Pseudonym

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

A Pseudonym is a name used in place of a real name, but that is expected to have a continuing association with a real entity for an extended period of time.

Context

  • Many web sites require users to have a persistent user name which is unique on their site to identify the user.
  • As a general rule Web Sites, and as a practical rule Identifier or Attribute Providers require that the pseudonym be unique within their domain; thus the pseudonym@domain.tld will be a valid URI.
  • Some providers will reuse pseudonyms once a connection to a real user has been broken for some specified period of time. Email addresses, in particular, typically have this characteristic.

Problems

  • Users may wish to have some name that is not associated with their real name when the web site requires a persistent user name.
  • In contexts where names are not validated (of low Assurance) the problem arises that trolls many adopt the name of some well-known person to be able to make statements that falsely appear to be from the real person.[1]

Solutions

  • Users are often asked to use their email address as a local user name since the email address is known to be a URI and hence unique in the internet.
  • When the user has an option, they often pick some sort of description name, such as a gamertag in a role playing game, which is tested for uniqueness within the relevant name domain.
  • When a user needs to provide some sort of validated attribute for the duration of a session at a web site, a session ID might provide sufficient security to bind the verified attribute for the session duration.

References

  1. Jack Nicas, Oprah, Is That You? Most Likely, It's Not. 2018-07-08 New York Times page BU1

Other Links

  • Synonyms for a Pseudonym include User Name, display name, gamertag, nom de guerre, Subject ID (sub) or (on Facebook) Fake Name subject to arbitrary termination.
  • Anonym is not used in the context of identity as it does not provide one. It may be used as the condition (Anonymous) of a user prior to accepting (1) a cookie, (2) a fixed IP address, (3) an HTTPS connection or (4) a request for an Identifier.