IDEAS home Printed from
MyIDEAS: Log in (now much improved!) to save this paper

A Network-Economic Policy Study of Identity Management Systems and Implications for Security and Privacy Policy

Listed author(s):
  • Repkine, Alexandre
  • Hwang, Junseog

Solving the problems associated with identity management in the “virtual” world is proving to be one of the keys to full realization of the economic and social benefits of networked information systems. By definition, the virtual world lacks the rich combination of sensory and contextual cues that permit organizations and individual humans interacting in the physical world to reliably identify people and authorize them to engage in certain transactions or access specific resources. Being able to determine who an online user is and what they are authorized to do thus requires an identity management infrastructure. Some of the most vexing problems associated with the Internet (the deluge of spam, the need to regulate access to certain kinds of content, securing networks from intrusion and disruption, problems of inter-jurisdictional law enforcement related to online activities, impediments to the sharing of distributed computing resources) are fundamentally the problems of identity management. And yet, efforts by organizations and governments to solve those problems by producing and consuming identity systems may create serious risks to freedom and privacy. Thus the implementation and maintenance of identity management systems raises important public policy issues. The identity management systems (the IMS-s) often tend to require more information from the consumers than would otherwise be necessary for the authentication purposes. The typical choice being analyzed in IMS is the one between a completely centralized or integrated system (one ID - one password, and a single sign-on) and the one comprising a plethora of (highly) specialized IMS-s (multiple ID-s and passwords). While the centralized system is the most convenient one, it is also likely to require too much personal information about the users, which may infringe on their rights to privacy and which definitely will result in serious damage should this personal information be stolen and/or abused. When more than two IMS-s interconnect (more of a practical side with various types of commercial values), they share the private information with each other, thus increasing consumers’ exposure to possible information misuse. It is thus rather obvious that the public policy plays an important role to maintain the structure of identity management systems ensuring the existence of a sound balance between the authentication requirements and consumers’ rights to privacy. The focus of this paper is on investigating this type of tradeoff by employing a theoretical framework with agents whose utility depends on the amount of private information revealed, and on making policy recommendations related to the issue of interconnection between alternative IMS-s. Our model derives optimal process of interconnection between IMS-s in the simple case of three IMS-s, then generalizing it to the case of more than three firms. The socially optimal outcome of the interconnection process in our model implies encouraging the interconnection between smaller rather than larger IMS-s.

If you experience problems downloading a file, check if you have the proper application to view it first. In case of further problems read the IDEAS help page. Note that these files are not on the IDEAS site. Please be patient as the files may be large.

File URL:
File Function: original version
Download Restriction: no

Paper provided by University Library of Munich, Germany in its series MPRA Paper with number 7850.

in new window

Date of creation: Aug 2004
Handle: RePEc:pra:mprapa:7850
Contact details of provider: Postal:
Ludwigstraße 33, D-80539 Munich, Germany

Phone: +49-(0)89-2180-2459
Fax: +49-(0)89-2180-992459
Web page:

More information through EDIRC

References listed on IDEAS
Please report citation or reference errors to , or , if you are the registered author of the cited work, log in to your RePEc Author Service profile, click on "citations" and make appropriate adjustments.:

in new window

  1. Nicholas Economides, 1997. "The Economics of Networks," Brazilian Electronic Journal of Economics, Department of Economics, Universidade Federal de Pernambuco, vol. 1(0), December.
  2. Olivero, Nadia & Lunt, Peter, 2004. "Privacy versus willingness to disclose in e-commerce exchanges: The effect of risk awareness on the relative role of trust and control," Journal of Economic Psychology, Elsevier, vol. 25(2), pages 243-262, April.
  3. Howard Kunreuther & Geoffrey Heal, 2002. "Interdependent Security: The Case of Identical Agents," NBER Working Papers 8871, National Bureau of Economic Research, Inc.
Full references (including those not matched with items on IDEAS)

This item is not listed on Wikipedia, on a reading list or among the top items on IDEAS.

When requesting a correction, please mention this item's handle: RePEc:pra:mprapa:7850. See general information about how to correct material in RePEc.

For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: (Joachim Winter)

If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

If references are entirely missing, you can add them using this form.

If the full references list an item that is present in RePEc, but the system did not link to it, you can help with this form.

If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your profile, as there may be some citations waiting for confirmation.

Please note that corrections may take a couple of weeks to filter through the various RePEc services.

This information is provided to you by IDEAS at the Research Division of the Federal Reserve Bank of St. Louis using RePEc data.