By Kyle Neuman – Part 5 of 5. This post, the final in our Identity Credentials Risks blog series, focuses on Risk Category 3, which considers the risks associated with authorization or the activities someone has permission to perform.
Read More
By Kyle Neuman – Part 4 of 5. In the previous two blog posts of this series on identity credentials, we discussed identity proofing and authentication. This blog post will focus on an attack of the operational controls of an identity system. This is the third and final attack that we’ll consider for Risk Category 2, nefarious impersonation.
By Kyle Neuman – Part 3 of 5 – In a continuation of our Identity Credential Risk series, we focus on stolen authenticators. We previously outlined the difference between Identity Credentials and Unique Identifiers and risks of Identity Fraud, Impersonation, and Misissuance.
By Kyle Neuman – Part 2 of 5 – Let’s dig deeper into identity credentials and focus on one specific facet of identity credentials: identity proofing. What is it, why is it important, and what risks should we look out for when relying on identity credentials that involve identity proofing?
By Kyle Neuman – Part 1 of 5 – Identity credentials and unique identifiers are critical to enable data sharing and interoperability across healthcare and other industries. While both are important, each solves different problems, and it’s important to understand the purpose of each.
By Scott Stuewe – Part 6 of 6 – As I mentioned in my introduction, patient matching doesn’t work terribly effectively today. The problem has its root in the identity challenges we have been discussing, although it is important to separate the patient matching challenge from trust-in-identity – these are related, but not congruent topics.
By Scott Stuewe – Part 5 of 6 – As data about individuals becomes more readily discoverable, we need to take care not to allow the erosion of our privacy as we look to tackle identity and establish trust on the internet. As we create tools to identify people for the right reasons, we need to remain vigilant that we don’t lose control of all our personally identifiable information in the process.
By Scott Stuewe – Part 4 of 6: What makes us what we are? Who knows who we are? If you had to prove you are who you say, for the very first time, if you don’t have an ID already, how would you do it? My mother was there when I was born and could tell you it’s me, but she is no longer with us.
By Scott Stuewe – Part 3 of 6 – Trust can’t be legislated or manufactured. Trust is earned by demonstrating ongoing reliability. Trust isn’t taken on faith, and it can be lost in a moment when foundational conditions change. Facebook is less trusted now than it was before Cambridge Analytica.