Identity Future

Marc Canter leapt to OpenID’s defense against Michal Migurski’s criticism.

…there are those who think we DON’T need anything more than simple single sign-on. In fact I had lunch with the CEO of SixApart (Barak Berkowitz) who said Brad Fitzpatrick is fairly skeptical of anything beyond his original simple scenario.

But, says Canter, “we need the attribute exchange to make this thing really take off.”

Then all the skeptics will realize that the authentication layer HAD to come first - but was just a first step. Along the way we’ll figure out standards for user intrerface and usage flow.

But for now - the critics are right - OpenID as it stands right now is just authentication and that ain’t gonna rock nobodies world - except for Bard Fitzpatrick’s world - I guess.

attribute exchange, authentication, evolution, marc canter, openid, single sign-on, sso

InCommon, an identity management federation serving US higher education, announced that it is substantially expanding its community to include an additional ten universities, four service providers, and a private identity provider.

“The research and education community, which today depends upon online resources through its partnerships with content and service providers, has been at the forefront of deploying the federated identity management approach,” said Tracy Mitrano, director of Information Technology Policy, Cornell University and chair of the InCommon Steering Committee.

InCommon provides the framework for the partners and sponsors to share protected online information and resources. The resource sharing needs to be done in a highly secure manner while keeping the privacy of those who access this material just as safe. InCommon which uses Shibboleth Technology helps to ease the troubles of the partners by providing single sign-on capabilities to access multiple resources.

“To meet the increasing campus demand for using external applications and online resources, we developed and implemented solutions that efficiently use our existing information infrastructures securely and safely in such a way that we maintain control over the release of personal information for people at Penn State,” said Kevin Morooney, vice provost of Penn State University. “InCommon is a vitally important part of this infrastructure and helps put us in a position to provide a richer, easier to use, safer online experience for Penn State students, faculty, and staff.”

higher education, incommon, indentity management, universities

Oracle announced on December 6, 2006, the release of their new Identity Management Suite providing Single Sign-on. This suite will help to incorporate many of Oracle’s applications to help with access control and passwords.

“The availability of Oracle Enterprise Single Sign-On Suite further enables customers to improve security throughout their entire organizations and to more easily meet compliance mandates while reducing costs,” Hasan Rizvi, vice president of security and identity management products at Oracle, said in a statement.

The five elements that comprise this suite are:

• Logon Manager: Allows users to access their Web-based and legacy applications with a user name and password but without having to constantly change and update passwords
• Password Reset: Enables users to set or recover lost passwords through a protected self-service interface in Windows environments
• Authentication Manager: Lets businesses use a combination of tokens, smart cards, biometrics and passwords to manage access to applications throughout the network
• Provisioning Gateway: Allows businesses to control their identity administration software, such as Oracle Identity Manager, to provision application accounts that can be accessed through Single Sign-On Manager
• Kiosk Manager: Enables users to access applications in a secure manner at multi-user kiosks and workstations, so that users can work from several locations throughout the day

[tags]oracle, single sign-on, identity management suite[/tags]

Marc Hedlund, in an essay at O’Reilly Network, asks:

Who owns your online identity? Do you? Most likely, you don’t — almost all Web sites that have a concept of identity do (and badly want to) maintain an identity profile for each of their users. At the end of the day, that identity belongs to them, not you.

Marc’s question stems from a message he received from Yahoo telling him he had to choose a new username for his My Yahoo account.

In the end, Marc closed his My Yahoo account rather than migrate, and offers this advice:

The lesson should be clear: you cannot entrust your online identity to a business if that identity is meaningful to you. If you want or need your online identity, you must maintain it yourself.

That isn’t to say he thinks there’s no room for a product or service that makes it easier:

There is an opportunity for software businesses that would put identity control directly where it belongs: in the hands of consumers. Some products, such as AdSubtract, already are succeeding by making the Web easier to use while returning control over personal information to users. There are, however, plenty of other uses for a user’s local hard drive, and the successful companies will find a way to combine privacy (which tends not to be a great selling point) with performance and features (each of which do sell).

online identity, idm, identity management, Marc Hedlund, ownership, My Yahoo, self control, self determination, user control

Dave Chiu and Didier Hilhorst explain the concept of reputation management in these slides presented at the conclusion of the Applied Dreams 2.2 project at Interaction Design Institute Ivrea in Milano.

The project brief begins:

Our identities are changing due to our constant exposure to enabling technologies.

Our old physical identities, fixed to a house, an address, a tax number, private, detached, individual, introvert, seem increasingly at odds with our new electronic identities, mobile, self-published, publicly exposed, extrovert, shared, accessible, communal.

Simultaneously, an interconnection between individuals, commercial and authority is leading to the increasing relevance of self-organising, temporary socio-spatial communities and to the creation of micro-economies.

applied dreams 2.2, Dave Chiu, Didier Hilhorst, identity, identity management, idm, presentation, RentAThing, reputation, reputation management, reputation, RentAThing

A popular document from March of 2005 which most professionals dealing with identity management are familiar with is Kim Cameron’s: The Laws Of Identity.

From the summary:

Understand the dynamics causing digital identity systems to succeed or fail in various contexts, expressed as the Laws of Identity. Together these laws define a unifying identity metasystem that can offer the Internet the identity layer it needs

It also contains some “words that allow dialogue”, including a definition of digital identity:

We will begin by defining a digital identity as a set of claims made by one digital subject about itself or another digital subject. We ask the reader to let us define what we mean by a digital subject and a set of claims before examining this further.

identity, kim cameron, digital identity, laws of identity

Service Provisioning Markup Language (SPML) Version 2.0 was ratified today as an OASIS standard.

The OASIS international standards consortium today announced that its members have approved the Service Provisioning Markup Language (SPML) version 2.0 as an OASIS Standard, a status that signifies the highest level of ratification. SPML provides an XML-based framework for managing the allocation of system resources within and between organizations. Encompassing the entire life-cycle management of resources, SPML defines the provisioning of digital services such as user accounts and access privileges on systems, networks and applications, as well as non-digital or physical resources such as cell phones and credit cards.
[...]
The SPML v2.0 OASIS Standard offers enhanced functionality as well as a new profile that lets users and other objects be manipulated more easily. Additional features include improved password management, user suspension capabilities, and user attribute schema discovery.

identity, identity management, oasis, provisioning, Service Provisioning Markup Language password management, spml, spml 2.0

Josh Porter and Alex Barnett got Dick Hardt and Kim Cameron on the line to talk about Identity Management. The result is available as a podcast.

Josh and Alex are big on the attention economy and social software, so they’re asking questions about how IdM works in those contexts. Most people thinking about IdM today seem to be thinking about its uses in the enterprise or in education, but when I say identity management is the next big thing, I mean it in the social context that Josh and Alex are rooted in.

Alex’s notes:

• What are the biggest problems we need to solve for online identity?
   
• The paradox of silos and a single solution
   
• The Laws of Identity and the Sxip protocols
   
• Consistent user experience
   
• Read / Write identity and Attention Data
   
• Separating identity establishment & management and attention & transactional data management
   
• Trading attention data
   
• Attention data and reputational data
   
• Sxore and Blog comment spam and trackbacks are an identity problem
   
• Attention data maintenance
   
• Personally Identifying Information - PII data maintenance
   
• How would ecommerce sites make use of Attention data?
   
• Enterprise-level privacy
   
• Haven’t already we lost our privacy?
   

[cross posted from MaisonBisson.com]

alex barnett, attention economy, dick hardt, identity 2.0, identity management, identity20, idm, josh porter, kim cameron, social software

In a recent report from Research & Consultancy Outsourcing Services (RNCOS) titled “Identity Management Services - A Market Perspective“:

Year 2005 saw an unexpected rise in the incidents of identity theft that stimulated the rapid inclusion of Identity Management Solutions in industries.

In spite of high infrastructure cost, reluctance to adopt a new technology and nonexistence of government support the market for identity management is growing swiftly.

As per industry experts, the market for provisioning, data validation, merged identity solutions and full suites has already reached above $1.2 million. With an average annual growth rate of 2.3 times, it is further estimated to grow above $8.5 billion by the year 2008.

However, factors such as regulatory compliance, higher productivity, improved safety and lower administrative costs might pull businesses towards the Identity Management Solutions, vendors with a standard clientele can only ensure proper implementation of these solutions.

This lends further credibility to statements that identity management is the next big thing.

identity, identity management, growth, market, RNCOS

Being that good software — the social software that’s nearly synonymous with Web 2.0 — is stuff that gets you laid, where does that leave IdM?

Danah Boyd might not have been thinking about it in exactly those terms, but her approach is uniquely social-centered. She proposes “SecureId”

What is SecureId? SecureId is a program that helps you protect and control your digital identity by allowing you to determine who can access your private information. By allowing you to articulate your digital contexts based on facets of your identity, SecureId provides the framework for you to properly relate identity information and people with contexts, thereby giving you the ability to portray yourself properly. SecureId uses a knowledge-based security system to help you manage access to various facets of your identity. By presenting you with a portrait of your digital identity, SecureId also gives you a virtual mirror to your social performance.

Reading further, she implores us to “imagine that you are in control of your digital identity.”

The information you give out on a daily basis is quite context dependent. While you might give your medical history to your doctor, would you give it to a random stranger? Does your language differ between work, the pub and at home with your 3-year-old? What about your clothing? Not only do you make different decisions based on the level of trust you have, but also based on what is socially appropriate. Speaking to your boss like you speak to your child might be both inappropriate and offensive. Do you have different groups of friends, family and associations that may or may not interact with one another? What roles do you play in your life and how do aspects of your character change when you are in these different roles?

SecureId offers you an interactive visual landscape for articulating your identity facets and associating appropriate data with them. Through this mechanism, you can quickly see who has access to what aspects of your self. By presenting you with a portrait of your digital identity, SecureId also gives you a virtual mirror to your social performance, an awareness that is taken for granted in the physical world.

danah boyd, context dependent identity, identity management, idm, social, social aspects, social identity, social idm, social interaction, social networks, social software