IA-8(6): Disassociability
Control Family:
Threats Addressed:
Baselines:
(Not part of any baseline)
Control is new to this version of the control set.
Control Statement
Implement the following measures to disassociate user attributes or identifier assertion relationships among individuals, credential service providers, and relying parties: [Assignment: organization-defined measures].
Supplemental Guidance
Federated identity solutions can create increased privacy risks due to the tracking and profiling of individuals. Using identifier mapping tables or cryptographic techniques to blind credential service providers and relying parties from each other or to make identity attributes less visible to transmitting parties can reduce these privacy risks.