Issue No.06 - November/December (2010 vol.8)
Jean Camp , Indiana University
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.178
With the publication of the National Strategy for Trusted Identities in Cyberspace (NSTIC), the US federal government attempts to solve what it asserts is the identity problem on the Internet. Identity, however, is often confused with authentication or authorization. This linguistic confusion masks the core problem: perverse incentives in digital risk management.
Security & privacy, incentive alignment, digital risk management, National Strategy for Trusted Identities in Cyberspace, NSTIC, authentication, economics of security
Jean Camp, "Identity Management's Misaligned Incentives", IEEE Security & Privacy, vol.8, no. 6, pp. 90-94, November/December 2010, doi:10.1109/MSP.2010.178