Title: INTRODUCTION

Introduction

Identity, Identity Management, and eID

Identity is understood as being any subset of attributes of an individual which uniquely characterise this individual within any set of individuals. Put this way, there is no such thing as “the identity” (Hansen et al. 2003). Identity is therefore explained as an exclusive perception of life, integration into a social group and continuity, which is bound to a body and shaped by society. Other models distinguish between ipse-identity (the inner identity of a person) and idem-identity (its external projection) (Nabeth, Hildebrandt 2005). One must therefore recognise a difference between what constitutes an individual and what is used to identify him or her (the subset of attributes).

Once the totality or part of the subset of attributes become digitised then we have a transcendence and transformation of a person’s identity to what we can call an electronic identity (eID hereinafter). The concept of an eID denotes all personal data that can be stored and automatically interconnected by a computer-based application. On a technical level, these attributes are data (Hansen et al. 2003).

The objective of any identity management solution is the identification, authentication and confirmation of an identity. In order to ensure trust among the communicating parties involved, further issues like non-repudiation, confidentiality, availability, and security have to be addressed (Backhouse et al. 2003). Technical solutions like Public Key Infrastructure (PKI), Digital Certificates (DC) and Trusted Third Party Services (TTPS) provide the basis for electronic or virtual identity and ID management. Academic scholars and professionals have been intensively involved with underlying issues such as policy making, liability, risk evaluation, legal frameworks, trustworthiness, data protection, privacy, and revocation (Backhouse 2000, CEN/ISSS 2004, Cowcher 2005, Dhillon and Backhouse 2001).