Trust Frameworks and Asymptotic Identity Proofing: A Systems Approach

 

MIT SDM Systems Thinking Webinar SeriesDavid Hartzband

David Hartzband, D.Sc.
Lecturer, MIT Engineering Systems Division

Download the presentation slides

Date: June 3, 2013

About the Presentation

Any time confidential information is aggregated or stored on the Internet, there is an expectation of data privacy. This expectation may come from end users whose personal, financial, healthcare, and other sensitive information is being gathered (and potentially used), or from intermediate users such as doctors accessing health records, bankers accessing financial information, or from a variety of other sources.

Historically, privacy in such systems has been synonymous with security, and security policies have been defined within the confines of a single application or, at best, within a single closed distributed system. Many current systems use a federated approach to address these problems, but it should come as no surprise that a systems approach based on network principles is more effective at providing both security and privacy.

A White House initiative started in 2011, called the National Strategy for Trusted Identities in Cyberspace (NSTIC), focuses on the provision of trusted identities in a variety of online contexts. The presenter, David Hartzband, D.Sc., is a principal investigator in a NSTIC grant funded by the National Institute of Standards and Technology. The grant, titled “An Identity Ecosystem for Patient-Centered Coordination of Care,” links two health information exchanges with a unique policy-enabled authentication, authorization, and identity proofing system that can gather and utilize identity attributes from disparate sources and use them to provide a very high level of assurance for cyber identities. Hartzband will discuss several use cases from the grant pilot as well as the following topics:

  • The need for trusted identities in healthcare (and elsewhere)
  • The role of identity in online privacy and security
  • The design of the NSTIC healthcare project and pilot
  • The architecture and function of identity syndication
  • A probability model for identity syndication
  • What’s next in the development of trusted identities

About the Speaker

A lecturer in MIT’s Engineering Systems Division, David Hartzband, D.Sc., has spent more than 20 years in software design and development. He joined MIT in 2004 after serving as vice president for collaboration technology at EMC Corporation. He has a wide range of experience at both large and small companies, including Digital Equipment Corporation, Riverton Software, Upstream Consulting, eRoom Technology, and Documentum. Recently, he has worked almost exclusively in healthcare information technology, designing products and working with early-stage companies on business and technology strategy. In the past four years, he has worked on several large federal grants: he is the co-principal investigator for the SCAlable National Network for Effectiveness Research and principal investigator for the NSTIC Identity Ecosystem for Patient-Centered Coordination of Care.

About the Series

The MIT System Design and Management Program Systems Thinking Webinar Series features research conducted by SDM faculty, alumni, students, and industry partners. The series is designed to disseminate information on how to employ systems thinking to address engineering, management, and socio-political components of complex challenges. Presentation slides and recordings of previous webinars are available at sdm.mit.edu/voices/webinars.html.