Fri Apr 8 06:51:39 PDT 2016

Control Architecture: Identification: How are individuals originally identified and their identities verified?


Options:

Option 1: No identification is used, activities are anonymous.
Option 2: Individuals self-identify and no verification is done.
Option 3: Individuals identify as members of a group and their membership is up to the group to determine.
Option 4: Individuals are "known" to others and identified based on the mutual knowledge.
Option 5: Individuals present or use an organizational identification card or device.
Option 6: Individuals present credentials issued by a government.
Option 7: Individuals are identified by tracing personal history and doing background checks.
Option 8: Individuals are identified by extensive in-depth background checks.
Option 9: Individuals are identified by forensic methods, such as DNA samples and those of parents and siblings.

Decision:

Enter your original identification strategy

SituationIdentification method
Identification is to be used for legal purposes where identity is in question and relevant or for medical purposes related to matching of physiological factors Individuals are identified by forensic methods, such as DNA samples and those of parents and siblings.
the Identification is to be used for clearances for highly sensitive or responsible positions, Individuals are identified by extensive in-depth background checks.
The identification is to be used for normal worker checks or to check for criminal records, Individuals are identified by tracing personal history and doing background checks.
A governmental third party identity is adequate for the desired level of diligence, Individuals present identification credentials issued by a government.
The identification is to verify membership in an organization, Individuals present or use an organizational identification card or device.
The identification is to establish that someone you trust trusts them, Individuals are "known" to others and identified based on the mutual knowledge.
The identification is used to keep groups of people together and "herd them" accordingly, Individuals identify as members of a group and their membership is up to the group to determine.
Identity is a convenience to associate actions to identities and not intended to associate them with individual people, Individuals self-identify and no verification is done.
No identity is required or desired, or anonymity is intended, No identification is used, activities are anonymous.
Original identification strategy

Basis:

No identification is used, activities are anonymous.

Anonymous services such as search engines, anonymizers, and many Web sites require no identity whatsoever and, in many cases, seek to avoid identity to reduce liability and handling complexity. Common use services, or for fee services based on cash or other fungibles also require no identity.

Individuals self-identify and no verification is done.

In cases where identity is a convenience to the user, self-identification may be used. This takes overhead, but is often seen as enhancing the user experience. Many people and enterprises use self-identity as a predominant mode of operation, and almost every public Web site that tracks identity uses self-identification without verification.

Individuals identify as members of a group and their membership is up to the group to determine.

Groups, such as clubs or other similar affiliations, sometimes use a common identity, such as the name of the group, and those group identities are sometimes used as a basis for various actions. In this case, the relationship tends to be with the group rather than the individuals, and the identity of interest is the group. A member of a marching band, for example, might be treated as any other member of the band and only identified as a band member. It is usually trivial to become a member of such a group and forging identity in this situation requires a simple lie, and perhaps proper attire.

Individuals are "known" to others and identified based on the mutual knowledge.

Many organizations are based on mutual knowledge or introductions. It is up to the person making the introduction to identify the individual, and other members of the group build up trust by trusting the person who introduced the new individual and by mutual shared experiences and knowledge. This transitive trust approach to identity implies that is a member can be fooled, that deception can be leveraged to create a false identity that persists and becomes trusted.

Individuals present or use an organizational identification card or device.

Identity may be verified by possession of an identity card created by the organization. For example, company badges are often used to identify individuals or a more generic form of membership. Depending on the device used, forgery may be trivial or complex. In most cases, it is trivial to create an adequate forgery to be identified by other members of the organization as one of them.

Individuals present credentials issued by a government.

Identification of this sort is typically used to identify individuals for governmental functions and for enterprises to fulfill governmental mandates or due diligence requirements associated with initial identification. When a driver is pulled over on a highway, when applying for a loan, when cashing a check, when crossing borders, and so forth.

Individuals are identified by tracing personal history and doing background checks.

This process is typically undertaken to verify status and criteria for employment and as a matter of diligence for large enterprises. Its purpose is to typically to identify individual characteristics and confirm identity. Statements made and documents provided are compared to background check information to verify veracity of identity and statements made.

Individuals are identified by extensive in-depth background checks.

This process is typically used to confirm the identity of an individual under close scrutiny, such as during an investigation for a governmental security clearance. It allows identity to be confirmed to a reasonable degree even in the presence of nation states seeking to create fictitious people to infiltrate enterprises.

Individuals are identified by forensic methods, such as DNA samples and those of parents and siblings.

This process is used to create the biological basis for identity and is based on comparisons to known samples and confirmation of physiological characteristics. It is most commonly used during forensic work and in legal matters. Except for identical twins, it is extremely effective at matching an individual to a known sample, and is trusted for most purposes for determining biological parents, siblings, and similar identifications.

Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved