First of all, let me state an important assumption.
Whether you or me, or the PC that I am writing this blog post, let us assume that they exist and not get into a philosophical issue of existence. Let such existing bodies be called “Entity”.
Thus, I am an entity, this PC is an entity, etc.
Note that we cannot recognize them directly. We have to observe them through the cognitive process of the observer. Therefore, even for yourself, there are such things as “self recognition” of yourself and “3rd party recognition” of yourself.
Figure 1 depicts this relationship.
In this figure, the left most “entity” is you (*1).
You live in a society and have relationship with many people. In Figure 1, frends are depicted in the top right, and your boss is depicted in bottom right. You obviously have many more relationship but the space limitation allowed me to write only two of them.
You have an expectation on your self-image, i.e., “how you want to be recognized”, by these entities. Such self-image is called an “identity”.
Note that such “self-image/identity” is an abstract concept and neither you or your friends can observe directly. In reality, they see-feel-hear your looks, your cloth, what scent you wear, what you say, where you live, who is your boy friend, what phone you use, etc., i.e., your “attributes”, and perceive your “identity”. In another word, “self-image/identity” is formed by those attributes. (This is an important point to remember when you talk about privacy.) Accordingly, ISO/IEC 24760 defines “identity” as “set of attributes related to an entity”. Thus, “Digital Identity” is set of digitized attributes so that computers can deal with it.
Note that identifiers like Employee number or SSN are just another attribute. Many people think of them as really special thing, but they are not.
“3rd party recognition” and “self recognition”: interpersonal problems
The “self-image/identity” cannot be formed directly, as it is stated above. They are formed by sharing/providing various “attributes” to the entities (including yourself.) For example, to create “Lively and Friendly Image”, you could ware sporty attire, talk loud and fast, joke often, use very friendly nickname, etc. towards your friends.
The image that others gets from these attributes depends on the receiver, so it is not possible to perfectly match the “3rd party recognition” of yourself with your “self recognition”. There always are some “delta”. For example, you were trying to create an image that is lively and friendly, but your boy friend may perceive it as being a “rattlebrain” and may say “good-bye.” How despairing that would be for you!
This difference/delta between the “self-recognition” and “3rd-party-recognition” on your “self-image/identity” constitute a large part of suffering of human being. And the right to control this delta relates closely to your right of privacy.
Let me note that “privacy rights” are yet to find consensus in many jurisdiction. I am merely stating here the notion of it among some faction of the researchers in Digital Identity field. (In Japanese law, it is basically the same with what is called as “self-image control right” proposed by Prof. Munesue.)
As I have depicted in the figure 1, an individual/entity uses multiple “self-image/identity”. Suppose that currently, you are in a state that is working well. You are recognized by your friends as you want it to be, and you are recognized by your boss as you want it to be. Your “self-image” towards each of them and “their-image” matches pretty closely. Your relationship with these people are in good shape, you keep your dignity, and you are feeling happy about it. You have right to seek the dignity and the happiness, at least, according to the article 13 of the Japanese Constitution. So here is the definition by Prof. Munesue.
“Privacy is the right to use various self-image according to the multiplicity of social relationship that can be formed” (Munesue, “New Structure for the Human Right”, Shinzan Publication (1992) PP.187-195.
Now, suppose that an evil person, Eve came in and provided some information that you provided to your boss but not to your friend to your friend. If you are lucky, the friend’s recognition about you would not change, but in many cases, it would. As the result, the relationship with your friends may deteriorate. This is called the “Privacy Infringement.”
In the model depicted in figure 1, an act of taking out an attribute from an identity and adding it to another would constitute the privacy infringement. The reason that PII leakage incident are often called as privacy breach comes from this fact. Such incident is actually adding attributes that was shared with an entity to the “public identity”.
Note that PII leakage and Privacy Infringement/Breach are two distinct notion. The former is just a possible cause of the later.
Now we understand that it is useful to provide attributes to a certain entity to create a desired self-image. At the same time, we now understand that providing such attributes to another entity would constitute a privacy infringement.
Digital Identity is a set of attributes that were provided to an entity. To avoid the privacy infringement, we have to make sure that only the intended entity gets access to the attributes. This implies that we need to identify the receiver and implement access control to the access to the digital identity.
This act of identification of an entity at some degree of certainty is called “authentication.” The degree of certainty is often called as “assurance level.” Authorization is the act of allowing such identified entity or service to access the give set of attribute (=digital identity). Who has the right to authorize depends on the cases. Such authorizing entity must also be authenticated before granting the access.
Thus, access authorization actually consists of:
- Authentication of the accessing entity.
- Authentication of the authorizing entity.
- Access to the digital identity.
Time is up for now. I will continue this in the coming blog posts.
(*1) Although this post deals with natural human entity, an entity could be anything else. It could even be an imaginary one. In the NSTIC context, smart meter is often referred to as being and entity that has “digital identity”.