Title: Challenges for Identity Management and Trust in Data Privacy and Government-Private Sector Information Sharing Systems for Critical Infrastructure Protection John T. Sabo Director, Global Government Relations CA, Inc. Member, OASIS IDtrust Member
1 Challenges for Identity Management and Trust
in Data Privacy andGovernment-Private Sector
Information Sharing Systems for Critical
Infrastructure ProtectionJohn T.
SaboDirector, Global Government RelationsCA,
Inc.Member, OASIS IDtrust Member Section
Steering CommitteePresident, Information
Technology-Information Sharing and Analysis Center
www.oasis-open.org
2The Emerging Challenge
- Identity management challenges emerging from two
distinct, but converging areas - the networked sharing of sensitive information
for critical infrastructure protection - Information (or data) privacy
3Information Sharing Mandate from Government
- The objective of the information sharing life
cycle is to provide timely and relevant
information that security partners can use to
make decisions and take necessary actions to
manage critical infrastructure risks. - (The U.S. National Infrastructure Protection
Plan (NIPP) NIPP, pages 59-60)
4Cross-sector Information Sharing Environment
Securities.
WALL ST.
Transportation
Wall Street/The City
Banks/Finance
5What is Information Sharing?
- Information - what
- descriptions and definitions of information
sharing products - Sharing Entities - who
- entities and individuals who comprise the
information sharing infrastructure and their
responsibilities - Sharing Mechanisms - how
- the business processes and technical
communications mechanisms used by information
sharing entities - Originator Control
- operational information sharing policies and
rules for cross- sector and sector-government
sharing - Vetting and Trust
- security and privacy policies, standards and
controls needed to establish and maintain a
trusted information sharing environment
6The Information Sharing community
7Information Sharing for Critical Infrastructure
Protection
- Involves many partners
- Involves sensitive information
- Crosses company, organization, sector and
geo-political boundaries - Requires agreements about who, what, how, and
attention to data protection components - Must add value to participants
- Must be resilient
- Must be available
- Must be secure
- Must be trusted
-
8Problems and Issues Growing
- Data privacy tensions exist in the use of
personally identifiable information and sensitive
business information for national security
purposes - Use in cross-domain programs and applications
- Crossing government and business boundaries
- Assurances of basic information privacy and
business confidentiality principles - Concerns over access and use of sensitive
information - The implementation of information sharing systems
is exposing threats to privacy - Data protection Commissioners
- Advocacy organizations
9Relationship to Personal Information
www.oasis-open.org
- Society is increasingly driven by and dependent
on personal information - personal information is continuously collected,
processed, used, and shared - Information about finances, health,
communications, behaviors and transportation --
increasingly integrated into virtual databases of
varying data quality - Governments express interest in such information
for national security purposes - The use of this data for government purposes
increases concerns as the potential for harm to
the individual increases - For example - deny access to flight or entry to a
country based on multiple information sources
10Examples of Personal Information
- Financial
- Consumers leave a trail every time they use
credit and debit cards for purchases - Communications Services
- The increase in the use communications
technology has created a vast amount of
telecommunications traffic. Each call is logged,
tracked, billed and stored, creating an
unparalleled data set. -
- Location Data
- Telecommunications can yield even more
information the individuals location. - Transactions
- Information and services purchased are recorded
and mapped to individuals, creating an electronic
web of money, communications, locations, and
goods and services. -
- Interagency Exchanges
- Government agencies may acquire commercial data
through a variety of processes, including their
authority for taxing, licensing, or monitoring.
11Example the U.S. National Homeland Security
Network
12Complex and Imprecise Privacy Laws, Directives,
Policies
- US Privacy Act of 1974
- The OECD Guidelines Principles
- UN Guidelines Concerning Personalized Computer
Files - EU Directive 95/46/EC Information Privacy
Principles - Canadian Standards Association Model Code
- International Labour Organization (ILO) Code of
Practice on the Protection of Workers Personal
Data - US-EU Safe Harbor Privacy Principles
- Ontario Privacy Diagnostic Tool
- Australian Privacy Act National Privacy
Principles - The AICPA/CICA Privacy Framework
- Japan Personal Information Protection Act
- APEC Privacy Framework
- . . . .
13Privacy Context Policies Are Trailing Technology
and Practices
Technology
Evolving nature and concepts of Privacy
Society
Regulation
National Security
Standards
Information Society
Industry
Digital Economy
Pervasive Networked Devices
Forces
14Privacy Principles/Practices (many with clear
Identity Management linkages)
- Accountability
- Notice
- Consent
- Collection Limitation
- Use Limitation
- Disclosure
- Access and Correction
- Data Quality
- Enforcement
- Openness
- Anonymity
- Data Flow
- Sensitivity
- Security/Safeguards
Source www.istpa.org Making Privacy
Operational.
15Relative State of Privacy and Security Standards
- Privacy standards essentially at very early
state - Issues of definitions and taxonomy
- Focus on front-end data collection and Web
(such as Platform for Privacy Preferences (P3P) - Today heavy focus on data minimization as a
practice - Unclear policy and operational relationship
between security and privacy - Privacy and security often conflated
- data breach
- Security much more developed
- frameworks, standards ITU, ISO, OASIS, IETF,
W3C, etc.) - mechanisms, products
- ISTPA Privacy Framework potentially important
www.istpa.org
16Convergence of Information Sharing and Privacy
- Business and personal information protection may
require similar security controls - Despite different motivations
- Separate policies and technologies
- Not integrated, no common understandings
- No single ownership or infrastructure
architecture - Convergence being forced in information sharing
systems - Data privacy concerns heightening awareness
17Starting Point Identity and Trust Foundation
- Trust is core component of operational
information sharing and data privacy - Identity and access management foundation
necessary - Need for interoperability across information
sharing domains - federated or loosely-coupled, but trusted
- Standards-based
- Little attention to this in the information
sharing community
18What Can Be Done?
- Work must begin now - the information sharing
infrastructures being implemented have serious
security and privacy vulnerabilities - Need to take an overview of identity and trust
standards in the context of loosely-connected
systems and infrastructures - What is relationship of OASIS and other standards
to a solution SAML 2.0, Liberty, WS-Security,
WS-Federation, XACML, others? - Is there a need for a new framework or meta
standard? - Todays workshop speakers discuss potentially
important work underway that might be usable for
identity management issues emerging in
information sharing and privacy systems - How can the OASIS IDtrust Member Section play a
role EKMI, PKIA, DSS-X or other initiatives?
19Questions? john.t.sabo_at_ca.com