LAWS OF IDENTITY IN BRIEF

1. User Control and Consent:

Digital identity systems must only reveal information identifying a user with the user&#39s consent. (Starts here…)

2. Limited Disclosure for Limited Use

The solution which discloses the least identifying information and best limits its use is the most stable, long-term solution. (Starts here…)

3. The Law of Fewest Parties

Digital identity systems must limit disclosure of identifying information to parties having a necessary and justifiable place in a given identity relationship. (Starts here…)

4. Directed Identity

A universal identity metasystem must support both “omnidirectional” identifiers for use by public entities and “unidirectional” identifiers for private entities, thus facilitating discovery while preventing unnecessary release of correlation handles. (Starts here…)

5. Pluralism of Operators and Technologies:

A universal identity metasystem must channel and enable the interworking of multiple identity technologies run by multiple identity providers. (Starts here…)

6. Human Integration:

A unifying identity metasystem must define the human user as a component integrated through protected and unambiguous human-machine communications. (Starts here…)

7. Consistent Experience Across Contexts:

A unifying identity metasystem must provide a simple consistent experience while enabling separation of contexts through multiple operators and technologies. (Starts here…)

5 thoughts on “LAWS OF IDENTITY IN BRIEF

  1. Pingback: Any questions for Kim Cameron? » at Tom Raftery’s I.T. views

  2. Pingback: Any questions for Kim Cameron? at PodLeaders - Thought Leaders podcast

  3. Pingback: Kim Cameron podcast at PodLeaders - Thought Leaders podcast

  4. Pingback: Kim Cameron’s Identity Weblog » Podleaders Interview for those new to the Laws

  5. The Internet was built without a way to know who and what you are connecting to. This limits what we can do with it and exposes us to growing dangers. If we do nothing, we will face rapidly proliferating episodes of theft and deception that will cumulatively erode public trust in the Internet/This paper is about how we can prevent the loss of trust and go forward to give Internet users a deep sense of safety, privacy, and certainty about whom they are relating to in cyberspace. Nothing could be more essential if Web-based services and applications are to continue to move beyond “cyber publication” and encompass all kinds of interaction and services

Leave a Reply