Identity Assertion – A New Risk for Your Corporate User Information
Identity and identity management have become hot topics. In the web world, identities have emerged as the way we manage our online relationships when they move beyond generic information and into a more defined place. While many of us have dozens or even hundreds of identities, they are not created nor used equally. There seem to be three specific kinds of identities in the web world:
- Trust Identities – Trust identities are identities that exist exclusively between two parties and are specific to an exclusive relationship between those two parties. A good example of a Trust Identity is the identity used to initiate an interaction with your bank or a site like eBay. Most people have many trust identities and these are generally most of any individual’s identities.
- Representation Identities – A representation identity is a specific identity that you allow to represent you openly as a place people can come to connect to you. An email address, a phone number or an account on an application with an identity API would be good examples. Social applications like Facebook and LinkedIn are emerging as Representation Identities for many users. In contrast to Trust Identities, most users have a relatively small number of representation identities.
- Assertion Identities – An Assertion Identity is an identity you can use with a web site to assert your ownership of a recognized singularity that can be associated with you virtually. A good example of an assertion identity is email or a phone number. Both can be used to validate the assertion that you control that uniqueness. Most Representation Identities can and often are also used as Assertion Identities.
For most users, an Assertion Identity is used in the process of developing a Trust Identity to validate you in some way to the other trust party. The challenge is that the explosion in identities and associated passwords and security challenges has become for many users a nightmare. While there are password management applications, more and more active web identities like Facebook or LinkedIn are becoming the assertion identity of choice. The benefit is that the assertion identity password and security parameters can be used with a range of Trust Identify sites. This effectively eliminates the multiplicity of identity names and passwords by using the single assertion identity as the Trust Identity.
The problem that is emerging is that by using a social Assertion Identity like Facebook, the Assertion Identity provider is now a part of all the Trust Interactions with the third party. The potential issues of this were identified this week in an article on Fast Company that details how activity tracker and others can use the Facebook Identity Assertion to correlate your activity on that Trusted site to other activities and data. For example, when you go to the bank, that activity can be associated with other data about you such as email, income, address, etc.
For organizatioons this is becoming a significant challenge. If company users rely on a Facebook Assertion Identity for their use of a range of web or cloud-based applications, that usage may inadvertently compromise information in the identity process.
While the obvious answer is for companies to prohibit the use of Assertion Identities that enable tracking and other data extractions by third parties as part of their use. The problem is that this moves users back to the password world where all the issues of lots of passwords challenge usage and security. As we move more of the business IT infrastructure to the cloud, the problem is becoming more significant.
The solutions may be in using social-based Assertion Identities that commit to not enabling tracking (LinkedIn?) or just to use emails. But both come with challenges: the dependability of third parties to not monetize info based on Assertion Identities or the complexity of a large number of distinct user IDs and passwords. The potential explosion in communications and collaboration applications, without reasonable federation, exacerbates this issue and brings it into the BC and collaboration space. Across those solutions, the capability for guest access directly to an application or service that is not part of the enterprise increases the number of new identities that many users will have, driving users to use an Assertion Identity like Facebook.
For both the IT and security teams, this is an area that requires both analysis, policy and potentially even solutions. Understanding how your users are asserting identities as they access and use the plethora of cloud applications and services is crucial to understanding the potential for compromise through tracking or other technologies that are enabled by using open social Assertion Identities that are based on companies that monetize user information for revenue. The process of monetizing your user’s data may not align with either your corporate or security policies.
Tags
Start YourCustomized Search
SOLUTION AREA
SOLUTION PROVIDERS
- 8x8 (40) Apply 8x8 filter
- Alcatel-Lucent Enterprise (50) Apply Alcatel-Lucent Enterprise filter
- AT&T (44) Apply AT&T filter
- AudioCodes (49) Apply AudioCodes filter
- Avaya (397) Apply Avaya filter
- Cisco (574) Apply Cisco filter
- Dell (11) Apply Dell filter
- Five9 (56) Apply Five9 filter
- Fuze (39) Apply Fuze filter
- Genesys (100) Apply Genesys filter
- HP (98) Apply HP filter
- IBM (171) Apply IBM filter
- Jabra (9) Apply Jabra filter
- Logitech (56) Apply Logitech filter
- Lumen (4) Apply Lumen filter
- Masergy (50) Apply Masergy filter
- Microsoft (766) Apply Microsoft filter
- Mitel (233) Apply Mitel filter
- NEC (128) Apply NEC filter
- Nectar (58) Apply Nectar filter
- Polycom (95) Apply Polycom filter
- Ramp (37) Apply Ramp filter
- RingCentral (127) Apply RingCentral filter
- Sennheiser (18) Apply Sennheiser filter
- Slack (13) Apply Slack filter
- Tata Communications (59) Apply Tata Communications filter
- Unify (186) Apply Unify filter
- Vonage Business (80) Apply Vonage Business filter
- Yealink (8) Apply Yealink filter
- Zoho (6) Apply Zoho filter
- Zoom (22) Apply Zoom filter
- Acme Packet (24) Apply Acme Packet filter
- Allworx (2) Apply Allworx filter
- Arkadin (22) Apply Arkadin filter
- Aspect (34) Apply Aspect filter
- BT (25) Apply BT filter
- CaféX (8) Apply CaféX filter
- CallTower (14) Apply CallTower filter
- Clarity Connect (10) Apply Clarity Connect filter
- Continuant (1) Apply Continuant filter
- Damaka (4) Apply Damaka filter
- Dialogic (5) Apply Dialogic filter
- Dimension Data (44) Apply Dimension Data filter
- Empirix (11) Apply Empirix filter
- Enghouse Interactive (17) Apply Enghouse Interactive filter
- Inference Solutions (9) Apply Inference Solutions filter
- IntelePeer (27) Apply IntelePeer filter
- IR (11) Apply IR filter
- Jive (21) Apply Jive filter
- Kurmi Software (21) Apply Kurmi Software filter
- Lifesize (33) Apply Lifesize filter
- Lightware (3) Apply Lightware filter
- Mavenir (6) Apply Mavenir filter
- Modality Systems (8) Apply Modality Systems filter
- Momentum (36) Apply Momentum filter
- Netfortris (5) Apply Netfortris filter
- NetSapiens (6) Apply NetSapiens filter
- NewVoiceMedia (31) Apply NewVoiceMedia filter
- Nureva (26) Apply Nureva filter
- NUWAVE (5) Apply NUWAVE filter
- Orange (32) Apply Orange filter
- OVCC (8) Apply OVCC filter
- Panasonic (18) Apply Panasonic filter
- PanTerra Networks (9) Apply PanTerra Networks filter
- ScanSource (21) Apply ScanSource filter
- SIPPIO (3) Apply SIPPIO filter
- Snom (20) Apply Snom filter
- Star2Star (8) Apply Star2Star filter
- StarLeaf (12) Apply StarLeaf filter
- Tadiran Telecom (2) Apply Tadiran Telecom filter
- TekVizion (9) Apply TekVizion filter
- Unimax (7) Apply Unimax filter
- Verint (44) Apply Verint filter
- Voice4Net (2) Apply Voice4Net filter
- VOSS (85) Apply VOSS filter
- Voxbone (14) Apply Voxbone filter
- West (28) Apply West filter
- XO Communications (3) Apply XO Communications filter
- Yorktel (17) Apply Yorktel filter
- Zultys (2) Apply Zultys filter
- 3CX (8) Apply 3CX filter
- ADDASOUND (1) Apply ADDASOUND filter
- Aerohive (1) Apply Aerohive filter
- Aryaka (1) Apply Aryaka filter
- Asurion (22) Apply Asurion filter
- Avnet (7) Apply Avnet filter
- Bandwidth (5) Apply Bandwidth filter
- Calabrio (5) Apply Calabrio filter
- Consilium Software (13) Apply Consilium Software filter
- Drum (5) Apply Drum filter
- ESI (6) Apply ESI filter
- Esna (16) Apply Esna filter
- Exinda (2) Apply Exinda filter
- EZuce (3) Apply EZuce filter
- GUnify (6) Apply GUnify filter
- Highfive (4) Apply Highfive filter
- Huawei (47) Apply Huawei filter
- Imagicle (3) Apply Imagicle filter
- IPCortex (1) Apply IPCortex filter
- KnoahSoft (1) Apply KnoahSoft filter
- KOVA (1) Apply KOVA filter
- Logmein (9) Apply Logmein filter
- Metropolis Technologies (4) Apply Metropolis Technologies filter
- Mutare (2) Apply Mutare filter
- NextPlane (27) Apply NextPlane filter
- Ooma (16) Apply Ooma filter
- Patton (11) Apply Patton filter
- Radish Systems (1) Apply Radish Systems filter
- Radisys (3) Apply Radisys filter
- Shango (1) Apply Shango filter
- SMART (163) Apply SMART filter
- Stack8 (1) Apply Stack8 filter
- Swyx (1) Apply Swyx filter
- TrueConf (4) Apply TrueConf filter
- UJET (13) Apply UJET filter
- Voximplant (3) Apply Voximplant filter
CONTENT TYPE
- BC Expert Insights Market (44) Apply BC Expert Insights Market filter
- BC Expert Insights Objective - Vendor Neutral (42) Apply BC Expert Insights Objective - Vendor Neutral filter
- BC Expert Insights Planning (15) Apply BC Expert Insights Planning filter
- BC Expert Insights Solution (12) Apply BC Expert Insights Solution filter
- BC Expert Insights Vendor (82) Apply BC Expert Insights Vendor filter
- BC Expert Insights Vendor Solution (154) Apply BC Expert Insights Vendor Solution filter
- BC Expert Roundtable (136) Apply BC Expert Roundtable filter
- Bcs Webinar (0)
- Bcs Webinar Registration (0)
- Best Practice (38) Apply Best Practice filter
- Buyer Guide (14) Apply Buyer Guide filter
- Case Study (29) Apply Case Study filter
- Executive Interview (145) Apply Executive Interview filter
- Expert Roundtable (453) Apply Expert Roundtable filter
- Guest Contributions (35) Apply Guest Contributions filter
- Multimedia (38) Apply Multimedia filter
- News Analysis (2081) Apply News Analysis filter
- Newsfeed Article (1303) Apply Newsfeed Article filter
- Newsfeed Article (1) Apply Newsfeed Article filter
- Thought Leadership (21) Apply Thought Leadership filter
- Vendor Collateral (211) Apply Vendor Collateral filter
- Vendor Resource Best Practices (24) Apply Vendor Resource Best Practices filter
- Vendor Resource Buyers Guides (2) Apply Vendor Resource Buyers Guides filter
- Vendor Resource Multimedia Content (4) Apply Vendor Resource Multimedia Content filter
- Vendor Resource White Paper (4) Apply Vendor Resource White Paper filter
- Webinar (13) Apply Webinar filter
- Webinars (7) Apply Webinars filter
- White Paper (64) Apply White Paper filter
MORE FILTERS
INDUSTRY
- Banking And Investment (800) Apply Banking And Investment filter
- Education (446) Apply Education filter
- Energy And Utilities (487) Apply Energy And Utilities filter
- Finance (12) Apply Finance filter
- Government (675) Apply Government filter
- Healthcare (482) Apply Healthcare filter
- Hospitality (180) Apply Hospitality filter
- Insurance (100) Apply Insurance filter
- Manufacturing (704) Apply Manufacturing filter
- Media/Publishing (422) Apply Media/Publishing filter
- None (43) Apply None filter
- Professional Services (745) Apply Professional Services filter
- Retail & Distribution (798) Apply Retail & Distribution filter
- Technology (1611) Apply Technology filter
- Transportation (110) Apply Transportation filter
PUBLICATION DATE
Latest Articles
Latest Articles
![](/sites/all/themes/ucs/images/Newsletter-Signup.jpg)
Add new comment