{"id":808,"date":"2007-06-18T19:44:24","date_gmt":"2007-06-19T03:44:24","guid":{"rendered":"\/?p=808"},"modified":"2007-07-17T17:08:41","modified_gmt":"2007-07-18T01:08:41","slug":"revealing-patterns-when-there-is-no-need-to-do-so","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=808","title":{"rendered":"Revealing patterns when there is no need to do so"},"content":{"rendered":"<p>Irving Reid of <a href=\"http:\/\/www.controlledflight.ca\">Controlled Flight into Terrain<\/a> has <a href=\"http:\/\/www.controlledflight.ca\/2007\/06\/18\/correlating-identities\/\">come up with <\/a>exactly the kind of use case I wanted to see when I was&nbsp;thinking about&nbsp;Paul Madsen&#39;s points:<\/p>\n<p style=\"margin-left: 30px\"><a href=\"\/?p=806\">Kim Cameron<\/a> responds to <a modo=\"false\" href=\"http:\/\/connectid.blogspot.com\/2007\/06\/colluding-with-yourself.html\">Paul Madsen<\/a> responding to Kim Cameron, and I wonder what it is about Canadians and identity\u00e2\u20ac\u00a6<\/p>\n<p style=\"margin-left: 60px\">But&nbsp;I have to admit that I have not personally been that interested in the use case of presenting \u00e2\u20ac\u0153managed assertions\u00e2\u20ac\u009d to amnesiac web sites.&nbsp; In other words, I&nbsp;think the cases where you would want a managed identity provider for completely&nbsp;amnesiac interactions are fairly few and far between.&nbsp; (If someone wants to turn me around me in this regard I\u00e2\u20ac\u2122m wide open.)<\/p>\n<p href=\"http:\/\/shibboleth.internet2.edu\/\" style=\"margin-left: 30px\">Shibboleth, in particular, has a very clear requirement for this use case. <a href=\"http:\/\/www.ed.gov\/policy\/gen\/guid\/fpco\/ferpa\/index.html\">FERPA<\/a> requires that educational institutions disclose the least possible information about students, staff and faculty to their partners. The example I heard, back in the early days of SAML, was of an institution that had a contract with an on-line case law research provider such that anyone affiliated with the law school at that institution could look up cases.<\/p>\n<p href=\"http:\/\/shibboleth.internet2.edu\/\" style=\"margin-left: 30px\">In this case, the \u00e2\u20ac\u0153managed identity provider\u00e2\u20ac\u009d (representing the educational institution) needs to assert that the person visiting right now is affiliated with the law school. However, the provider has no need to know anything more than that, and therefore the institution has a responsibility under FERPA to not give the provider any extra information. \u00e2\u20ac\u0153The person looking up Case X right now is the same person who looked up Case Y last week\u00e2\u20ac\u009d is one of the pieces of information the institution shouldn\u00e2\u20ac\u2122t share with the provider.<\/p>\n<p>Put this way it is obvious that it breaks the law of minimal disclosure to reveal that &#8220;the person looking up Case X right now is the same person who looked up Case Y last week\u00e2\u20ac\u009d when there is no need to do so.<\/p>\n<p>I initially didn&#39;t&nbsp;see that a pseudonymous link between Case X and Case Y would leak very much information.&nbsp; But&nbsp;on reflection,&nbsp;in the competitive world of academic research, these linkages could benefit an observer by revealing patterns the observer would not otherwise be aware of.&nbsp; He might not know whose research he was observing, but might nonetheless cobble a paper together faster than the original researcher, beating him in terms of publication date.<\/p>\n<p>I&#39;ll include this&nbsp;example&nbsp;in discussing&nbsp;some of the collusion issues raised by various identity technologies.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>It breaks the law of minimal disclosure to reveal that &#8220;the person looking up Case X right now is the same person who looked up Case Y last week\u00e2\u20ac\u009d when there is no need to do so.<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[6,17,47,11,39],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/808"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=808"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/808\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=808"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=808"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=808"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}