Who Goes There?: Authentication Through the Lens of Privacy explores authentication
technologies (passwords, PKI, biometrics, etc.) and their implications for the privacy
of the individuals being authenticated. As authentication becomes ever more ubiquitous,
understanding its interplay with privacy is vital. The report examines numerous
concepts, including authentication, authorization, identification, privacy, and security.
It provides a framework to guide thinking about these issues when deciding whether
and how to use authentication in a particular context. The book explains how privacy
is affected by system design decisions. It also describes government's unique role
in authentication and what this means for how government can use authentication
with minimal invasions of privacy. In addition, Who Goes There? outlines usability and
security considerations and provides a primer on privacy law and policy.

Table of Contents


Front Matter
Executive Summary
1 Introduction and Overview
2 Authentication in the Abstract
3 Privacy Challenges in Authentication Systems
4 Security and Usability
5 Authentication Technologies
6 Authentication, Privacy, and the Roles of Government
7 A Toolkit for Privacy in the Context of Authentication
Appendix A: Biographies of Committee Members and Staff
Appendix B: Briefers to the Study Committee
Appendix C: Some Key Concepts
What is CSTB?