(The Opinity URL for
Vittorio is http://vibro.opinity.com.)
When an individual enters a transaction, however, the identity
he uses is unidirectional. That is, the identity transmitted is
meant only to identify the user with the service provider currently
engaged. If you are buying an airplane ticket on one website
and booking a hotel room on another, the authentication
scheme should not help the two websites to join their data and
understand that you are the same person (and afterward send
The intended audience
is what de-
?¬?nes the ???direction???
of an identity
An omnidirectional
identity de?¬?nes the
public identity of
an entity
A unidirectional
identity de?¬?nes the
identity of an entity
in the limited scope
of a transaction
The Seven Laws of Identity 103
you advertisements about shuttle services between your destination
airport and your hotel).
This is a very subtle point. A typical objection at this point is
this: What if both sites require name and birth date? What can
an authentication system do to prevent the two businesses from
joining data together? The answer to that is, not much. If the two
businesses require name and birth date to perform their function,
there??™s nothing that can be done.
Pages:
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186