Monday, March 08, 2010

Microsoft U-Prove technology helps with both security and privacy

At the RSA conference this week, Microsoft announced  the availability of the U-Prove Community Technology Preview (CTP).  The U-Prove CTP integrates with the Microsoft identity platform technologies (Windows Identity Foundation, Windows CardSpace 2.0, and Active Directory Federation Services 2.0) and enables the issuance and presentation of cryptographically protected claims in a manner that provides multi-party security. At the same time, the U-Prove technology enables any desired degree of privacy (including authenticated anonymity and pseudonymity) without contravening multi-party security.

Identity solutions enabled with U-Prove technology that provides more secure and private access to on-premise and cloud based applications through the minimal disclosure of information are critical for establishing trust in information and communication technology (ICT) systems for the health industry to encourage adoption and use of these systems by care professionals, patients, and other users of these health ICT systems. This is about the minimal disclosure of patient data, or consumer health data in general.  Whether it is disclosure someone needs to make as a patient to other parties such as insurance, providers, community health, and pharmacies, or disclosures that other parties need to make about someone’s health information. For example, a patient only needs to disclose that they are over a certain age and that they have valid purchasing credentials to buy certain type of OTC medication without having to reveal their full identity or attributes such as their name or date of birth that are not necessarily needed for this specific transaction.

The U-Prove Cryptographic Specification V1.0 specifies the foundational features of the U-Prove technology. This specification has been published under the Open Specification Promise allowing anyone to use or implement the technology. As noted in the U-Prove CTP Whitepaper, the U-Prove cryptographic specification defines the computational steps of each protocol participant; other details (e.g., the encoding, contents, and storage of U-Prove artifacts) must be specified in an application profile. This provides greater flexibility to use the U-Prove technology in various frameworks. For example, existing security token types (e.g., X.509 certificates, SAML tokens, etc.) could be extended to support the U-Prove technology.

Read more: The WW Health ICT Blog

Posted via email from jasper22's posterous