Trust and Evidence

One day I went to the store to buy a disposable camera for my son to take to an activity. As I stood before the display rack, I pondered which of several choices I should buy. One bore the brand of a reputable company with a strong reputation in the world of photography. The other camera bore the house brand of the store I was at. The house-branded camera was $1 cheaper than the camera with the national brand. I bought the more expensive camera, even though they may have actually been manufactured in the same facility on the same day. Why? Because the brand was evidence that I could trust that the camera would work and the film would be good quality. The $1 extra that this evidence cost me seemed a reasonable trade-off to avoid the risk of missing the shots.

Just as in the physical world, trust in a digital identity is ultimately based on some set of evidence. For example, when you log into your computer, you present an identity in the form of a user ID and evidence that you are the person to whom that ID refers by typing in a password. The password is evidence that the computer should trust that you are who you say you are.

Sometimes the evidence for trust in a computer-based transaction is explicit and automatically collected as in our password example. At other times, the evidence is present but less visible than in physical situations. For example, when I conduct an electronic transaction at http://Amazon.com, their digital certificate presents evidence to my browser that I'm really dealing with http://Amazon.com and not an imposter just trying to steal my credit card number. While this happens automatically, few people pay much attention to the trust marks that the browser presents (such as the little padlock indicating a secure transaction) and fewer still ever ask to see the details that their browser hides from view. The recent increase in phishing scams, where criminals pose as a legitimate online business in order to steal identity information, is evidence of this.

Passwords, digital certificates, biometrics, and the like are all examples of evidence that can be presented to show authenticity for a particular set of digital identity credentials. Chapter 7 discusses the collection, use, and relative merits of the various types of credential evidence used with digital identities. Other systems for recording and measuring trust will be discussed at other locations.

One of the chief impediments to flexible digital identity infrastructures is that current methods of managing policy and trust are inflexible, slow, and costly. New requirements, such as federation of identities across corporate boundaries, exacerbate the problem. There is considerable work taking place on languages for expressing policy. We'll see an example of such a policy in Chapter 11. The ultimate goal of such policy languages is to create machine-readable policies that are consistent, adaptable, and function in heterogeneous environments. Current state of the art in policy management is still quite a ways from this ideal condition, so we will see in Chapter 18 how to use enterprise governance to create a process that makes up for some of the deficiencies of the technology in the area of policy management.