Nstic Strategy
Essay by Nicolas • June 2, 2011 • Case Study • 1,050 Words (5 Pages) • 1,901 Views
The recent National Strategy for Trusted Identities in Cyberspace (NSTIC) or NSTIC strategy is in essence a government-coordinated initiative to create a national public and private-sector digital identity system. The Draft and Final NSTIC reports basically identify technology-independent privacy and security vulnerabilities that NSTIC policy must address through technology, policy and regulation. Included in Identifying vulnerabilities the NSTIC report gives ethical suggestions to shoring up vulnerabilities. Furthermore the ACM code of ethics group has been a major critic of the NSTIC Draft Strategy. The ACM code of ethics group brought about these criticisms mainly because of unethical approaches to shoring up vulnerabilities listed in the Draft NSTIC strategy. Fortunately these criticisms brought by the ACM code of ethics group have for the most part been addressed in the Final version of the NSTIC strategy.
What must be noted in the Draft NSTIC strategy is that included in the Identifying of vulnerabilities the NSTIC report also tries to give an ethical framework and approach to solving these national vulnerabilities. One such approach that the NSTIC Draft strategy calls for is developing and Identity Eco System. Basically an Identity Eco System is a method of increasing the level of trust between cyberspace entities without compromising end user security or the use of a National ID card. The NSTIC Strategy's vision is one that can best be described as "a focus on individuals and organizations ensuring the full utilization of secure, efficient, easy-to-use, and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice, and innovation". The Identity Eco System identifies some major security holes in the current cyberspace ecosystem and in-turn tries to solve them. These vulnerabilities listed by the NSTIC Draft strategy are identified as Security, Efficiency, ease-of-use, and confidence. The NSTIC Draft Strategy Identity Ecosystem gives user more Security by making online transactions harder to compromise. The Ecosystem increase Efficiency by eliminating the need for multiple password and different accounts spread across multiple systems. Also the Ecosystem increases Ease-of-Use, by first automating identity process whenever and wherever possible while increasing overall system Confidence by providing conventions to adequately protect digital identities. Although the Draft NSTIC was considered to be an ethical approach to shoring up national vulnerabilities and security holes the so call Identity Eco System, has been meet with some skepticism.
One such group the ACM Code of Ethics group or COE has had criticism of the NSTIC approach to solving vulnerabilities and has identified a few implicit dangers of the strategies and the Strategies so called ethical approaches. The COE have suggested that indeed the Draft Strategy may help privacy concerns with the innovation of an Identity Eco System or REAL ID. However there is an inherent danger in centralizing identity processing and creating an even bigger security risk and undermining any potential benefits of the Identity Eco System. In essence the Draft Strategy relies heavily on an Identity Eco System or an REAL ID which the COE feels places too much faith in
...
...