- protect identity registration information in transit and within the e-Government
48 Widespread misappropriation of biometric information would negate the value of such a database.
Potential misuse of this information, for example to support fraudulent activities by a criminal organisation,
might lead the practitioner to assign a confidentiality impact level for this information that exceeds
Confidentiality IL3. 49 For the biometrics example, an example solution would be to securely process the
biometric using a hash function to present an identifier with significantly fewer degrees of freedom, but which
remains unique to an individual client insofar as the biometric itself can be considered unique. 50 For
example, cookies might be used to store identity registration information, to enable the registration process
to be paused. In this example, the client should be made aware of this, of the risks of using insecure
machines (eg in an internet café) and of how to expunge this information following registration.
Email this to a friend.
Previous item —