• United States

Your identity in a double-lock safe

May 17, 20043 mins
Access ControlEnterprise Applications

* Proposal to store identity data in a double-lock secured digital vault

It’s time to get back to our discussion of where identity information should be stored, particularly information you may want or need to share. You want the data to be available when necessary without having to type it into some form each time. Single sign-on and federated identity are two of the “buzz phrases” that describe this sort of situation.

A couple of weeks ago I outlined people’s objection to storing data at some central repository under the control of a vendor (such as Microsoft’s Passport or Yahoo’s Wallet). I also mentioned the logistical nightmare that storing it all on your desktop computer would cause if you needed to access the data from some other platform.

So I recommended a service similar to a bank safe deposit box – stored with a third party, but requiring two “keys” to open; one supplied by the user and the second supplied by either the storage facility or, perhaps, the intended recipient of the data. How would that second choice work?

You store your data in a double-lock secured digital vault. You encrypt it with your public key and the vault owner encrypts with their private key (in practice, though, the vault owner might do both encryptions).

To get at the data, you supply the vault’s public key and your private key. To send some data to a third party, you do this decryption, check-off the data to send them, encrypt that with your private key and the third party’s public key. They can decrypt with their private key and your public key to access the data (credit card number, shipping address, account balance, social security number, etc. – whatever data you wish to share with them).

Some people who responded to the original proposal for a “safe deposit box” still objected to some other party holding their information data and, probably correctly, indicated that it could be made available by court order.

But, face it; a court order could be used to seize the PC on your desktop so that argument really doesn’t apply. Still, there’s a residual lack of trust in all other parties that might hold your data (see link below for what I think about the term “trust”).

The two-lock system that needs two “keys” does seem to me to overcome those objections if looked at rationally. The cost of breaking those locks is much higher than the benefit received by breaking them.

Still, if people are really adamant about not letting someone else even act as a vault for their data then I have one more proposal. I’ll get to that one next issue.