Search:

Privacy, Trust & Security

From inception, the Liberty Alliance has put heavy emphasis on privacy. Not only do our specifications reflect this, but also the work done by our Policy Expert Group and the guidance this group of experts provides across the Alliance. The decisions made in developing technology were all made to enhance privacy and make it easier to implement good privacy practices.

Nontechnical Privacy Features

  • User consent
    • All of the relevant specifications explicitly support user consent for relevant transactions
  • User choice of identity providers
    • Federated architecture allows users to choose an identity provider, or even multiple providers, independent of the used network or service, with Liberty Alliance standards tying all of these providers together as a cohesive whole
    • Selection is only constrained by laws, regulations and business models, not the Liberty specifications
  • Decentralized or federated storage of PII or other information related to your identity
    • Federated architecture allows the information related to a specific identity to be stored in relevant locations defined by the user, government, or business relationship between the consumer and certain Service Provider
    • Storage of PII or other identity related information is only constrained by laws, regulations and business models, not by the Liberty specifications
    • Liberty specifications support a variety of storage scenarios, including client-hosted
    • Simplified password management

Technical Privacy Features

  • XML Signature
    XMLDSig allows a proper verification of the transaction parties, and if messages are signed and stored, allows for later auditing.
  • Pseudonymous access
    Identity federation in Liberty creates a pseudonym, constructed of a random set of characters, and being unique in the context of a specific identity provider and service provider.
  • Anonymous Access
    Liberty specs provide means for a service provider to access identity services without a need to know who the user they are providing services to really is
  • Usage Directives
    Allows for indication of associated privacy policy in both a request and reply for principal attributes
  • Consent header block
    SOAP header block used to explicitly assert that the Principal consented to the present interaction
  • Interaction Service
    The Interaction Service specification defines schemas and profiles that enable an identity service to interact with the owner of the information exposed by that identity service
  • Client-hosted identity services

Liberty's architecture includes mechanisms designed to support the storage and serving of identity data from resource constrained devices

  • Enhanced Client Proxy

Protocols and processing in the standards take advantage of enhanced client capabilities to provide maximum control over identity sharing through active client mediation

Additional Resources

Liberty Whitepaper: Privacy and Security Best Practices

Given the amount of personal information under consideration with federated implementations, Liberty has developed Deployment Guidelines for implementers with an eye toward the privacy considerations

Liberty Whitepaper: Liberty Architecture Framework for supporting Privacy Preference Expression Languages (PPELs)

Overview presentation about Liberty and Privacy.

Find all of the Liberty Alliance specifications here.

Specifications

This paper provides a privacy policy taxonomy and an overview of XML-based syntaxes. It also provides a thorough review of the on Liberty ID-WSF as a Privacy Policy Framework.

ITU-T Workshop on Digital Identity for NGN, Presentation on Privacy

Liberty Alliance formed the Identity Assurance Expert Group (IAEG) to foster adoption of identity trust services. Utilizing initial contributions from the e-Authentication Partnership (EAP) and the US E-Authentication Federation, the IAEG's objective is to create a framework of baseline policies, business rules, and commercial terms against which identity trust services can be assessed and evaluated. The goal is to facilitate trusted identity federation to promote uniformity and interoperability amongst identity service providers. The primary deliverable of IAEG is the Liberty Identity Assurance Framework (LIAF).

The LIAF leverages the EAP Trust Framework [EAPTrustFramework] and the US E-Authentication Federation Credential Assessment Framework ([CAF]) as a baseline in forming the criteria for a harmonized, best-of-breed industry identity assurance standard. The LIAF is a framework supporting mutual acceptance, validation, and life cycle maintenance across identity federations. The main components of the LIAF are detailed discussions of Assurance Level criteria, Service and Credential Assessment Criteria, an Accreditation and Certification Model, and the associated business rules.

Assurance Levels (ALs) are the levels of trust associated with a credential as measured by the associated technology, processes, and policy and practice statements. The LIAF defers to the guidance provided by the National Institute of Standards and Technology (NIST) Special Publication 800-63 version 1.0.1 [NIST800-63] which outlines four (4) levels of assurance, ranging in confidence level from low to very high. Use of ALs is determined by the level of confidence or trust necessary to mitigate risk in the transaction.

The Service and Credential Assessment Criteria section in the LIAF will establish baseline criteria for general organizational conformity, identity proofing services, credential strength, and credential management services against which all CSPs will be evaluated. The LIAF will also establish Credential Assessment Profiles (CAPs) for each level of assurance that will be published and updated as needed to account for technological advances and preferred practice and policy updates.

The LIAF will employ a phased approach to establishing criteria for certification and accreditation, first focusing on the certification of credential service providers (CSPs) and the accreditation of those who will assess and evaluate them. The goal of this phased approach is to initially provide federations and Federation Operators with the means to certify their members for the benefit of inter-federation and streamlining the certification process for the industry. Follow-on phases will target the development of criteria for certification of federations, themselves, and a Best Practice guide for relying parties.

Finally, the LIAF will include a discussion of the business rules associated with IAEG participation, certification, and accreditation.

Use this form to submit feedback on the Identity Assurance Framework document

The Liberty Public Policy Expert Group (PPEG) has run a programme of Privacy Summit events across the globe, with past events held in Berlin, Brussels, Washington DC, London, Basel, Yokohama, Tokyo and Stockholm.

The aim of these events has been to get privacy stakeholders from many different disciplines (IT, policy, regulation, legal, academic) round the table for a free-form, peer to peer discussion of strategic issues and possible solutions.

As the series unfolded, we quickly found that a major stumbling block was the lack of a shared terminology and model for the basic concepts of identity data and privacy. It was too easy for useful discussions of 'second-order' topics such as trust and privacy to get mired in largely unnecessary confusion over basic concepts and terminology. As a result, we used the Berlin and Brussels summits to generate reports which we believe help move towards such shared understanding.

In particular, the Brussels report sets out simple models which illustrate the different 'layers' of identity data, their application in different 'sectors' (such as employment, healthcare, tax and so on), and the relative roles of credentials, attributes and indices. The report then illustrates concepts such as identity 'contexts', the establishment of contexts which span sectors, and some of the ways in which architecture, technology and policy need to interact in order for the system as a whole to function correctly.

We used the Washington DC summit as an opportunity to test the usefulness of these models, and found that they quickly allowed us to establish a common level of understanding amongst all the participants. That enabled us to move on to a productive discussion of the 'second-order' topics and capitalise fully on the skills and experience of the assembled stakeholders.

In subsequent meetings, we complemented these simple 'identity and privacy' models with a further set which explain why a multi-stakeholder 'identity and privacy' discussion can be difficult to manage, what factors can prevent one from reaching the 'second-order' concepts mentioned above, and what to do about it. Again, we tested these models at the summits in London and Basel, and have continued to make use of them in subsequent meetings.

The report from the London and Basel meetings contains both sets of models, so as to make them available in a single convenient document.

Privacy Summits

The Liberty Public Policy Expert Group (PPEG) has run Privacy Summit events world-wide, gathering privacy stakeholders from many different disciplines (IT, policy, regulation, legal, academic) for a peer-to-peer discussion of strategic issues and possible solutions. Through the Summits, some key lessons have been learned, and simple models derived which help remove many of the obstacles to a productive, multi-stakeholder discussion of privacy issues. These lessons and model are reviewed in this presentation, along with trends to watch for in the future.

Webcast: Identity Governance Framework: New Standards to Protect Privacy Through Governing Policy

Digital networks offer people new opportunities. Taking advantage of these opportunities, however, will depend on whether we can improve our ability to authenticate identity online. Weak authentication distorts social interactions, security, and business on the Net. Without better authentication, we will forgo many opportunities and the Net will remain a place that holds considerable risk.

Authentication technologies that can create digital credentials that are secure, but not necessarily trustworthy. This anomaly explains how we ended up where we are today – in a situation where we have very strong credentials that are not widely trusted and therefore not widely used. The problem – and the solution – to authentication do not lie with technology. Better authentication requires expanding trust, but trust is in short supply on the Internet. This paper explores what is needed for a solution.

Authentication 2.0--New Opportunities for Online Identification, a paper by CSIS