Logo des Repositoriums
 
Konferenzbeitrag

Electronic identity mass compromize: Options for recovery

Lade...
Vorschaubild

Volltext URI

Dokumententyp

Text/Conference Paper

Zusatzinformation

Datum

2023

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

A National Digital Identity Framework should be designed in a proactive manner, should focus on a resilience-oriented approach, and should be aimed at limiting the risks that may originate from identity data management [IT18]. What is the preparedness of digital identity providers for recovery from compromise that affects large numbers of identities? Failures or attacks may destroy authenticators, data or trust chains that are the foundations of large identity ecosystems. The re-issuance of digital identities, of authenticators or the re-enrollment of the user base should get planned as contingency measures. Important parameters will be recovery time, complexity of re-registering subjects, distribution of effort between certification authorities, registrars and relying parties, and the availability of alternative technologies and staff resources. The article will, based on a review of standards and requirements documents, present evidence for a shortage of recovery readiness that endangers relying parties and identity ecosystems. From a review of standards and practice, we extract recovery procedures as far as they are planned for.

Beschreibung

Fritsch, Lothar (2023): Electronic identity mass compromize: Options for recovery. Open Identity Summit 2023. DOI: 10.18420/OID2023_13. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-729-6. pp. 141-146. Short Paper. Heilbronn, Germany. 15.-16. June 2023

Zitierform

Tags