CIT Requirements

[We have a lot of work to do to capture what we already think we know of the requirements. I've jotted a few notes below -Paul]

Reduce the number of passwords required
Provide an easy, practical way to allow users to exercise their rights to grant/revoke sharing/accessing personal data with respect to entire sets of organizations and institutions.
Provide a way to access (e.g. to ensure correctness) of the user's information stored in various data brokers (whether or not they are using the CIT technology).

Only reveal information identifying a user with the user�s consent. (e.g. see Kim's (#1) Law of Control)

The identifiers used by the system must only reveal information identifying a user with the user�s consent. (see Drummond's #1a)

Disclose the least possible information about the owner (especially identifying information) in any given context. (e.g. see Kim's (#2): Law of Minimal Disclosure).

Discourage the use of personal information (e.g. SSN) from being used as passwords to gain access.

Support both "omnidirectional" identifiers for use by public entities and "unidirectional" identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles. (see Kim's (#4) Law of Directed Identity)
Provide notice. The user must be informed as to what agencies, data brokers and other institutions are collecting their personal data.
Disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship.(See: Kim's (#3) Law of Fewest Parities.)
Users control what aspects of themselves are visible to what other people, groups and institutions in a wide variety of online contexts.

Last Modified 4/11/05 12:30 PM