Identity Trust Framework for iGaming

The online gambling community, or the iGaming industry in the United States has individual solutions and a mix of classic processes to manage universal customer identity but it lacks a standard identity management framework in which to enroll new iGaming users, monitor those users and ensure secure transactions, which leaves it open to identity theft and financial fraud. The iGaming industry offers online poker, sports betting and casino table games. iGaming providers (provider/providers) include companies such as PartyPoker.com, Pokerstars.com, Bovada.com, BetOnline.com among others. An iGaming player (player/players) is anyone who plays to gamble on games through the Internet. This report focuses on the requirements and specification for an Identity Trust Framework to enhance security and privacy in the United States iGaming industry and players.Informatio

A Network-Economic Policy Study of Identity Management Systems and Implications for Security and Privacy Policy

Solving the problems associated with identity management in the “virtual” world is proving to be one of the keys to full realization of the economic and social benefits of networked information systems. By definition, the virtual world lacks the rich combination of sensory and contextual cues that permit organizations and individual humans interacting in the physical world to reliably identify people and authorize them to engage in certain transactions or access specific resources. Being able to determine who an online user is and what they are authorized to do thus requires an identity management infrastructure. Some of the most vexing problems associated with the Internet (the deluge of spam, the need to regulate access to certain kinds of content, securing networks from intrusion and disruption, problems of inter-jurisdictional law enforcement related to online activities, impediments to the sharing of distributed computing resources) are fundamentally the problems of identity management. And yet, efforts by organizations and governments to solve those problems by producing and consuming identity systems may create serious risks to freedom and privacy. Thus the implementation and maintenance of identity management systems raises important public policy issues. The identity management systems (the IMS-s) often tend to require more information from the consumers than would otherwise be necessary for the authentication purposes. The typical choice being analyzed in IMS is the one between a completely centralized or integrated system (one ID - one password, and a single sign-on) and the one comprising a plethora of (highly) specialized IMS-s (multiple ID-s and passwords). While the centralized system is the most convenient one, it is also likely to require too much personal information about the users, which may infringe on their rights to privacy and which definitely will result in serious damage should this personal information be stolen and/or abused. When more than two IMS-s interconnect (more of a practical side with various types of commercial values), they share the private information with each other, thus increasing consumers’ exposure to possible information misuse. It is thus rather obvious that the public policy plays an important role to maintain the structure of identity management systems ensuring the existence of a sound balance between the authentication requirements and consumers’ rights to privacy. The focus of this paper is on investigating this type of tradeoff by employing a theoretical framework with agents whose utility depends on the amount of private information revealed, and on making policy recommendations related to the issue of interconnection between alternative IMS-s. Our model derives optimal process of interconnection between IMS-s in the simple case of three IMS-s, then generalizing it to the case of more than three firms. The socially optimal outcome of the interconnection process in our model implies encouraging the interconnection between smaller rather than larger IMS-s.Networks; Interconnection; Identity Management; Regulation Policy

Social and Political Dimensions of Identity

We study the interior regularity of solutions to the Dirichlet problem Lu = g in Omega, u = 0 in R-nOmega, for anisotropic operators of fractional type Lu(x) = integral(+infinity)(0) dp integral(Sn-1) da(w) 2u(x) - u(x + rho w) - u(x - rho w)/rho(1+2s). Here, a is any measure on Sn-1 (a prototype example for L is given by the sum of one-dimensional fractional Laplacians in fixed, given directions). When a is an element of C-infinity(Sn-1) and g is c(infinity)(Omega), solutions are known to be C-infinity inside Omega (but not up to the boundary). However, when a is a general measure, or even when a is L-infinity(s(n-1)), solutions are only known to be C-3s inside Omega. We prove here that, for general measures a, solutions are C1+3s-epsilon inside Omega for all epsilon > 0 whenever Omega is convex. When a is an element of L-infinity(Sn-1), we show that the same holds in all C-1,C-1 domains. In particular, solutions always possess a classical first derivative. The assumptions on the domain are sharp, since if the domain is not convex and the measure a is singular, we construct an explicit counterexample for which u is not C3s+epsilon for any epsilon > 0 - even if g and Omega are C-infinity

Governance Models for Interoperable Electronic Identities

Current implementations of electronic identity in Europe are rather diverse; they include state-driven identity management frameworks as well as private sector frameworks and different forms of public-private collaborations. This diversity may represent a major challenge for the deployment of information society services addressed towards the European internal market. This raises the question: How can we achieve interoperability of electronic identities across Europe, and potentially beyond Europe’s borders? This paper argues that the interoperability of electronic identity could be governed by a multi-stakeholder governance framework that brings together different parties with interests in the provision and use of electronic identities. Such a governance framework could, for example, consist in designing and operating a portal with common functionalities that allows interoperable authentication across multiple domains and contexts. Inspiration for the governance of such a portal could come both from existing successful implementations of electronic identity and from multi-stakeholder institutions that have proven useful in Internet governance.

SuperIdentity: fusion of identity across real and cyber domains

Under both benign and malign circumstances, people now manage a spectrum of identities across both real-world and cyber domains. Our belief, however, is that all these instances ultimately track back for an individual to reflect a single ‘SuperIdentity’. This paper outlines the assumptions underpinning the SuperIdentity Project, describing the innovative use of data fusion to incorporate novel real-world and cyber cues into a rich framework appropriate for modern identity. The proposed combinatorial model will support a robust identification or authentication decision, with confidence indexed both by the level of trust in data provenance, and the diagnosticity of the identity factors being used. Additionally, the exploration of correlations between factors may underpin the more intelligent use of identity information so that known information may be used to predict previously hidden information. With modern living supporting the ‘distribution of identity’ across real and cyber domains, and with criminal elements operating in increasingly sophisticated ways in the hinterland between the two, this approach is suggested as a way forwards, and is discussed in terms of its impact on privacy, security, and the detection of threa