Critical Need
Identity is at the heart of an organization’s digital transformation path. Successful digital transformation requires confidence in, and protection of digital identities to reduce risks and increase efficiencies. Digital transformation, and the technology that fuels it, must work in service to an organization’s mission and the citizens the organization seeks to serve. Therefore, not just any technology or methodology will suffice.
Research Program Abstract
UT CID is surveying the landscape of requirements and recommendations to answer the following questions:
— Security: How can government best use technology to protect the identity of its citizens?
— Trust: How can government best use technology to ensure confidence in the Identity of citizens and devices involved in digital transactions?
— Risk: How can government best employ a uniform identity methodology to more efficiently and securely provide government services and benefits?
— Privacy: How can government best use technology to ensure the privacy of its citizens?
Potential Impact
To illustrate utility and clarity of the requirements and recommendations, UT CID is employing a COVID vaccine distribution use case to address the pros and cons of decisions required for a digital transformation. To ensure completeness and consistency in the UT CID research, the resultant requirements and recommendations will be organized according to the following lifecycle phases.
— Enroll: collecting identity attributes
— Proof: answering the question, “Is the entity who they say they are?”
— Authorize: assigning privileges to the digital identity
— Issue: delivering credentials with associated privileges to the digital identity
— Authenticate: verifying claimed identity based on presented credentials
— Control Access: controlling access to facilities, goods, and services
— Maintain Updates: updating identity attributes, privileges and credentials
— Store: storing identity attributes to ensure protection and access
— Sunset: supporting the organization’s policy to delete digital identities