Skip to Main Content
The National Academies of Sciences, Engineering and Medicine
Computer Science and Telecommunications Board
Computer Science and Telecommunications Board
Division on Engineering and Physical Sciences
Current Projects
Completed Projects
Publications by Year
Publications by Topic
News & Events
Cyber Forum
CSTB's Mission
CSTB's Impact
Board Membership

Contact Us
500 Fifth Street NW
Washington, DC
Phone: (202) 334-2605
Fax: (202) 334-2318

Follow CSTB on
Facebook and Twitter


CSTB is a part of the
Division on Engineering and Physical Sciences.

Sign up for the DEPS newsletter.



Authentication Technologies and Their Privacy Implications


 IDs -- Not That Easy: Questions About Nationwide Identity Systems aims to highlight some of the challenging policy, procedural, and technological issues presented by nationwide identity systems. Its goal is to raise the level of discussion among policymakers and stakeholders about whether such systems are desirable or feasible. (2002)
 Who Goes There? Authentication Through the Lens of Privacy explores authentication technologies (including passwords, PKI, biometrics, etc.) and their implications for the privacy of the individuals being authenticated. As authentication becomes ever more ubiquitous, understanding its interplay with privacy is vital. The report examines numerous concepts, including authentication, authorization, identification, privacy, and security. It provides a framework to guide thinking about these issues when deciding whether and how to use authentication in a particular context. The report explains how privacy is affected by system design decisions. It presents steps one can take to mitigate adverse privacy effects of authentication systems. The report also describes government's unique role in authentication and what this means for how government can use authentication with minimal invasions of privacy. In addition, the report outlines usability and security considerations, and it provides a primer on privacy law and policy. (2003)


Project Scope

In response to a request to CSTB from the United States Government's Chief Counselor for Privacy, CSTB has framed an assessment of emerging approaches to authentication in computing and communications systems that focuses on the implications of authentication technologies for privacy. The project will engage a committee of diverse experts working under National Research Council processes, and the committee's work will be presented in a consensus report with recommendations, which will be briefed and disseminated widely.

Committee Members

Stephen T. Kent, Chair
Chief Scientist-Information Security
BBN Technologies; Verizon Communications

Michael Angelo
Staff Fellow
Compaq Computer Corporation

Steven Bellovin
AT&T Labs Research

Robert Blakley
Chief Scientist for Security
Tivoli Systems, Inc./IBM

Drew Dean
Computer Scientist
SRI International

Barb Fox
Senior Architect, Cryptography and Digital Rights Management
Microsoft WebTV

Stephen H. Holden
Assistant Professor, Dept. of Info. Systems
University of Maryland, Baltimore County

Deirdre Mulligan
Director, Samuelson Law Technology Public Policy Clinic
University of California, Berkeley

Judy S. Olson
Professor, School of Information
University of Michigan

Joe Pato
Principal Scientist & Chief Technology Officer
Internet Security Division
HP Labs Cambridge

Radia Perlman
Distinguished Engineer
Sun Microsystems

Priscilla M. Regan
Associate Professor of Government and Politics
Department of Public and International Affairs
George Mason University

Jeffrey Schiller
Network Manager, Information Systems
Massachusetts Institute of Technology

Soumitra Sengupta
Assistant Professor
The Department of Medical Informatics
Colombia University

James Wayman
Biometrics ID Research Director
College of Engineering
San Jose State University

Daniel J. Weitzner
Technology and Security Domain Leader
World Wide Web Consortium/ MIT


Lynette I. Millett, Program Officer (Study Director)
Jennifer Bishop, Program Associate
Suzanne Ossa, Senior Project Assistant (through September 2001)

Related Publications from Other CSTB Projects

Trust in Cyberspace (1999)
Fostering Research on the Economic and Social Impacts of Information Technology (1998)
For the Record: Protecting Electronic Health Information (1997)
Cryptography's Role in Securing the Information Society (1996)
Continued Review of Tax Systems Modernization for the Internal Revenue Service (1995)
Rights and Responsibilities of Participants in Networked Communities (1994)
Computers at Risk (1991)


National Science Foundation
Office of Naval Research
General Services Administration
Chief Information Officers' Council
Social Security Administration

Additional resources from the Vadasz Family Foundation enabled development of the report on nationwide identity systems.