This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Identity Management's Misaligned Incentives
November/December 2010 (vol. 8 no. 6)
pp. 90-94
Jean Camp, Indiana University
With the publication of the National Strategy for Trusted Identities in Cyberspace (NSTIC), the US federal government attempts to solve what it asserts is the identity problem on the Internet. Identity, however, is often confused with authentication or authorization. This linguistic confusion masks the core problem: perverse incentives in digital risk management.

1. National Strategy for Trusted Identities in Cyberspace (Draft),25 June 2010; www.dhs.gov/xlibrary/assets/ns_tic.pdf.
2. A.M. Odlyzko, "Privacy, Economics, and Price Discrimination on the Internet," Proc. 5th Int'l Conf. Electronic Commerce (ICEC 03), N. Sadeh, ed., ACM Press, 2003, pp. 355–366.
3. G. Hardin, "The Tragedy of the Commons," Science, vol. 162, 1968, pp. 1243–1248.
4. "Flash Drive Caused Pentagon Cyber Attack," ABC News, 26 Aug. 2010; www.abc.net.au/news/stories/2010/08/26/2994301.htm.
5. C. Hoofnagle, "Internalizing Identity Theft," UCLA J. Law and Technology, vol. 13, no. 2, 2009; www.lawtechjournal.com/articles/2009/02_100406_Hoofnagle.pdf.
6. P. Samuelson, "DRM {and, or, vs.} the Law," Comm. ACM, vol. 26, no. 4, pp. 41–45.
7. Y. Gernter, T. Malkin, and S. Myers, "Towards a Separation of Semantic and CCA Security for Public-Key Encryption," Proc. 4th Annual Theory of Cryptography Conf., LNCS, Springer, 2007, p. 20.
8. R. Dingledine and N. Mathewson, "Anonymity Loves Company: Usability and the Network Effect," Proc. 5th Workshop Economics of Information Security (WEIS 06), 2006; http://weis2006.econinfosec.org/docs/41.pdf.
9. D. Solove, The Digital Person, New York Univ. Press, 2004.

Index Terms:
Security & privacy, incentive alignment, digital risk management, National Strategy for Trusted Identities in Cyberspace, NSTIC, authentication, economics of security
Citation:
Jean Camp, "Identity Management's Misaligned Incentives," IEEE Security & Privacy, vol. 8, no. 6, pp. 90-94, Nov.-Dec. 2010, doi:10.1109/MSP.2010.178
Usage of this product signifies your acceptance of the Terms of Use.