In Search of Manageable Identity Systems

Efforts to design and successfully deploy network-based identity-management systems have been unsuccessful. One possible new approach is visible when comparing Internet identity protocol designs with systems used in financial services. Keeping the risks in mind, we should embrace systems that help reduce the uncertainty associated with online transactions. Neither the composite nor unitary approach yield a perfectly secure or reliable system, but Internet and Web system designers can learn a lot from the former. Not only has it proven itself in large-scale systems, but it's also more true to the way we think of identity in human terms. Interpersonal interactions involve assessing identity assertions' reliability according to numerous subtle factors, rather than applying a mechanical checklist. Adopting a more composite approach to identity lets us build systems that provide great reliability and flexibility in the inherently complex process of assessing whether we can trust the identities of those we deal with online