Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

National Identity Cards 2

Status
Not open for further replies.
guestgulkan

guestgulkan

Technical User
Sep 8, 2002
216
GB
What I'm interested in is the technology that could be used to make such a smartcard ID, and how the data could be safely stored and accessed, and the type of people that would have access to it.

For example:
1. Standard data - name, address, next of kin, visa, and the usual type of data that can be found on a passport.

2. Medical data - useful if you are in an accident and you need a blood transfusion or an insulin injection, or need allergy treatment.

3. Other useful stuff - such as National Insurance number (useful for electronic voting - as mentioned in another thread?).

How can this information be stored so that, say, only the police or medical persons would be allowed to access type 2 data?
 
Sort by date Sort by votes
Well, generally I would think with that type of information it wouldn't actually be stored on the card. The card would only include a software key that matched uniquely to one set of records. At that point if you slid someones key into a console you would only get back the information you were authorized for.

[sub]01000111 01101111 01110100 00100000 01000011 01101111 01100110 01100110 01100101 01100101 00111111[/sub]
minilogo.gif alt=tiernok.com
The never-completed website
 
Upvote 0 Downvote
One of the biggest problems here is not just a matter of dealing with that just what you are authorized for, but rather the dynamic circumstances around which that authorization exists. Specifically with the type 2 medical data, an EMT/Paramedic may be authorized access to that data in an emergency, but not under normal circumstances. How does the card (or even just access via the SW key) know that its a medical emergency and not an identify theft, or just some curious medical technologist.

I don't know, and it's one of the reasons that I'm not quite sure it's a good idea.

Good Luck
--------------
As a circle of light increases so does the circumference of darkness around it. - Albert Einstein
 
Upvote 0 Downvote
I agree with CajunCenturion. The idea I think is a good one, but how are we going to prevent data from being misused.

One way round is to ensure that data accessed needs both the card and a ID. Every paramedic has an ID that can access just medial/next of kin data on that card, but nothing more.
Would this work?
 
Upvote 0 Downvote
I think a distributed relational database could be used to store this. The data could be split so that say health related data were available to the emergency services.
Passport/travel information/visas could be available to the immigration authorities and passport control at ports/airports etc, simply by ensuring that they have read only access to the appropriate tables in the location.

Other nationally recognised ID such as driving licenses and category of vehicles would be stored by the appropriate authorities.

Now for the catch: Because the data is spread across several servers in different geographical locations, there would have to be one central master list of valid ID's, which then are used as the primary keys in the other tables.
This would become a central target for fraudsters looking to bring up details of people so they could create fake ID's of real people.

John
 
Upvote 0 Downvote
Not completely...

The concern is that someone in the medical field could violate the person's privacy by viewing records when it's not necessary. My idea would be that you must receive authorization from at least 2 EMT's, etc, in order to release the record, or have the EMT + the patient's authorization. It's not foolproof, but it would at least make it inconvenient for unauthorized use...
 
Upvote 0 Downvote
Or perhaps, as in the case of a medical emergency when you may not be able to obtain the patient's authorization (ie unconscience), maybe the card holder can pre-define a secondary authorization person to access the information. The crux of this issue is that access authorization is circumstantial and that's an interesting challenge.

I would also be concerned about the ability to maintain the paramedic authorization list. I don't know, but I imagine the turnover in that area is substantial.

Good Luck
--------------
As a circle of light increases so does the circumference of darkness around it. - Albert Einstein
 
Upvote 0 Downvote
Perhaps we base it on whether the person has the license to do something. Most medical-related fields have certifications or licenses... perhaps as long as it's valid, you have an authorization, and if it expires/is revoked, you also lose your authorization. After all, it's not like they could just browse patient databases anyway, since redundant authorization would be required.
 
Upvote 0 Downvote
It's a nice idea in theory, but unfortunately something as widely used as this would almost certainly be abused. With such personal information involved I myself would not be very comfortable with the idea.
 
Upvote 0 Downvote
Any system can be abused. I remember a story several years ago of a group of IRS (the Infernal Internal Revenue Service, or "tax collectors" for those of you from outside the U.S.) personnel were fired because they were caught looking up the IRS records on celebrities.

It seems to me that you store two classes of medical data.

The first class of data is the types of information that are necessary for medical personnel to know in an emergency:[ul][li]Chronic medical conditions like asthma or hypertension.[/li][li]Drug allergies[/li][li]Blood type[/li][li]Drugs taken on a long-term basis[/li][li]Next-of-kin contact information[/li][/ul]

The second class of information is everything else. The card stores only that information necessary to look up everything else on a larger network.

First-responders have a standalone reader available which can tell them the critical stuff they need to know. The hospitals can look up the rest of the data necessary.

You could also store all medical data on the card, but with the second class of data encrypted. Only the owner of the card and his next-of-kin (from the next-of-kin mentioned in the critical list) know the decrypt key.

Want the best answers? Ask the best questions: TANSTAAFL!!
 
Upvote 0 Downvote
That would help, but would it not enable someone to just steal your card and decrypt it at their leisure?

Perhaps I am being paranoid.
 
Upvote 0 Downvote
I don't think this would be too differcult to achive (unless the UK government tries it!!! Swanick/ CSA/ Passports anyone remeber these?)

Think about a normal Customer DB, now you will hold the Address, Contact names, account manager etc on one part. Then you will have more confidential things like credit limit, payment history (late/early) and what they have bought in the past, delivery performance.

Then you would have the really sensitive stuff like the margins you make from each sale, current bids and projectsand other such lovelies that are easily sold to competitors.

Now think about that sort of tiered security for a persons details. Easily done.

BUT the safety of the data is not dependant on the security of the system but on the determination of the thief! And please don't forget the Human factor here. Just last week a refirbished PC was sold by - sorry can't remember that - with a CD in the CD-Rom which contained a lot of contact information on it. These things will ALWAYS happen.

Heres a question that no one has raised..... Who is going to pay for this? Not to mention replacement cards, is it illegal to leave the house without it, who has authority to ask for it... Our US friends will it be used to make sure you can pay for health treatmen t before the paramedics even think of putting you on a stretcher?

I do go on sometimes don't I?

Lol

iain
 
Upvote 0 Downvote
Some valuable points have been raised.

The question of who will bear the financial burden is a big one.I suppose that would be the tax-payer.
Even if the required 'smart card' technology becomes common use and cheap, the setting up, production and distrubution of the cards would be huge (billions + more billions over budget if past government sponsored contracts are any guide).

For data safety - I suppose you could use another smart card. For example the paramedic mentioned above would have a 'medical type' smart card which would allow access to medical data only.
These cards would have to be tightly controlled and accounted for by the relevant authourities.

Of course this all raises the issues of Personal data protection. The current laws would have to be tightened up.
It would have to become an criminal offence to use an authorised smartcard (such as the one issued to the paramedic) to gain unauthorised access.
 
Upvote 0 Downvote
grenage:
Who are you protecting against? The NSA?

You could employ the most secure system in the world, and all someone would have to do is hire a nursing-qualified spy to work for a nursing temp agency.

You don't even need the card. Just walk up to a terminal and ask the computer for the records.

Want the best answers? Ask the best questions: TANSTAAFL!!
 
Upvote 0 Downvote
True I guess but I have no bones to grind with the Government, I live on the assumption that the Government already knows everything about me of relevance ;)
 
Upvote 0 Downvote
Grenage:
The preface to Bruce Schneier's book Applied Cryptography reads, "There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files. This book is about the latter.

If I take a letter, lock it in a safe, hide the safe somewhere in New York, and then tell you to read the letter, that's not security. That's obscurity. On the other hand, if I take a letter and lock it in a safe, and then give you the safe along with the design specifications of the safe and a hundred identical safes with their combinations so that you and the world's best safecrackers can study the locking mechanism--and you still can't open the safe and read the letter, that's security."

What Bruce Schneier did not point out in Applied Cryptography is that all the cryptography in the world is useless if some user weakens the security by doing dumb things that circumvent the security. Take that safe he mentions in the preface -- what if you forget to lock the safe? He did realize his omission later, and talked about the problem in his book, Secrets and Lies.

Someone with good social engineering skills could very likely get the information stored in your card from other sources for less than the cost of a beer.

Want the best answers? Ask the best questions: TANSTAAFL!!
 
Upvote 0 Downvote
That sounds like an interesting book, I'll have to look for it.

Regarding alternative sources for the data, you are 100% correct. I have no objections to this kind of data being stored on the card, only data of any real significance (while this is open to interpretation).
 
Upvote 0 Downvote
Read Applied Cryptography, Second Edition and Secrets and Lies, both by Bruce Schneier.

I also recommend taking a gander at The Art of Deception: Controlling the Human Element of Security, by Kevin Mitnick and William Simon.




Want the best answers? Ask the best questions: TANSTAAFL!!
 
Upvote 0 Downvote
So many books, so little time. Thankyou for that I shall hunt them down.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

lionelhill
  • Locked
  • Question
supermarket research/loyalty cards 3
Replies
19
Views
41
chiph
chiph

Part and Inventory Search

Sponsor

Back
Top