Are we to understand that you make a distinction between an “identity” and an “identifier”?

Therefore, though I looked carefully at the use of terms in CS and even consulted with a friend who is a CS professor, I chose the terms that work the best, and are most consistent with their meanings, in plain English.

You appear to be using the term “identity” where I would use “identifier.” And what you are calling the “value” of an *identity*, I would discuss as the value of a *transaction*. A low-value transaction like access to a Hotmail account requires username and passcode, two low-quality identifiers. A high-value transaction like a creation of a deed of trust will require high-quality identifiers like a signature or in-person appearance (each a use of biometrics).

In Chapter 7, I discuss the three variables that affect identifier quality: fixity, distinctiveness, and permanence. Chapter 8 is about the role of risk management in choosing identifiers and Chapter 9 deals with advanced identification techniques that help balance the need for speed against the need for accuracy in confirming identity.

I think we’re in general agreement on how the processes work, but we probably have much more to hash out on how to talk about it. It’s important because jargon that obscures these things from the general public will suppress the adoption of new ways of doing identification and credentialing.

Therefore, though I looked carefully at the use of terms in CS and even consulted with a friend who is a CS professor, I chose the terms that work the best, and are most consistent with their meanings, in plain English.

You appear to be using the term “identity” where I would use “identifier.” And what you are calling the “value” of an *identity*, I would discuss as the value of a *transaction*. A low-value transaction like access to a Hotmail account requires username and passcode, two low-quality identifiers. A high-value transaction like a creation of a deed of trust will require high-quality identifiers like a signature or in-person appearance (each a use of biometrics).

In Chapter 7, I discuss the three variables that affect identifier quality: fixity, distinctiveness, and permanence. Chapter 8 is about the role of risk management in choosing identifiers and Chapter 9 deals with advanced identification techniques that help balance the need for speed against the need for accuracy in confirming identity.

I think we’re in general agreement on how the processes work, but we probably have much more to hash out on how to talk about it. It’s important because jargon that obscures these things from the general public will suppress the adoption of new ways of doing identification and credentialing.

Re: my first paragraph above: I phrased this in an odd way. I was trying to make two points. First, your definition of identification seems to focus on the matching between a token and its associated state and privileges. To me that just sounds like authorization. There’s always an authentication step, even if that step’s as simple as recognizing your sister’s face. Second, your criteria for calling something an “identity” seems to be based on how valuable that thing is. But there’s always an identity involved whenever two interactions need to be linked. The distinction between identities and non-identities is unclear.

The rest of my comment was an elaboration on these two ideas.

Re: my third paragraph above: legal punishments are not better authentication mechanisms, but they are ways that we dissuade spoofing of the authentication mechanisms that exist.

The Hotmail user foobar123@hotmail.com is a low-value identity, and accordingly one uses low-strength mechanisms (username and password) to authenticate that identity.

The “Jim Harper” account-holder at Bank X is a high-value identity, and accordingly one presumably uses high-strength mechanisms (principally, the various punishments available within the legal system) to authenticate that identity.

There is no hard distinction between foobar123@hotmail.com and “Jim Harper” at Bank X. Both identities persist between interaction sessions and have associated privileges. It is not the case that one is an “identity” and the other is not.

Also, ATM withdrawals and airplane flights do require identification, although not in precisely the way Tim means.

First, both writing a check and making an ATM withdrawal hinge on a spoofable authentication process, so I don’t see the distinction you’re trying to draw here. Presumably there are even circumstances (you break your hand and your wife takes care of writing the checks this month) when you would want the check-writing process to be spoofed. The reason ATMs use different authentication mechanisms than checks is simply a matter of engineering the right cost/benefit tradeoff for preventing these two kinds of crime.

Second, the process of riding on an airline flight does require identity, although not the high-value flesh-and-blood human identity that you’re talking about. When I reserve a ticket online, pick up the boarding pass at an e-ticket machine, and present that pass to board my flight, the airline necessarily cares a great deal that the person or persons who do these three things are connected somehow. If someone else spoofs the process and picks up my ticket, then the airline will have an unhappy customer on their hands. The relevant identity here is “Passenger 123″, which may represent one person or a group of people (maybe someone else makes my reservation for me and fetches my boarding pass), but it is nonetheless an identity that persists between interactions and possesses privileges.

Where you’re getting tripped up is the fact that the airlines insist that you surrender a much longer-lived and higher-value identity, not just “Passenger 123″, for no good reason.

Incidentally, a better discussion of the relationship between identity, authentication, and access control is found at the Wikipedia article on access control. To be blunt, you seem to be making up new definitions for words that have relatively standard meanings in computer security.