Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Challenges of Online Identity Assurance in a Judicial Setting Alison Knight, Supervisors: Prof. Steve Saxby (Law) & Dr. Mark Weal (ECS) Law ILAWS dog.

Published byChristian Phelps Modified over 9 years ago

Similar presentations

Presentation on theme: "The Challenges of Online Identity Assurance in a Judicial Setting Alison Knight, Supervisors: Prof. Steve Saxby (Law) & Dr. Mark Weal (ECS) Law ILAWS dog."— Presentation transcript:

1 The Challenges of Online Identity Assurance in a Judicial Setting Alison Knight, Supervisors: Prof. Steve Saxby (Law) & Dr. Mark Weal (ECS) Law ILAWS dog judge! Welcome User 39 … Who are you today? …

2 Our life in data… from cradle to grave The potential to chronicle individual lives exceeds anything previous in human history The ‘datafication’ of our lives involves a large ecosystem of participants, including identity intermediaries

3 Identity assurance is characterised by identification and authentication processes Authentication is the process of associating attributes with a known entity 1-factor authentication 2-factor authentication 3-factor authentication Self-assertion Third party verification Direct verification Detailed direct verification The user makes a self-assertion of identity and there are no checks Verification of identity is direct and detailed (e.g. for passport) Verification of identity is direct (e.g. background check of clients) Verification is left to third party (e.g. phone number) Identification is the process that makes known an entity in a given domain 1) ISO/IEC 24760 Strong Digital Identities are characterised by a process of identification and authentication that is able to ensure the verification of the data provided by the individual and the secure authentication to its user profile Soft Digital Identities, although sometimes they are used for commercial transactions (i.e. Amazon), do not require identification and authentication processes with high security levels (e.g. Social Networking Sites). These soft identities normally consist of a user name and a password plus several attributes needed to use the specific services Strong Digital Identities are characterised by a process of identification and authentication that is able to ensure the verification of the data provided by the individual and the secure authentication to its user profile Soft Digital Identities, although sometimes they are used for commercial transactions (i.e. Amazon), do not require identification and authentication processes with high security levels (e.g. Social Networking Sites). These soft identities normally consist of a user name and a password plus several attributes needed to use the specific services + - Level of trust The authentication is done through something that you know, or you have (i.e. password) The authentication is done through something that you know and you have (i.e. token and PIN) The authentication is done through something that you know, you are and you have (i.e. token, PIN, biometric)

4 What is the problem for the courts?

5 Research scope: example – how do the courts authenticate authorship of a piece of social media text? Direct evidence Circumstantial evidence Court Individual A? Presented by Individual B impersonating Individual A?

6 Technical challenges of authenticating authorship of online text How do courts establish who is behind the keyboard? O Basic traceability issues Who is behind an IP address? Can you fake ‘metadata’ (machine-generated data about data)? O The ‘account owner’ gap Who uses an account? Passwords are poor identifiers

7 Research value – trending now… “ Social media (criminal law, evidence and procedure): The criminal law and criminal rules of evidence and procedure may not have kept pace with the technological and social developments flowing from the rapid and widespread take- up of social media, such as Twitter and Facebook. …There are evidential challenges, for example in proving authorship and in relation to the technology used to generate and communicate messages through these media.” Law Commission 2013, consultation for 12 th programme of law reform, c. 2016 start? “In relation to the problem of matching internet protocol addresses [to particular internet users], my Government will bring forward proposals to enable the … investigation of crime in cyberspace.“ (Background briefing note: “…need to know who used a certain IP address at a given point in time”) Queen’s Speech to Parliament in 2013

8 Thank you for listening Comments & Questions? More information at: http://www.southampton.ac.uk/superidentity/

Download ppt "The Challenges of Online Identity Assurance in a Judicial Setting Alison Knight, Supervisors: Prof. Steve Saxby (Law) & Dr. Mark Weal (ECS) Law ILAWS dog."

Similar presentations

www.dynamicsoft.com Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.
Digital Identity is a set of attributes of a person or company in a specific domain. An entity has multiple Digital Identities. Identity is a set of attributes.

Digital Identity is a set of attributes of a person or company in a specific domain. An entity has multiple Digital Identities. Identity is a set of attributes.
1 Jan 2013 © 2002-2013 Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered.

1 Jan 2013 © Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered.
Identity Assurance at Virginia Tech CSG January 13, 2010 Mary Dunker

Identity Assurance at Virginia Tech CSG January 13, 2010 Mary Dunker
Functional component terminology - thoughts C. Tilton.

Functional component terminology - thoughts C. Tilton.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Authentication & Kerberos

Authentication & Kerberos
INFORMATION TECHNOLOGY LAW LECTURE 3- ELECTRONIC SIGNATURE Dr. Kadir Bas.

INFORMATION TECHNOLOGY LAW LECTURE 3- ELECTRONIC SIGNATURE Dr. Kadir Bas.
The key aim for the week is: To ensure children are able to recognise and challenge bullying behaviour wherever it happens - whether face to face or in.

The key aim for the week is: To ensure children are able to recognise and challenge bullying behaviour wherever it happens - whether face to face or in.
A Third Party Service for Providing Trust on the Internet Work done in 2001 at HP Labs by Michael VanHilst and Ski Ilnicki.

A Third Party Service for Providing Trust on the Internet Work done in 2001 at HP Labs by Michael VanHilst and Ski Ilnicki.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.

User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
CSE331: Introduction to Networks and Security Lecture 24 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 24 Fall 2002.
Wildman Harrold | 225 West Wacker Drive | Chicago, IL 60606 | (312) 201-2000 | wildman.com Wildman, Harrold, Allen & Dixon LLP Identity Management: The.

Wildman Harrold | 225 West Wacker Drive | Chicago, IL | (312) | wildman.com Wildman, Harrold, Allen & Dixon LLP Identity Management: The.
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
Republic of Sudan Ministry of Telecoms & Information Technology National Committee for Digital Certification ELECTRONIC ID IN ONLINE ADMISSION FOR UNIVERSITIES.

Republic of Sudan Ministry of Telecoms & Information Technology National Committee for Digital Certification ELECTRONIC ID IN ONLINE ADMISSION FOR UNIVERSITIES.
Masud Hasan 03-60-475 Secure Email Project 1. Secure Email It uses Digital Certificate combined with S/MIME capable email clients to digitally sign and.

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Virtual Private Networks Alberto Pace. IT/IS Technical Meeting – January 2002 What is a VPN ? u A technology that allows to send confidential data securely.

Virtual Private Networks Alberto Pace. IT/IS Technical Meeting – January 2002 What is a VPN ? u A technology that allows to send confidential data securely.

Similar presentations

Ads by Google