Show Abstract
Individuals declare their identities to online network providers with credentials such as usernames, passwords, and email addresses. To obtain these credentials from providers, users enroll by providing identity attributes, or collections of personal identifiable information (PII), such as phone numbers. Credentials vary in trustworthiness, and thus, so do identities. In search of better methods for increasing trustworthiness, we present a computational model of identity attributes described as an Identity Ecosystem to determine which are most vulnerable to malicious users. Using existing data from the U.S. Army and Department of Defense, wecmodel relationships between attributes as transition probabilities and analyze the long-run probability of all connected attributes being affected by one compromised attribute. This approach allows the provider to determine how best to weight relationships between attributes and thereby become more secure. Copyright is held by the owner/author(s). Publication rights licensed to ACM.
CITATION:
Soeder, B., & Barber, K. S. . Trustworthiness of identity attributes. In Proceedings of the 7th International Conference on Security of Information and Networks, (SIN 2014), vol. 2014-September, pp. 4-8, 2014.