Information and Identity Governance – Defining Identity

Defining identity: what is it, who wants or needs to know; and why? 

The word “identity” has many connotations, including; philosophical notions of continuity of personal identity, collections of personal information “attributes” (e.g. items on a usiness card), verified sets of these attributes, electronic representation of these attributes in digital identities and digital personas.

Crucial questions to consider...

  • 9. What is identity? The basic philosophical questions around what gives identity to a person or entity. What attributes make up an identity and how do they interact to provide trust? (This may be better as a PhD thesis)
  • 10 What are the definitions for identity components; entity, attributes, biometrics, legal entities, transaction footprints, aliases and how do these differ across different systems and cultures?
  • 11. Who actually wants or needs digital identities for themselves or their customers and why?
  • 12. What are the economic models behind identity systems? How much economic value is there in identity attribute verification? Who benefits and who pays?
  • 13. How much value is there in standardising low-assurance identities? A common complaint is that people have too many identities and credentials (such as passwords), so standards would improve usability but might impact security when compromised. What are the costs and benefits if such identities and the associated network protocols were to be standardised? Who would lose business and/or competitive advantage if that were to happen?
  • 14. How do these principles apply to identities with higher levels of registration and validation?
  • 15. Under Data Protection laws, there are costs associated with storing and managing identity information. How are these costs affected by schemes such as User Managed Attributes where the individual is responsible for maintaining and storing the attributes?