We explore these
concepts in greater detail in Chapter 2, ???Hints Toward a
Solution.???
The meaning of
identity is intended
here in the operational
sense
56 The Problem
The airline example is another tool for understanding what is
wrong with the current authentication methods. It provides a
classic example of the phenomenon that we call ???hostage identity.???
Every time you sign in on a website, you acquire the capability
of using your digital identity with that website. However,
some of the information that makes up your identity in this context
is probably the same as the identity you have with many
other websites; nonetheless, you are forced to feed that info over
and over again because there??™s no clear way of communicating
that data between websites. The absence of that communication
channel is a challenge if we want to replicate in the online
world what we described in the frequent ?¬‚yer card example:
using one identity across business partners. In the example, you
used the privileges of your gold member status, achieved and
memorized on the back end of one airline, with another airline
as the service provider.
Airline A Airline B
Ticket
Customer
?
Figure 1-14 The airline customer has different identities (and different
privileges) on the two airlines??™ computer systems
If your identity is
de?¬?ned in the database
of a website,
chances are that
you will be able to
use that identity
only with that
website
The Babel of Cryptography 57
Challenging does not mean impossible, of course.
Pages:
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114