政府必须解决数字身份混乱,说智囊团

Share on Twitter
Share on Google+
Share on LinkedIn
Share on Reddit
Despite years of strenuous effort, the idea of mass digital identity remains stuck somewhere between non-existent and a total mess.
Ask someone to prove their identity today, and almost without exception they will fall back on a paper passport, driving licence, or bank account statements, usually backed by a social security number (SSN). The online world struggles to accommodate these.
Digital identity systems such as the UK government’s Gov.UK Verify exist but barely any are used in anger. They float around in no man’s land, like clever experiments whose original objective their creators have lost track of.
Meanwhile, shadowing flesh and blood human identities are virtual ones built from oceans of online data. Much of this is handed over willingly to “surveillance capitalists” – Facebook, Google and advertisers, for instance – but lots more exists in this parallel dimension people are only dimly aware exists.
It’s also the world of identity middle-men such as Equifax, which collected so much valuable data it eventually burst at the seams, spilling millions of names, addresses, SSNs, birth dates and driving licence numbers to cybercriminals who could use it to fuel industrial identity theft for years to come.
Sophos Home
Free home computer security software for all the family
Learn More
Not everyone is giving up yet, however, including the Social Market Foundation (SMF), a UK think tank, which argues in a new report that governments should stop shilly-shallying around and press ahead with full-blown digital ID systems.
But aren’t government systems a damp squib? According to the SMF, the problem of systems such as Gov.UK Verify (which uses private-sector partners) is that they were conceived to serve access to government services such as tax and benefits when the real need is much wider.
Verify’s usefulness would improve dramatically if only companies could use it to identify people too:
Encouragingly, use of Verify in private sector contexts is being actively explored, and we believe there are significant benefits for consumers that could arise from this.
Advantages such as:
Passports could give way to app-based identity systems, possibly backed by biometrics
Expensive paper systems could be banished forever
Online verification could be transformed from today’s guesswork and assumption-based model.
Welfare and immigration fraud would be reduced
Because everyone would have an ID, social exclusion faced by people who lack documents could be reduced
Verification and digital identity could be about to become an industry in its own right so jobs could be at stake
企业内部网络作为信息化建设的主要载体,大中型企业几乎都已经部署了基本的技术保护措施如防火墙、防黑客入侵等。
And cybercriminals would no longer find is easy to carry out identity theft against a system that included real-time identity checks on individuals themselves.
Sceptics will see in this as a reprise of the failed UK identity card scheme of a decade ago, eventually scrapped in 2010 after burning through £4.5bn ($6.3bn). Certainly, it’s hard to see how a new ID system wouldn’t initially need to rely on physical documents of the sort that sank the original system on cost grounds.
The other problem is government itself. Solving the digital identity conundrum once and for all can probably only be done at government level – but what if people don’t trust government?
The poster child for digital ID is Estonia, the first country in the world to conduct general elections across the Internet backed by a digital identity system years ahead of other developed countries.
Then there’s India’s Aadhaar, a biometric digital ID system with 1.2bn members that critics have described as “Orwellian”.  The worry is that the Aadhaar model hands government the power to withhold as well as enable access to services as a form of social control.
Which of the two extremes should countries such as the UK and US look to? Probably both deserve scrutiny, but it’s interesting that some of the same civil liberties arguments levelled at Aadhaar also dogged the UK’s ID cards.

This suggests that the path to 21st century digital identity will not be smooth. The flaw in today’s identity model is that data is smeared just about everywhere and anywhere, and incentives to guard it have become warped by commercial self-interest.
互联网安全受热议,中安消信息安全业务转型发展
But until someone comes up with a way to implement an alternative that doesn’t simply over-centralise power with governments, digital identity will remain a rocky road.
With identity theft at record levels what is hard to believe that digital identity can’t be postponed indefinitely. But the old world of uncertain, weakly defended identity won’t go away quickly – expect Equifax-style breaches to be with us for a while yet.
分享推特
分享谷歌
分享LinkedIn
分享在Reddit
尽管经过多年的艰苦努力,海量数字身份的想法仍然存在于不存在和混乱之间。
请人来证明自己的身份,今天,几乎无一例外会依靠一纸护照,驾驶执照或银行帐户报表,通常是由一个社会安全号码(SSN)支持。网络世界的斗争,以适应这些。
数字识别系统如英国政府uk验证存在但几乎没有任何用于愤怒。它们漂浮在无人的土地上,就像聪明的实验一样,它们的创造者失去了最初的目标。
同时,隐藏血肉之人的身份是从在线数据的海洋中构建出来的虚拟身份。其中大部分是自愿移交给“监视资本家”的,比如脸谱网、谷歌和广告商,但更多的人存在于这个平行的维度,人们只是模模糊糊地意识到存在。

Sophos的家
所有的家庭免费上门电脑安全软件
了解更多
不是每个人都放弃,然而,然而,包括社会市场基金会(SMF),英国的一个智库, 提出一个新的报告说,政府应该停止犹豫不决,推进全面的数字标识系统。
但不是政府系统的一个哑炮吗?根据单模光纤,系统如uk问题验证(使用私营部门的合作伙伴),他们都为获取政府服务如税收和福利时,真正需要的是更广泛的。
如果公司能用它来识别人,验证的用处就会大幅度提高:
令人鼓舞的是,在私人部门中使用验证正在积极探索,我们认为有很大的好处的消费者产生的可能。
优点如:
护照可能会让位给基于应用程序的身份识别系统,这可能是基于生物特征识别技术的。
昂贵的纸张系统可能被永远的放逐
在线验证可以从今天的猜测和假设模型转变。
福利和移民欺诈将减少
因为每个人都有身份证,所以那些缺少文件的人面临的社会排斥可以减少。
核查和数字身份可能会成为一个自己的行业,因此就业可能受到威胁。
网络犯罪分子将不再发现对一个包括对个人自身进行实时身份检查的系统进行身份盗窃是很容易的。
怀疑论者会看到这是一个重复失败的英国身份证计划的十年前,最终取通过਴.5bn燃烧后亿美元)。当然,很难看出一个新的ID系统最初不需要依赖那种以成本为基础而沉没原始系统的物理文档。
另一个问题是政府本身。彻底解决数字身份难题只能在政府层面上解决。
数字身份证的宣传对象是爱沙尼亚,这是世界上第一个在因特网上进行大选的国家,它比其他发达国家提前了一个数字身份系统。
然后
这两个极端的国家如英国和美国看看吗?也许两者都值得推敲,但
这表明通往二十一世纪数字标识的道路将不平坦。今天的缺陷
但是,直到有人提出了一种方法来实现一个替代方案。
随着身份盗窃在创纪录的水平,很难相信数字身份可以
真正涉及到安全问题的是我们的个人信息,以及与自身权益密切相关的信息、个人隐私等等。近年来,由于个人信息的泄露造成的各类事件,已经带来了相当严重的社会危害。

猜您喜欢

网络招聘平台信息发布混乱引发舆论关注
中俄信息安全合作能否对抗美国互联网霸权
LMS学习管理系统管理员快速操作指南
李宇春出道这么久,对我们大家隐瞒了什么,真不敢相信!
GIF-GUY REALPRODUCTMONEY
是否应该对用户的安全失误进行严惩

FDA requires firmware update for hackable heart implants from St. Jude Medical

信息系统安全是指利用信息安全技术及管理手段,保护信息在采集、传输、交换、处理和存储等过程中的可用性、保密性、完整性和不可抵赖性,保障信息系统的安全、稳定运行。
网络安全法宣传推广视频 https://v.qq.com/x/page/p050493s0f5.html

多家安全研究公司证明主流移动设备容易被遥控,智能手机和平板设备在执行个人电脑的功能,不过相比之下它们更缺乏用于保障安全的软件。

猜您喜欢

信息安全意识公开课提升国民网络素养
移动僵尸网络防范
网络安全法宣传视频系列001《网络安全法》背景知识
视频:微软Surface Laptop笔记本宣传片
SK-HOUSE THEBRIGHT
网络空间安全畅想