Information
Full Title or Meme
Information = Data + Context.
Context
Here is a datum (i.e., a single piece of data):
I do not like okra. It’s like eating zucchini with hair. I don’t care how you prepare it. I don’t like okra. That specific fact is essentially useless. Unless you invite me to dinner. Then it’s useful. There. That’s the difference between data and information. Data is not information until it is useful. https://www.hpe.com/us/en/insights/articles/the-privacy-equation-data-is-not-information-until-it-is-useful-1805.html
Problem
Information is what is needed to inform a decision. In Identity Management a collection of information is all that is available to identify a correspondent in an internet interchange. That is the core problem whether the goal is to track a potential customer, or to allow access to a valuable resource.
Solution
Regardless of the level of assurance that is needed to make the identity decision, the process is the same, the replying party continues to collect information about the subject until the authorization decision threashold is reached. Notice that authentication is not a part of the process. There is really no point when the relying party ever knows who the subject really is. There is only a process of increasing knowledge of attributes attached to a subject identifier
Karl Popper described this process back in 1937[1] as proving an hypothesis. The subject starts with a subject identifier and adds details as additional attributes and until it can be assured. But notice that at a very early stage in this proofing process sufficient attributes have been supplied to allow tracking to other instances of that same real world person to be linked to the local user object. Or, in other words, identification is simply incompatible with privacy.
Referces
- ↑ Karl Popper
