| ||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||
| Copyright © 2009. National Academy of Sciences. All rights reserved. Terms of Use and Privacy Statement |
Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter.
Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page R1
IDs—Not That Easy
Questions About Nationwide Identity Systems
Stephen T. Kent and Lynette I. Millett, Editors
Committee on Authentication Technologies and
Their Privacy Implications
Computer Science and Telecommunications Board
Division on Engineering and Physical Sciences
National Research Council
NATIONAL ACADEMY PRESS
Washington, D.C.
OCR for page R2
NATIONAL ACADEMY PRESS • 2101 Constitution Avenue, N.W. • Washington DC 20418
NOTICE: The project from which this report was generated was approved by the
Governing Board of the National Research Council, whose members are drawn
from the councils of the National Academy of Sciences, the National Academy of
Engineering, and the Institute of Medicine. The members of the committee re-
sponsible for the report were chosen for their special competences and with re-
gard for appropriate balance.
Support for this project was provided by the National Science Foundation, the
Office of Naval Research, the General Services Administration, the Federal Chief
Information Officers’ Council, and the Social Security Administration. Support
for this special report was provided by the Vadasz Family Foundation, a contribu-
tor to the Computer Science and Telecommunications Board’s program on infor-
mation technology and society. Any opinions, findings, conclusions, or recom-
mendations expressed in this material are those of the authors and do not
necessarily reflect the views of the sponsors.
International Standard Book Number 0-309-08430-X
Additional copies of this report are available from:
National Academy Press
2101 Constitution Avenue, N.W.
Box 285
Washington, DC 20055
800/624-6242
202/334-3313 (in the Washington metropolitan area)
The report is also available online at and
OCR for page R3
National Academy of Sciences
National Academy of Engineering
Institute of Medicine
National Research Council
The National Academy of Sciences is a private, nonprofit, self-perpetuating soci-
ety of distinguished scholars engaged in scientific and engineering research, dedi-
cated to the furtherance of science and technology and to their use for the general
welfare. Upon the authority of the charter granted to it by the Congress in 1863,
the Academy has a mandate that requires it to advise the federal government on
scientific and technical matters. Dr. Bruce M. Alberts is president of the National
Academy of Sciences.
The National Academy of Engineering was established in 1964, under the charter
of the National Academy of Sciences, as a parallel organization of outstanding
engineers. It is autonomous in its administration and in the selection of its mem-
bers, sharing with the National Academy of Sciences the responsibility for advis-
ing the federal government. The National Academy of Engineering also sponsors
engineering programs aimed at meeting national needs, encourages education
and research, and recognizes the superior achievements of engineers. Dr. Wm. A.
Wulf is president of the National Academy of Engineering.
The Institute of Medicine was established in 1970 by the National Academy of
Sciences to secure the services of eminent members of appropriate professions in
the examination of policy matters pertaining to the health of the public. The
Institute acts under the responsibility given to the National Academy of Sciences
by its congressional charter to be an adviser to the federal government and, upon
its own initiative, to identify issues of medical care, research, and education.
Dr. Kenneth I. Shine is president of the Institute of Medicine.
The National Research Council was organized by the National Academy of Sci-
ences in 1916 to associate the broad community of science and technology with
the Academy’s purposes of furthering knowledge and advising the federal gov-
ernment. Functioning in accordance with general policies determined by the Acad-
emy, the Council has become the principal operating agency of both the National
Academy of Sciences and the National Academy of Engineering in providing
services to the government, the public, and the scientific and engineering commu-
nities. The Council is administered jointly by both Academies and the Institute of
Medicine. Dr. Bruce M. Alberts and Dr. Wm. A. Wulf are chairman and vice
chairman, respectively, of the National Research Council.
OCR for page R4
COMMITTEE ON AUTHENTICATION TECHNOLOGIES AND
THEIR PRIVACY IMPLICATIONS
STEPHEN T. KENT, BBN Technologies, Chair
MICHAEL ANGELO, Compaq Computer Corporation
STEVEN BELLOVIN, AT&T Labs Research
BOB BLAKLEY, IBM Tivoli Software
DREW DEAN, SRI International
BARBARA FOX, Microsoft Corporation
STEPHEN H. HOLDEN, University of Maryland at Baltimore County
DEIRDRE MULLIGAN, University of California at Berkeley
JUDITH S. OLSON, University of Michigan
JOE PATO, HP Labs Cambridge
RADIA PERLMAN, Sun Microsystems
PRISCILLA M. REGAN, George Mason University
JEFFREY I. SCHILLER, Massachusetts Institute of Technology
SOUMITRA SENGUPTA, Columbia University
JAMES L. WAYMAN, San Jose State University
DANIEL J. WEITZNER, Massachusetts Institute of Technology
Staff
LYNETTE I. MILLETT, Study Director and Program Officer
JENNIFER BISHOP, Senior Project Assistant
iv
OCR for page R5
COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD
DAVID D. CLARK, Massachusetts Institute of Technology, Chair
DAVID E. BORTH, Motorola Labs
JAMES CHIDDIX, AOL Time Warner
JOHN M. CIOFFI, Stanford University
ELAINE COHEN, University of Utah
W. BRUCE CROFT, University of Massachusetts at Amherst
THOMAS E. DARCIE, AT&T Labs Research
JOSEPH V. FARRELL, University of California at Berkeley
JEFFREY M. JAFFE, Bell Laboratories, Lucent Technologies
ANNA KARLIN, University of Washington
BUTLER W. LAMPSON, Microsoft Corporation
EDWARD D. LAZOWSKA, University of Washington
DAVID E. LIDDLE, U.S. Venture Partners
TOM M. MITCHELL, Carnegie Mellon University
DONALD A. NORMAN, Nielsen Norman Group
DAVID A. PATTERSON, University of California at Berkeley
HENRY (HANK) PERRITT, JR., Chicago-Kent College of Law
BURTON J. SMITH, Cray Inc.
TERRY R. SMITH, University of California at Santa Barbara
LEE S. SPROULL, New York University
JEANNETTE M. WING, Carnegie Mellon University
MARJORY S. BLUMENTHAL, Director
HERBERT S. LIN, Senior Scientist
ALAN S. INOUYE, Senior Program Officer
JON EISENBERG, Senior Program Officer
LYNETTE I. MILLETT, Program Officer
CYNTHIA A. PATTERSON, Program Officer
STEVEN WOO, Program Officer
JANET BRISCOE, Administrative Officer
DAVID PADGHAM, Research Associate
MARGARET HUYNH, Senior Project Assistant
DAVID DRAKE, Senior Project Assistant
JANICE SABUDA, Senior Project Assistant
JENNIFER M. BISHOP, Senior Project Assistant
BRANDYE WILLIAMS, Staff Assistant
v
OCR for page R6
OCR for page R7
Preface
T
he terrorist attacks of September 11, 2001, and subsequent discus-
sions have brought fresh urgency to the challenges of providing
information security. In the wake of these and other recent events,
numerous proposals have been circulating both in policy circles and the
national media.
One proposal that has received a fair amount of attention is a national
identification card—or, more precisely, a nationwide identity system. The
Bush administration has indicated that a national identification card is
not within the scope of options it is contemplating. Congress, however,
has been considering various alternatives—for example, a measure in the
Enhanced Border Security and Visa Entry Reform Act of 2001 would
require biometric identifiers to be employed on visas and other travel and
entry documents for aliens (H.R. 3525, Section 303). Additional sugges-
tions include a proposal by the American Association of Motor Vehicle
Administrators (AAMVA) to link state motor vehicle departments and a
proposed “trusted traveler” system for airports.
The persistence of public discussion on the topic and the expectation
that other proposals will be offered argue for an informed analysis and
critique of the concept of a nationwide identity system.
In early 2001, the Computer Science and Telecommunications Board,
(CSTB) a unit of the National Research Council with a long history of
vii
OCR for page R8
OCR for page R9
OCR for page R10
OCR for page R11
OCR for page R12
viii PREFACE
examining information technology, security, and related issues,1 launched
a study to examine authentication technologies and their privacy implica-
tions. Sponsored by the National Science Foundation, the Office of Naval
Research, the General Services Administration, the Federal Chief Infor-
mation Officers’ Council, and the Social Security Administration, the
study aims to assess emerging approaches to user authentication in com-
puting and communications systems, and it specifically focuses on the
implications of these authentication technologies for privacy.
The study is being conducted by the multidisciplinary Committee on
Authentication Technologies and Their Privacy Implications, whose mem-
bers include experts in the design, implementation, deployment, and use
of information systems generally and information systems security in
particular, along with experts in privacy law and policy (see Appendix A
for committee and staff biographies). Given that identification and au-
thentication systems constitute a large portion of the committee’s agenda,
it is well positioned to comment on the technology and policy issues
surrounding a nationwide identity system and its supporting infrastruc-
tures (hereinafter referred to as a nationwide identity system). In fact,
CSTB asked the committee to do so, in the interest of providing a timely
contribution to the public debate. Additional resources from the Vadasz
Family Foundation enabled development of this report.
The committee’s broader and more comprehensive final report is ex-
pected in late 2002, but its members felt compelled to issue a brief report
at this time because of the real possibility that further debate on a nation-
wide identity system, and even action on the topic, could take place prior
to the final report’s issuance. Thus the present effort outlines the issues
the committee believes must be addressed and raises a number of ques-
tions that the committee believes should be answered as part of any con-
sideration of a nationwide identity system.
This brief report is a product of the committee’s deliberations, draw-
ing on its members’ areas of expertise. But, given time and resource
limitations, it is not an exhaustive assessment. It is intended to catalyze a
1See, for example, CSTB reports such as Growing Vulnerability of the Public Switched Net-
works (1989), Computers at Risk (1991), Evolving the High Performance Computing and Commu-
nications Initiative to Support the Nation’s Information Infrastructure (1995), Cryptography’s Role
in Securing the Information Society (1996), For the Record: Protecting Electronic Health Informa-
tion (1997), Trust in Cyberspace (1999), The Internet’s Coming of Age (2000), Embedded, Every-
where: A Research Agenda for Networked Systems of Embedded Computers (2001), and Cyber-
security Today and Tomorrow: Pay Now or Pay Later (2002). See
ix
PREFACE
broader and more sophisticated discussion. Clearly, the legal, policy, and
technological issues associated with nationwide identity systems warrant
a much more detailed and comprehensive examination. The committee
invites feedback on this brief report as it continues the process of prepar-
ing its broader and more in-depth final report on the topic of authentica-
tion technologies and their implications for privacy.
The committee thanks David D. Clark, chair of the CSTB, and Marjory
S. Blumenthal, CSTB’s director, for their commentary and feedback on
draft versions of the report. The committee also wishes to thank the
various members of the CSTB staff who helped to make it happen. Jenni-
fer Bishop took over as senior project assistant for the authentication study
midway through the project, managing logistics, organizing materials,
and coping with an unplanned brief report and review with aplomb. She
also assisted in developing the diagrams in the report and designed its
cover. Janet Briscoe, CSTB’s administrative officer, provided crucial ad-
ministrative and logistical support as well as the suggestion that ulti-
mately led to the report’s title. Andy White, director of the NRC’s Com-
mittee on National Statistics, provided feedback during the formulation
and review phases. The committee also thanks Steven J. Marcus, a free-
lance editor, for assistance at multiple stages of the report’s development.
Liz Fikre at the National Research Council also made significant editorial
contributions to the final manuscript. Lynette Millett is the study director
for this project; she synthesized this report, coordinating contributions
from committee members and drafting the response to reviewers.
Stephen T. Kent, Chair
Committee on Authentication
Technologies and Their
Privacy Implications
Acknowledgment of Reviewers
This report has been reviewed in draft form by individuals chosen for
their diverse perspectives and technical expertise, in accordance with pro-
cedures approved by the National Research Council’s Report Review
Committee. The purpose of this independent review is to provide candid
and critical comments that will assist the institution in making its pub-
lished report as sound as possible and to ensure that the report meets
institutional standards for objectivity, evidence, and responsiveness to
the study charge. The review comments and draft manuscript remain
confidential to protect the integrity of the deliberative process. We wish
to thank the following individuals for their review of this report:
Alfred Blumstein, Carnegie Mellon University,
Michael Caloyannides, Mitretek Systems, Inc.,
Julie E. Cohen, Georgetown University Law Center,
Jerome H. Saltzer, Massachusetts Institute of Technology,
Peter Swire, George Washington University, and
Lee M. Zeichner, LegalNet Works, Inc.
Although the reviewers listed above have provided many construc-
tive comments and suggestions, they were not asked to endorse the con-
clusions or recommendations, nor did they see the final draft of the report
before its release. The review of this report was overseen by Willis Ware
of RAND. Appointed by the National Research Council, he was respon-
sible for making certain that an independent examination of this report
was carried out in accordance with institutional procedures and that all
review comments were carefully considered. Responsibility for the final
content of this report rests entirely with the authoring committee and the
institution.
x
Contents
EXECUTIVE SUMMARY 1
1 INTRODUCTION AND OVERVIEW 5
2 POLICY CONSIDERATIONS 16
What Does Identity Provide?, 16
To Whom and for What?, 19
Permitted Users of the System, 24
Permitted Uses of the System, 26
Voluntary or Mandatory?, 28
What Legal Structures?, 29
Benefits and Drawbacks, 30
3 TECHNOLOGICAL CHALLENGES 34
Binding Persons to Identities, 37
Backend Systems, 41
Data Correlation and Privacy, 44
4 CONCLUDING REMARKS 46
APPENDIXES
A Committee Member and Staff Biographies 51
B What Is CSTB? 60
xi
Items in cart [0]
