what is digital Identity?
The development and widespread use of digital technologies, entities have been able to communicate with each other without being physically present. In some cases, the first meeting and possibly the entirety of the transaction between two parties is held over a digital medium. There is a growing need for trust to be established in transactions over the digital world.
Digital identity is the means that an entity can use to identify themselves in a digital world
(i.e., data that can be transferred digitally, over a network, ile, etc.). The aim of digital identity is to create the same level of conidence and trust that a face to face transaction would generate.
Authentication is a key aspect of trust-based identity attribution, providing a codified assurance of the identity of one entity to another. Authentication methodologies include the presentation of a unique object such as a bank credit card, the provision of confidential information such as a password or the answer to a pre-arranged question, the confirmation of ownership of an e-mail address, and more robust but relatively costly solutions utilising encryption methodologies. In general, business-to-business authentication prioritises security while user to business authentication tends towards simplicity. New physical authentication techniques such as iris scanning, handprinting, and voiceprinting are currently being developed and in the hope of providing improved protection against identity theft.
Usage of digital Identity
Digital identity can be used for authentication. It is where an entity must “prove” digitally that
it is the one that it claims to be. It is at this stage that the credentials of digital identity are used. The simplest form of authentication is the use of a username and corresponding password. This is known as “single factor” authentication, since only a single attribute is used to determine the identity.
Stronger authentication is usually obtained by not only increasing the number of attributes that are used, but also by including different types. To add to the previous example scheme, in addition to the password, an entity could also be called upon to have a particular piece of hardware plugged in, providing a “two factor” scheme (DIGITALID-WORLD, 2005).
Once an entity is authenticated, a digital identity is used to determine what that entity is
authorised to do. This is where the proile of a digital identity is required. As an example, au-
thorisation can be seen as the difference between an “administrator” and a “user” who share the same resource (for example, a computer). Both may be authenticated to use the computer, but the actions that each may do with that resource are determined by the authorisation. Authentication attempts to establish a level of conidence that a certain thing holds true, authorisation decides what the user is allowed to do.Accounting provides an organisation with the ability of tracking unauthorised access when it occurs. Accounting involves the recording and logging of entities and their activities within the context of a particular organisation, Web site, and so forth.