JOURNAL (INTERNATIONAL) A Persistent Data Tracking Mechanism for User-centric Identity Governance
Identity in the Information Security
July 01, 2010
Identity governance is an emerging concept for fine-grained conditional disclosure of identity information and enforcement of corresponding data handling policies. Although numerous technologies underlying identity management have been developed, people still have difficulty obtaining a clear picture of how their identity information is maintained, used, and propagated. An identity management framework is described for tracking the history of how a person’s identity information is handled after it is transferred across domains of control and for enforcing meta-policies related to managing identity information distributed over the Internet. With this framework, organizations that manage identity information can improve accountability for their data practices and thereby increase their trustworthiness. The framework also enables users to control and optimize the propagation of their identity information in a user-centric manner.