSTIC’s Identity Ecosystem will be grounded in the eight Fair Information Practice Principles (FIPPs) to provide multi-faceted privacy protections, according to the strategy.

A FIPPS-based approach also will promote adoption of privacy-enhancing technical standards by minimizing the ability to link credential use among service providers, preventing them from developing a complete picture of an individual’s activities online.

The Secretary of Commerce will establish within the Department of Commerce an interagency office, the National Program Office (NPO), charged with achieving the goals of the strategy. The NPO will be responsible for coordinating the processes and activities of organizations that will implement the strategy. Commerce will host the interagency function because it is uniquely suited to work with the private sector and with government to implement the strategy, according to the national strategy. The NPO will lead the day-to-day coordination of NSTIC activities, working closely with the Cybersecurity Coordinator in the White House.

“The standardization of policy and technology and the initial implementation of the Identity Ecosystem will not occur overnight,” according to the strategy document. The Identity Ecosystem could begin operations within three to five years, according to the national strategy.
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately

Offline Dig

  • All eyes are opened, or opening, to the rights of man.
  • Member
  • *****
  • Posts: 63,099
    • Git Ureself Edumacated
They are even going against their own principles:


Fair Information Practice Principles

http://www.dhs.gov/xlibrary/assets/privacy/privacy_policyguide_2008-01.pdf
 
A. Fair Information Practice Principles Generally

Over the past quarter century, government agencies in the United States, Canada, and Europe have studied the manner in which entities collect and use personal information -- their "information practices" -- and the safeguards required to assure those practices are fair and provide adequate privacy protection.(27) The result has been a series of reports, guidelines, and model codes that represent widely-accepted principles concerning fair information practices.(28) Common to all of these documents [hereinafter referred to as "fair information practice codes"] are five core principles of privacy protection: (1) Notice/Awareness; (2) Choice/Consent; (3) Access/Participation; (4) Integrity/Security; and (5) Enforcement/Redress.

1. Notice/Awareness

The most fundamental principle is notice. Consumers should be given notice of an entity's information practices before any personal information is collected from them. Without notice, a consumer cannot make an informed decision as to whether and to what extent to disclose personal information.(29) Moreover, three of the other principles discussed below -- choice/consent, access/participation, and enforcement/redress -- are only meaningful when a consumer has notice of an entity's policies, and his or her rights with respect thereto.(30)

While the scope and content of notice will depend on the entity's substantive information practices, notice of some or all of the following have been recognized as essential to ensuring that consumers are properly informed before divulging personal information:

-identification of the entity collecting the data;(31)
-identification of the uses to which the data will be put;(32)
-identification of any potential recipients of the data;(33)
-the nature of the data collected and the means by which it is collected if not obvious (passively, by means of electronic monitoring, or actively, by asking the consumer to provide the information);(34)
-whether the provision of the requested data is voluntary or required, and the consequences of a refusal to provide the requested information;(35) and
-the steps taken by the data collector to ensure the confidentiality, integrity and quality of the data.(36)

Some information practice codes state that the notice should also identify any available consumer rights, including: any choice respecting the use of the data;(37) whether the consumer has been given a right of access to the data;(38) the ability of the consumer to contest inaccuracies;(39) the availability of redress for violations of the practice code;(40) and how such rights can be exercised.(41)

In the Internet context, notice can be accomplished easily by the posting of an information practice disclosure describing an entity's information practices on a company's site on the Web. To be effective, such a disclosure should be clear and conspicuous, posted in a prominent location, and readily accessible from both the site's home page and any Web page where information is collected from the consumer. It should also be unavoidable and understandable so that it gives consumers meaningful and effective notice of what will happen to the personal information they are asked to divulge.

2. Choice/Consent

The second widely-accepted core principle of fair information practice is consumer choice or consent.(42) At its simplest, choice means giving consumers options as to how any personal information collected from them may be used. Specifically, choice relates to secondary uses of information -- i.e., uses beyond those necessary to complete the contemplated transaction. Such secondary uses can be internal, such as placing the consumer on the collecting company's mailing list in order to market additional products or promotions, or external, such as the transfer of information to third parties.

Traditionally, two types of choice/consent regimes have been considered: opt-in or opt-out. Opt-in regimes require affirmative steps by the consumer to allow the collection and/or use of information; opt-out regimes require affirmative steps to prevent the collection and/or use of such information. The distinction lies in the default rule when no affirmative steps are taken by the consumer.(43) Choice can also involve more than a binary yes/no option. Entities can, and do, allow consumers to tailor the nature of the information they reveal and the uses to which it will be put.(44) Thus, for example, consumers can be provided separate choices as to whether they wish to be on a company's general internal mailing list or a marketing list sold to third parties. In order to be effective, any choice regime should provide a simple and easily-accessible way for consumers to exercise their choice.

In the online environment, choice easily can be exercised by simply clicking a box on the computer screen that indicates a user's decision with respect to the use and/or dissemination of the information being collected. The online environment also presents new possibilities to move beyond the opt-in/opt-out paradigm. For example, consumers could be required to specify their preferences regarding information use before entering a Web site, thus effectively eliminating any need for default rules.(45)

3. Access/Participation

Access is the third core principle. It refers to an individual's ability both to access data about him or herself -- i.e., to view the data in an entity's files -- and to contest that data's accuracy and completeness.(46) Both are essential to ensuring that data are accurate and complete. To be meaningful, access must encompass timely and inexpensive access to data, a simple means for contesting inaccurate or incomplete data, a mechanism by which the data collector can verify the information, and the means by which corrections and/or consumer objections can be added to the data file and sent to all data recipients.(47)

4. Integrity/Security

The fourth widely accepted principle is that data be accurate and secure. To assure data integrity, collectors must take reasonable steps, such as using only reputable sources of data and cross-referencing data against multiple sources, providing consumer access to data, and destroying untimely data or converting it to anonymous form.(48)

Security involves both managerial and technical measures to protect against loss and the unauthorized access, destruction, use, or disclosure of the data.(49) Managerial measures include internal organizational measures that limit access to data and ensure that those individuals with access do not utilize the data for unauthorized purposes. Technical security measures to prevent unauthorized access include encryption in the transmission and storage of data; limits on access through use of passwords; and the storage of data on secure servers or computers that are inaccessible by modem.(50)

5. Enforcement/Redress

It is generally agreed that the core principles of privacy protection can only be effective if there is a mechanism in place to enforce them.(51) Absent an enforcement and redress mechanism, a fair information practice code is merely suggestive rather than prescriptive, and does not ensure compliance with core fair information practice principles. Among the alternative enforcement approaches are industry self-regulation; legislation that would create private remedies for consumers; and/or regulatory schemes enforceable through civil and criminal sanctions.(52)

a. Self-Regulation(53)

To be effective, self-regulatory regimes should include both mechanisms to ensure compliance (enforcement) and appropriate means of recourse by injured parties (redress).(54) Mechanisms to ensure compliance include making acceptance of and compliance with a code of fair information practices a condition of membership in an industry association;(55) external audits to verify compliance; and certification of entities that have adopted and comply with the code at issue.(56) A self-regulatory regime with many of these principles has recently been adopted by the individual reference services industry.(57)

Appropriate means of individual redress include, at a minimum, institutional mechanisms to ensure that consumers have a simple and effective way to have their concerns addressed.(58) Thus, a self-regulatory system should provide a means to investigate complaints from individual consumers and ensure that consumers are aware of how to access such a system.(59)

If the self-regulatory code has been breached, consumers should have a remedy for the violation. Such a remedy can include both the righting of the wrong (e.g., correction of any misinformation, cessation of unfair practices) and compensation for any harm suffered by the consumer.(60) Monetary sanctions would serve both to compensate the victim of unfair practices and as an incentive for industry compliance. Industry codes can provide for alternative dispute resolution mechanisms to provide appropriate compensation.

b. Private Remedies

A statutory scheme could create private rights of action for consumers harmed by an entity's unfair information practices. Several of the major information practice codes, including the seminal 1973 HEW Report, call for implementing legislation.(61) The creation of private remedies would help create strong incentives for entities to adopt and implement fair information practices and ensure compensation for individuals harmed by misuse of their personal information. Important questions would need to be addressed in such legislation, e.g., the definition of unfair information practices; the availability of compensatory, liquidated and/or punitive damages;(62) and the elements of any such cause of action.

c. Government Enforcement

Finally, government enforcement of fair information practices, by means of civil or criminal penalties, is a third means of enforcement. Fair information practice codes have called for some government enforcement, leaving open the question of the scope and extent of such powers.(63) Whether enforcement is civil or criminal likely will depend on the nature of the data at issue and the violation committed.(64)

B. Application of Fair Information Practice Principles to Information Collected From Children

The fair information practice codes discussed above do not address personal information collected from children. They are, however, applicable to parents, in light of the special status that children generally have been accorded under the law. This status as a special, vulnerable group is premised on the belief that children lack the analytical abilities and judgment of adults.(65) It is evidenced by an array of federal and state laws that protect children, including those that ban sales of tobacco and alcohol to minors, prohibit child pornography, require parental consent for medical procedures, and make contracts with children voidable. In the specific arenas of marketing and privacy rights, moreover, several federal statutes and regulations recognize both the need for heightened protections for children and the special role that parents play in implementing these protections.(66)

1. Parental Notice/Awareness and Parental Choice/Consent

It is parents who should receive the notice and have the means to control the collection and use of personal information from their children. The Commission staff set forth this principle in a July 15, 1997 letter to the Center for Media Education.(67) In addition, the letter identifies certain practices that appear to violate the Federal Trade Commission Act:

(a) It is a deceptive practice to represent that a site is collecting personal identifying information from a child for a particular purpose (e.g. to earn points to redeem a premium), when the information will also be used for another purpose that parents would find material, in the absence of a clear and prominent disclosure to that effect; and

(b) It is likely to be an unfair practice to collect personal identifying information, such as a name, e-mail address, home address, or phone number, from children and to sell or otherwise disclose such identifying information to third parties, or to post it publicly online, without providing parents with adequate notice and an opportunity to control the collection and use of the information through prior parental consent.

This letter applies the Commission's Section 5 authority for the first time to the principles of notice and choice in the online collection of information from children. The principles set out in the staff opinion letter form an appropriate basis for public policy in this area.

To assure that notice and choice are effective, a Web site should provide adequate notice to a parent that the site wishes to collect personal identifying information from the child,(68) and give the parent an opportunity to control the collection and use of that information. Further, according to the staff opinion letter, in cases where the information may be released to third parties or the general public, the site should obtain the parent's actual or verifiable consent(69) to its collection.(70)

The content of the notice should include at a minimum, the elements described above,(71) but, in addition, should take into account the fact that online activities may be unique and unfamiliar to parents. Thus, a notice should be sufficiently detailed to tell parents clearly the type(s) of information the Web site collects from children and the steps parents can take to control the collection and use of their child's personal information. Where a Web site offers children interactive activities such as chat, message boards, free e-mail services, posting of home pages and key pal programs, it should explain to parents the nature of these activities and that children's participation enables others to communicate directly with them. Such notice empowers parents to monitor their children's interactions and to help protect their children from the risks of inappropriate online interactions.

2. Access/Participation and Integrity/Security

Since parents may not be fully aware of what personal information a site has collected from their child, the access/participation principle is a particularly important one with respect to information collected from children. To provide informed consent to the retention and/or use of information collected from their children, parents need to be given access to the information collected from their children, particularly if any of the information is collected prior to providing notice to the parent. The principle of integrity, which addresses the accuracy of the data, is also important for children's information. Parents have an interest in assuring that whatever information Web sites collect from children or have otherwise obtained about their children is accurate. This is particularly important in contexts that involve decisions that impact on the child or family, such as educational or health decisions. In addition, since children's information is considered to be a more sensitive type of information, sites should take the same steps identified above to assure that children's data is secure from unauthorized uses or disclosures.
All eyes are opened, or opening, to the rights of man. The general spread of the light of science has already laid open to every view the palpable truth, that the mass of mankind has not been born with saddles on their backs, nor a favored few booted and spurred, ready to ride them legitimately