Identity As the Great Enabler 58
New submitter steve_torquay writes: Last week, President Obama signed a new Executive Order calling for "all agencies making personal data accessible to citizens through digital applications" to "require the use of multiple factors of authentication and an effective identity proofing process." This does not necessarily imply that the government will issue online credentials to all U.S. residents.
The National Strategy for Trusted Identities in Cyberspace (NSTIC) is working towards a distributed identity ecosystem that facilitates authentication and authorization without compromising privacy. NSTIC points out that this is a great opportunity to leverage the technology to enable a wide array of new citizen-facing digital services while reducing costs and hassles for individuals and government agencies alike.
The National Strategy for Trusted Identities in Cyberspace (NSTIC) is working towards a distributed identity ecosystem that facilitates authentication and authorization without compromising privacy. NSTIC points out that this is a great opportunity to leverage the technology to enable a wide array of new citizen-facing digital services while reducing costs and hassles for individuals and government agencies alike.
Re: (Score:1)
Paper and land-line calls subject to fraud also. It's how Steve Jobs got started.
Done right it's a great idea... (Score:3, Interesting)
It would be great if you could more easily and securely access more of your tax records, or your Social Security benefits statement. This would also greatly improve things like government contracting.
OTOH, if the system is hackable then you could easily lose all your data to some guy on another continent.
Which would be a bad thing.
first four words (Score:4, Insightful)
Done right,
Didn't read the first four words of the summary, eh?
My career has been in internet security. I now work for a government agency where we teach cyber security to other government workers. I can assure you, it won't be done right.
nobody was in charge (Score:2)
In my opinion, healthcare.gov failed so miserably primarily because nobody at HHS was in charge of the project, while several people at HHS felt that they had the authority to mandate adding new features. Apparently nobody was responsible for keeping it on schedule, and therefore saying "no" to various requests, or alternatively telling the president "if we do this, it will take another year to complete".
Nobody at the lead contractor seemed to have that role either. Everybody knew that it had scope-creeped
Re: (Score:2)
In my opinion, healthcare.gov failed so miserably primarily because nobody at HHS was in charge of the project, ....
How many lines of legalize was the Affordable Care Act? Just translating the ACA into requirements would take longer than the time allotted to getting the web site up and working --- and then you need at least one individual who completely understands the sometimes conflicting requirements.
No. The web site was doomed before it even began.
1,000 pages, true. Still the page could load (Score:2)
Certainly you couldn't implement checks and cross checks for every detail of the law as part of the web site within any reasonable time frame. However, one could easily build a site that just sends enrollee information to the insurance company and to HHS, and accomplish that within days or weeks. With a couple of years and a billion dollars, one could build a site that does 90% of what was desired, and actually works. It is the job of the chief project manager to not allow the scope to expand beyond wha
Re: (Score:3)
Is that because you are the instructor? I jest.. seriously I was joking because it was wide open with the wording you used.
However, you are probably 100% correct. I did the networking and IT for a local county government for a number of years in the past. It was unbelievable that you could give instructions and before the day was out, have them completely ignored by people who thought they knew better.
For instance, we had a server in another location connected to the main building by T1. The T1 line was sch
Re: (Score:1)
Re: (Score:3)
I resent that- they're perfectly capable of losing our data to some guy on this continent, too.
Re: (Score:2)
Done right it's a great idea...
NO, it is not. It is a terrible idea. There are many reasons why:
First off, it's based on a premise that is known to be broken: a "web of trust". We already have a very good example of that type of system failing, and failing big time: SSL Certificates.
SSL Certificates are a web authentication scheme that depend on Certificate Authorities (CAs) to certify that a particular site is legitimate and unique. So far so good. BUT... then a number of problems arose that should be harsh lessons.
[1] Some CAs
Re: (Score:2)
If you were actually rational about this issue at all you wouldn't have included the ObamaCare bit. The site was a few months late, but has since been a key part of providing health insurance to millions of Americans. Anyone who has actually worked in the private sector for more then a week can list at least three IT roll-outs that were more bungled then that.
Most of your reasoning falls apart with one simple change: if the Federal government is the only entity issuing certificates, then objections 1 and 2
It's been a long day (Score:2)
NSTIC points out that this is a great opportunity to leverage the technology to enable a wide array of new citizen-facing...
And this week I've probably watched to many movies about our dystopian future. My brain was really expecting that to end with the name of some type of weapon.
After reading everything again I am still left with a feeling that, while much smaller, it is still a step in that direction.
Re: (Score:2)
no worries this can still get dystopian on this. probably the best way for NSTIC to secure people's records are through a national id cards. for extra security we better register people's biometrics too. better yet, link all gov interactions (traffic stop, flights, etc) to a national DB. also, for the kids. jumping the shark would be to implant RFID tags, so I won't go there.
Re: (Score:2)
You're definitely over-reacting. They're not talking about collecting new data, turning data over to law enforcement, or anything like that. This is actualy the opposite of that. It's an attempt to make it easier for you to see what the government has on you.
Right now you can access your tax records (it's called a tax transcript) online for free, but it's a multi-step process and it's a huge pain in the ass when they start asking trick questions about whether you lived at 3205 Green Rd, or 3105 Green Rd for
Let me guess, it will be based on your SSN (Score:4, Insightful)
Any solution that comes from bureaucrats should be immediately discounted.
I suspect it will be too easy to compromise, inflexible and require antiquated, proprietary technology.
Re: (Score:3)
You obviously weren't around for Carter or capable of reading about history.
Nixon was better than Carter- even on liberal policies implemented ffs. And I think we can all agree that both shrubs and the actor was better than Nixon.
Re: (Score:1)
Re:Executive Orders (Score:4, Informative)
What are all these 'Executive Orders'?
That question could have been answered faster with a Google search than it took you to type it.
Is the USA a dictatorship run by the President, or a democracy run by Congress, or a schizophrenic mixup?
That is a much more open-ended question and you will find all sorts of theories on the inter-tubes that will attempt to sway you to their particular world view. Good luck making sense of the cacophony of opinions you will find.
The short answer: This Executive Order is instructions to the executive branch (people that work for him) to ask for more secure forms of ID before giving them money or personal information.
more government information online (Score:2)
I think I would rather they concentrate on putting more government information online, making government more open rather than implementing systems to make citizens prove who they are.
Great (Score:2)
is NSA now my backup service? Does this also apply for EU citizens?
We all have more than one identity, and need more (Score:2)
I'm David in general, DCB at work (there are lots of Daves), Orv as a nickname, Uncle Dave to my nephew when he was little, Mr Collier to all sorts of illiterate clerks. I have a pen-name, and a bunch of versions of my name required by email providers. My name also changed when I got married, as did my wife's.
When dealing with vendors I don't necessarily trust, I'm just "sir" and pay with cash. Considering the internet make it possible for vendors to be anywhere and anyone, I expect that we'll all to do mo
Now everybody's info can get "honed" (Score:2)
"Honed" is a term I've coined in honour of Mat Honan and how his info got owned/wiped... http://apple.slashdot.org/stor... [slashdot.org]
It's one thing for trusting/ignorant people to put their data in the cloud, and get it stolen. What's the reaction going to be when everybody's data is forcibly put in the cloud?