Utah Open Source Planet

Businesses spend a great deal of time and money trying to identify their customers. By "identify" I mean not just get a name and credit card number, but find, learn about, and discover the attributes, preferences, and even desires of customers. They spend millions of dollars on "customer relationship management" (CRM) systems that are really "customer dossier systems" in a quest to manage the identity data they collect about customers.

In the same way, customers spend a great deal of effort identifying businesses. Which business sells the product that will meet my needs at a price I'm willing to pay? Which business will give me the best shipping, the best service, or even the most emotional lift when I buy from them?

Doc Searls has been talking about the need for the one-way "CRM" systems to become more truly about relationships for years--ever since I first met him. He's set up Project VRM at Harvard to focus on that effort. VRM, which stands for "vendor relationship management" was meant as a play on CRM, but is maybe too "user-centric" at this point. The real idea is relationships.

When Bob Blakely spoke at IIW about relationships, I don't think I really understood what he was saying, but I took notes and today when I was going back over them, the idea of relationships as the context for identity actually leaped out at me. (See also Drummond Reed's notes on this same talk.)

I've been thinking about this idea in the context of ecommerce lately and trying to understand the market that might emerge as ideas like VRM start to take hold. As Bob mentioned in his talk, this idea has real power when relationship intermediaries start to get involved.

The much used analogy to the credit card industry is applicable here. I can buy a TV at Best Buy on credit not because I have a direct credit relationship with Best Buy (although they'd love to establish one with me) but because I have a trusted relationship with my bank, they have one with their bank and there's a contract between those two banks (via the Visa network) that links them.

In a similar way, intermediaries could provide strong trust relationships that link merchants and shoppers. Here's a picture:

In this diagram the blue box labeled "RelP" represents a relationship provider. Not an IdP who provides low value authentication services, but someone with a strong trust relationship with various parties--shoppers and merchants in my example. The RelP creates a relationship context within which the identity data lives and is shared. Other RelPs through contractual relationships can federate to create relationship contexts that span a single RelP.

As a side note, this model doesn't necessarily envision the creation of a network for relationships like Visa, although you could imagine one. This was the reason Andre Durand started Ping Identity. 2002 was probably too early to get that gargantuan task accomplished, but the technology and thought processes around this area have grown up a lot in the last 6 years.

How might such relationships be created and managed? Drummond and the folks at the Higgins Project believe that relationship cards, or r-cards are the answer. They well may be. An r-card, perhaps slightly misnamed, offers the capability to instantiate an ongoing data sharing relationship that can be terminated at any time by either party. in Drummond's words:

An r-card ... exchanges a set of claims and associated policies that enables both parties to continue to share other information over time, e.g.:

• Updates to the initial values of the claims
• New claims
• Permissions and controls over communications via other channels
• Changes to the r-card itself

I'm still trying to understand all the details, but convinced of the necessity of this kind of thing. My work on reputation (PDF) was a start at understanding how trust relationships can be created online. I'll be writing more about this as I understand it more over the coming weeks.

Tags: identity relationship rcards reputation

Bob Blakely is speaking about building a relationship layer for the Internet. A relationship is the context within which we observe one another. Past history and even attitudes are not directly observable. This is imperfect--distant relationships are the basis for inaccuracies. More observations at a closer distance make for a more useful and feature rich relationship.

Bob puts forward the emergence of the credit card industry as an example. Rather than requiring shoppers to create intimate relationships with every merchant, you create a single intimate relationship with your bank and the merchant has an intimate relationship with their bank and then the banks form a relationship (contract) that connects those.

Generalizing this thought to identity, in situations where you don't have one good relationships can two relationships provide the answer? Intermediaries need to have a trust relationship with the user. Phone companies, utilities, even shipping companies have a great advantage here. They can out compete banks.

Relationships are the type information about edges in the social graph. Bob presents a schema for relationships. Relationships have a creator. Relationships have a type (FacebookFriend). Creators establish rules and roles. Rules might be "can't copy." Roles are descriptions of individuals who can participate in the relationship.

There are other elements in the schema. Consents are what you agree to (i.e. enter into a relationship, you can send email, etc.). Promises are things you're held to (i.e. abide by terms of service). You also have claims (i.e. this is my name, this is my email address, etc.) There might be blocks to list other participants. The schema is a contract sorts. In privacy, for example, this shifts the discussion from one of rights to one of contract law.

Employees present an expensive relationship. Contractors are a less expensive way of having an employee relationship. This is relationship federation. The contracting company provides context about the relationship and there are rules, etc. that govern the relationship.

Identity providers present a similar scenario. The IdP can, in theory, create the expensive relationship with the user and with the RP. The difference is that IdPs can't make money from the expensive user relationship. You're not selling identity. If you sell identity, like Equifax, people hate you. You're selling relationships. They should compete on the basis of cost and quality.

"X-centric" is dysfunctional nomenclature no matter what the value of "X." Functional relationships happen when both parties gain value and agree to treat each other with respect.

Tags: iiw2008a iiw identity vrm

One of the topics that came up in today's free range small groups discussions are IIW2008A was the idea that architectures have agendas. Brad Templeton voiced the idea that all designs have defaults and those defaults represent an encoding of some kind of agenda.

For example, let's say that you collect click streams from your web site visitors in order to give them recommendations, optimize banners, or whatever. What is the default for how long that data is stored? One week? A month? A year? Forever? You might not think of that default as an agenda, but it is in the sense that it enables or disables certain behaviors in the future.

"But wait!" you say. "I didn't even think of that! My site stores it forever because I haven't written a purge function--yet." Even implicit acts create defaults and those defaults represent an agenda. For example, if your agenda were different with respect to storing private data, you'd have prioritized your development differently.

I've been using privacy as an example, but it's larger than that, of course. Designs are full of defaults--some explicit and most of the implicit. Programmers don't pay enough attention to defaults. Rail's "convention over configuration" is a great example of a system that carefully thought through defaults. 37 Signals calls this concept opinionated software.

The best software has a vision. The best software takes sides. When someone uses software, they're not just looking for features, they're looking for an approach. They're looking for a vision. Decide what your vision is and run with it.

From Getting Real: Make Opinionated Software (by 37signals)
Referenced Mon May 12 2008 17:14:47 GMT-0700 (PDT)

I like that idea.

Tags: iiw2008a iiw identity arcitecture software+design

If you are wondering what the Internet Identity Workshop is all about we have a new articulation posted on the main wiki page for our upcoming conference. It goes into the range of topics covered along with the technology and social issues. This is our 6th event and I think it will be a great one.

MONDAY IS FREE (beginning at 1PM)

We have Monday’s program figured out and Monday afternoon is FREE to anyone who wants to come and check out the emerging field. We will open at 1pm.

We will open with a ‘newbie’ perspective from Ryan Janssen who has been an amazing active reader of the community blogs and writing about it as Dr. Star Cat

Everyone will get a hand out of all the community project one pagers.

Presentations will then follow about five centers of gravity in the community that we see:

The VENN OF IDENTITY

1. OpenID - David Recordon
2. SAML/Liberty Alliance - Paul Madsen
3. i-cards - Pamela Dingle
4. Data sharing/linking - Drummond Reed
5. Vendor Relationship Management Project - Chris Carfi

Between 3:30 and 4:00 we will be all together - considering “what useful things can we do” along with other questions please be there for this if you feel all up to speed on “everything”. We think that the presentations will be informative for those already familiar with the landscape it has moved forward since we last were together - so we encourage you all to get there at 1PM.

We are working on a blog push on Thursday May 1st - blog about it that day- (if you miss that day - blog about it anyways over the weekend)

Tags: iiw iiw2008a identity events

Bryant Cutler and Devlin Daley developed a methodology for adding selective delegation to relationship-based identity systems. This afternoon I presented that work at WWW2008. The talk went well. There were probably about 40 people in the room. There were some good questions afterwards, so all in all, I'm pleased. Here are the slides (PDF) if you're interested.

Tags: www2008 security identity delegation

Reid Andersen from Microsoft Research is talking about trust-based recommendation systems (PDF). To build a personalized recommendation, you need a trust graph among users. What system should you use to determine the recommendation? The researchers use an axiomatic approach.

The context of their axiomatic system is social choice theory (see Arrow's impossibility theorem for voting systems from 1951). More recent treatments are Webpage ranking systems (Altman, Teeneholtz, '05).

The details are fairly complex, but the basic idea is that by proposing axioms until you get an inconsistency in the axiom set and then backing off and exploring other axioms to add to the set, you can generate unique recommendation systems that have a provable set of properties.

The overall model is simple, but there are several nice result including being able to show incentive compatibility which avoids self-interested bias in the recommendations. For details, see the paper (PDF).

Tags: reputation trust identity www2008 www2007 www2006

Pretty much everyone at Kynetx has started using Twitter. That led to a new crop of my other friends starting to tweet as well. Today @fulling asked my "what's the @"? He didn't know he was opening up a can of worms.

Steve Gillmor refuses to use the @. He rightly points out that the Web client moves those out of the tweetflow and that while thick-clients do a better job of that (I use Twitterific, for example), that's not a solution for people who want to use the iPhone or other mobile platforms.

Now I'm getting pushback for avoiding @messages, which are difficult to render on the iPhone and not what I want to do for the most part elsewhere. What I do want to do is respond to direct requests for dialogue while leaving open the opportunity for the larger community of people who follow me to absorb the flow. In other words, while I may be answering someone directly, I'm always cognizant of the power of the Twitter space to amplify and accelerate ideas and issues in this hybrid public/personal editorial space.

This Twitterstage is unique in its various overlapping attributes, what I would call a swarmscape where ideas are accelerated by the realtime interaction around ideas, questions, assertions, humor, avoidance, and other gestures much richer than those of the aggregated services they draw on: IM, email, blogging, etc. So my shorthand methodology takes the form of first replying with the Twitter name without the @ sign, then shortening it as the dialogue extends to first name or just continued response, always assuming that the participants will either find it sufficiently interesting to follow me (and hopefully I them) or if they wish, use the @message to trigger my track keyword harvesting.

From NewsGang
Referenced Thu Apr 03 2008 15:44:15 GMT-0600 (MDT)

I wouldn't have expected anything else from @stevegillmor. After all, he elevated not linking to people to an art-form. That said, he's got a point.

When @fulling and I talked, I explained it was shorthand for him, his identity on Twitter, if you will and that I used @fulling to refer to him so that others had context about what I might be saying. If you're not following @fulling and I say:

@fulling don't do that or your Macbook will fry!

You can easily go see what @fulling was going to do that I warned him about. With out the @, it's harder. In fact, you're not even sure if it's an Twitter username or not.

When I got back to the office after talking with @fulling, I saw this tweet from @timbray about an article he'd written on Twitter. Among other interesting things, Tim said:

@ · When you create an instantly-recognizable, simple, Internet-wide addressing mode and it shows signs of sticking, well, that's a big deal. "@timbray" has become a significant part of my identity.

From ongoing · On Twitter
Referenced Thu Apr 03 2008 15:54:48 GMT-0600 (MDT)

Well said. Twitter has created a brand new, Internet-wide addressing system that has become an identity system in it's own right.

Yesterday, @bryce said

They really do introduce you by your usrname at twitted hq. Hi I'm @bryce. Nice to meet you.

Heh.

Tags: twitter identity

Clifford Thomson sent me a link to a talk Dan Solove gave at Google on his new book The Future of Reputation. I interviewed Dan on Technometria a while back about his earlier book The Digital Person.

Dan's a very interesting speaker and raises important issues in his books and in this video. This is well worth watching if you're interested in the intersection of privacy and reputation in the Internet age.

Tags: itconversations reputation identity video privacy

When Americans (led by Lou Dobbs) scream "do something about illegal immigration" at the top of their lungs, you know we're going to get saddled with a bunch of awful ideas. One of those is Electronic Employment Verification, or EEV. EEV is a plan to create a big federal database of everyone eligible to work. Before a potential employer could give you a job, you'd have to be "cleared to work" by the Feds. Even worse, it will just be an API call to a big database in the sky.

In theory, this seems like a great solution. After all, if we just had a nice API call to make to determine whether or not to give jobs to people we could remove the magnet of lucrative jobs, right? In theory. The problem is the world's a messy place.

in the pilot program that DHS has been running, the error rate is 4.1%. If you do that math (55 million new hires each year in the US), that works out to 11,000 people mistakenly classified as ineligible to work every day! Of course, that won't be you, right? Of course, the error rate is bound to get better, right? Of course, there will be a swift and fair adjudication process, right? If you believe that you don't understand IT or the government very well.

What's worse, it won't even solve the immigration program. It will simply make the value of your identity data all the greater. If you make something worth more, it's more likely to be stolen. Rather than solving the illegal immigration problem EEV will more likely simply increase the incidence of identity theft. Your government at work. Rather than making you safer from identity theft, they're going to make you more susceptible.

Even if you're not one to go in for Orwellian scares about Big Brother growing out of a national ID system, this one has to make you wonder what people in Washington are thinking.

What can you do? Call you congressperson tomorrow and tell them EEV is a bad idea. Give your credentials. Make sure they understand people in their district will have a harder time getting employment. Increasing a tiny bit of friction in the job process is likely to cause big costs for business and government.

For more information and details on EEV, read Jim Harper's excellent policy analysis on it. Disclosure: he quotes me.

Tags: politics identity

The announcement and registration pages for IIW 2008 are now live. Please take minute and do three things:

1. Register so we know you're coming. Having a good count early makes the whole thing go smoother.
2. Help us spread the word by blogging about it.
3. Put a badge for IIW on your Web site if you can. Here's the code for the badge you see on the right hand side of my blog:

   <a href="http://www.windley.com/events/iiw2008a/register.shtml"> <img src="http://www.windley.com/events/iiw2008a/images/iiw2008_badge.png" border="0" hspace="3" vspace="3" title="IIW2008 Registration banner" alt="IIW2008 Registration banner" /></a>

We expect that IIW2008 will be every bit as productive and fun as past IIWs have been I hope you can make it.

Tags: iiw identity iiw2008a travel events

Yesterday, the Government Operations Committee of the Utah House of Representatives voted unanimously for a bill (HB449) that would bar the Utah Driver's License Division from implementing the REAL ID act of 2005. Utah isn't alone, a number of other states have opted out of REAL ID by statute, have passed legislation opposing it, or have legislation pending.

REAL ID would standardize the identity documents required to get a driver's license across the US, standardize some of the information on the driver's license itself, and introduce a common machine readable technology for driver's licenses nationwide. In addition, REAL ID mandates that states share driver's license data with each other.

There are fiscal concerns--the Dept. of Homeland Security estimated that the cost of compliance with the federal legislation would be $17 billion. If you read the fiscal note on HB449, it only discusses the impact of not implementing REAL ID. I'm more concerned with what the legislature thought the impact of complying would be.

The minutes aren't online from yesterday's meeting yet, but the audio is. HB449 is discussed about half way through.

Jim Harper who spoke in Utah on REAL ID in 2006 and testified before the GOC last year was referenced in the testimony. also read testimony from legislators from two other states.

Beyond the fiscal impact there are significant privacy concerns.

Overall there is tremendous pushback against a national ID card, even one by proxy as REAL ID attempts to create. If Congress is serious, they'll tie it to highway funding. I don't think that there's much support in Congress for that given the rebellion that's happening with the current implementation.

The impact of not complying is that Utah driver's licenses might not be usable as identification when flying and entering federal buildings. I doubt any state will be ready by the May 1st deadline and DHS has allowed for extensions. I think you could read HB449 as even prohibiting that. Even so, Nanette Rolfe, director of the Utah Driver License Division, said she's already filed for an extension until Dec. 31, 2009.

After that will Utahns still be able to fly? Yeah, there's enough angst about this that I doubt DHS will put the restrictions into effect. This one's headed back to DC for a rework, I'm guessing.

Tags: politics identity

A while back Jon Udell interviewed me for his Interviews with Innovators podcast. We talked about reputation.

Tags: itconversations reputation identity

A few days ago, someone at Sun made a video that poked some fun at Ping Identity (disclosure, I'm on their advisory board--I think--it's been a long time). Ping fired back with a humorous video of their own. Heck, if they both keep acting like this, the world's going to have to pay attention to federation, just for entertainment value alone!

Tags: video humor identity federation

Dave Winer's Club140.org gives us a good example of how hard it is to protect data. For those of you not following along at home, Dave created a site, called Club140, that lists any tweets he sees on Twitter that are exactly 140 characters long (the max allowed by Twitter).

Today, Dave posted this on Twitter:

i just added code to http://club140.org/ to filter out messages from people posting from "protected" accounts. hadn't thought of it before.

The issue is that some people have their tweets protected so that only people who are following them can see what they write. Dave, by reposting those protected tweets, was allowing the protected tweets to leak onto the 'Net for all to see.

Not a big deal in this case, and Dave corrected it, but it's illustrative of the problem we have with explicit authorizations of any kind--one that's at the heart of many of the discussions surrounding privacy.

If you try to protect data with explicit permissions (e.g. "you can share my blog URL freely, keep but not share my email address, and use my SSN once for the explicit purpose agreed to and then must destroy it.") This makes the problems of DRM look like child's play and we know how well that's worked.

The problem is that explicit permissions scale geometrically. Picture a 3 dimensional table with people on one axis, resources (like tweets) on the second, and possible actions along the third. Put a T or F at each intersection indicating whether or not person P is allowed to take action A on resource R. Now, make sure these travel around with each resource (including fragments) in a way everyone can read, no one can tamper with, and is extensible as others add their own data. Eek!

There are systems that scale better. Auditing is one. Someone who wants their tweets protected can see that Dave is sharing them and call him on it. Auditing scales linearly but requires transparency. If Dave weren't posting the tweets, but rather sending them off surreptitiously to the CIA, then no on would be the wiser.

That's where trust comes into play. Presumably, people allow Dave to see their protected tweets because they trust him to protect their privacy. He did and I'm certain that would be the case whether or no there was transparency.

What we're after, of course, is accountability. We use things like explicit authorization as proxies for accountability so often that we're in danger of confusing the means with the end. In reality, there are many ways of achieving those ends and with varying degrees of cost and effectiveness, but there's no silver bullet. The techniques that have served us well offline, based on transparency, are guides to what will work online as well.

Tags: identity drm twitter

OpenID 2.0 was finally release yesterday. I've put a piece up at Between the Lines on what's new in OpenID 2.0. There's some important capabilities that will move this forward in a big way.

Tags: openid identity iiw iiw2007 iiw2007b

Here's a screencast that Dan Lullich sent me showing how OpenID works using a whiteboard cartoon. Very clever!

Dan was also my guest on the Technometria podcast this week. We talked about reputation--go figure.

Tags: openid identity iiw2007b iiw iiw2007 screencasts

Doc juggles (click to enlarge)

I just posted a summary piece from Tuesday at IIW2007B at Between the Lines: Reputation taking center stage. I also have pictures. Look for more IIW coverage with the iiw2007b tag.

Tags: iiw identity iiw2007 iiw2007b reputation

Coincidentally, a feature I did for InfoWorld on user-centric identity appeared today. Here's what I contributed:

• Federating identity for the Web
  User-centric innovations CardSpace and OpenID may finally bring the promise of federation within reach
• Understanding OpenID and CardSpace
  OpenID and CardSpace are at the forefront of user-centric identity. Here's how they work
• Podcast: An identity layer for the Web
  Microsoft's Kim Cameron speaks to the advantages of placing the user at the center of enterprise identity systems
• Podcast: User-centric identity in the enterprise
  Burton Group's Mike Neuenschwander discusses the state of federated identity, delving deep into the business proposition user-centric identity presents

Tags: iiw identity infoworld iiw2007b

IIW2007B is underway. I flew to San Jose with two of my grad students, Bryant Cutler and Devlin Daley this morning. We went to Costco to buy food for snacks and showed up at the Computer History Museum about noon.

The first day of IIW continues to evolve. Kaliya and her design team set out an agenda this time that included a set of parallel tracks to start off. The parallel tracks allowed us to run a real "intro" track for new comers alongside some working groups sessions.

I was in charge of the intro track. Paul Madsen started off with a talk introducing the major protocols and their relationship to each other. I think it hit the nail on the head in terms of what I wanted from that portion of the program. I'll post a link to his files in this spot when they're available.

I gave a talk that attempted to categorize the various protocols, software projects, working groups, interop projects and industry consortia. My slides are available (PDF).

The session ended with two talks on topics I think will be emerging themes at this IIW: VRM and Trust/Reputation. Doc Searls gave a nice impromptu talk on vendor relationship management. At Defrag, Dick Hardt gave a great talk, in his inimitable style on trust and reputation. I asked him to repeat it at IIW.

We'll be having a general session at 4pm and then dinner later tonight. Tomorrow we will jump into open space and let every one define their own topics.

Tags: iiw iiw2007b identity

Kim Cameron has a nice post, including a screencast on how to use CardSpace in low-value, low-overhead installations like blogs. (By "low-value" I mean that the cost of a bad authorization decision isn't high, e.g. a spam comment).

Tags: identity cardspace

While I was at Defrag, I sat down with Jeremy Zawodny for an interview on the Yahoo! Developer Network Theater. You can watch it here:

Alternately, you can download it. We talked about a variety of topics, including the idea behind my new startup, Kynetx.

Tags: identity yahoo kynetx defrag

What's hot for Christmas 2007? Barbie key signings.

Tags: identity social+networking

I've been asked to put together a feature for InfoWorld on user-centric identity. The feature will include written text, a couple of podcasts, and some flash animations. I'm a little excited about the opportunity to use these different media to communicate the idea of this important topic to business.

The podcasts will be 15-20 minutes each on the following topics:

• Podcast on user control and laws of identity
• Podcast on state of identity in enterprise

I've already got these scheduled with guests, so please don't ask to be on the podcast.

The initial outline for the written part is:

• Intro to User Centric Identity -- statement of problem (300-400 words)
• Technology: OpenID & CardSpace (700 words)
• User-Centric Identity in the Enterprise - how can I use it now? (touch on security, privacy, federation, customers, limitations, etc) (800-1000 words)
• Futures - where is this going? (500 words)

If you have ideas on any of these areas, please let me know or leave a comment. I'm particularly interested in where you think this will go in the near term.

Tags: identity infoworld

Dick Hardt is giving a new talk at Defrag. He's talking about trust; his thesis is that trust defrags identity. Much of what's he's saying is right in line with the reputation work (PDF) my students and I have been working on. He makes a critical link to identity: identifiers bind personas together to increase trust.

Intuition doesn't work well online because of the absence of clues and the ability to create false context. Institutions haven't done much better. He brings up another key concept this is largely about accountability.

Key point: binding behavior from multiple sites together leads to better accountability. This doesn't mean that we can't have multiple personas just that we ought to be able to link them if we feel the reward is worth the loss of privacy.

Tags: trust identity defrag reputation

I just created an account at Proquo and spent 15 minutes stopping the insane amount of junk mail I get. Most of the "do not mail" lists you get on with a simple click and some require filling out a form off the site. The most obnoxious was the DMA, which charges a dollar "to cut down on fraud"--yeah, sure. Like I trust them. The credit card link, unfortunately, didn't work--I'd love to get Capital One out of my life. I'll see if in a few months the volume has significantly reduced and let you know.

Tags: identity privacy

Victor Grey and Kermit Snelson have created an XRI proxy resolver in Ruby called Barx. In it's most simple form, a proxy resolver returns an XRDS document when given an XRI. From the spec: "Proxy resolvers enable applications even those that do not natively understand XRIs but can process HTTP URIs---to easily access the functions of an XRI resolver remotely." An example is xri.net. Barx implements the entire XRI resolution spec with the exception of SAML trusted resolution.

According to Victor, "[t]he proxy resolver is a fast HTTP server based on Mongrel and Merb that can be run as a local service (on localhost:someport) to provide XRI resolution and caching for other applications such as OpenID relying parties, or as a scalable public service if desired." The Ruby gem can be installed with

gem install barx

and the proxy can be downloaded from Rubyforge.

Tags: xri identity ruby

There was a time that people in the Drivers License Bureau didn't want to be in the ID business. I can remember having the head of Utah's DL bureau tell me in no uncertain terms that the drivers license was not an identity document.

Times have changed. I can only imagine that the emergence of REAL ID has given the bureaucrats an idea of how much power there could be in being the primary arbiter of truth. This change is reflected in the sessions at a conference on REAL ID for state bureaucrats that Jim Harper brought to my attention.

Jim quotes one of the blurbs on a session from the conference:

Bringing Your Public Onboard For Smoother Legislature Changes

... [E]very State DMV needs to find a way to educate their public so that they can ensure the legislature changes necessary to become Real ID compliant. So how exactly can you do this? This session will examine how you can change your public's perception as quickly and as cost effectively as possible.

• Listen to your people: Examining the direct impact on your public so that you understand the perception you are trying to change
• Know which marketing methods will be most effective at reaching your public
• Examine how much of your budget a public relations exercise is worth: Measuring cost against outcome

Of course, this isn't anything new. Taxpayers frequently foot the bills for people in government to go to a conference and learn how to advance their agenda. We hope they're doing this for our benefit. Vigorous legislative oversight is the only way to ensure that they are.

Tags: politics identity realid

I gave my tutorial this morning. The room was almost full, which pleased me. I didn't have enough time--never enough time--to get to everything that was interesting, but I think we hit the high points. I promised people I'd my my slides (PDF) available here.

At the end of the talk, I demoed using a signon.com issued OpenID to log into Jyte and authenticated at signon.com with a self-issued InfoCard using the DigitalMe card selector on OS X. We didn't have time to trace through what was happening, but interested people can at least try it themselves and see what's going on.

Tags: identity didw07

Kim Cameron is talking about claims. Today's landscape is filled with silos. The perimeters are purposely impermeable. Users are reduced to the system's definition of them within those boundaries. Digital experience is organized from the point of view of the system, not the user--who employs many systems. There are gates at the edges to control movement in and out of each system. The technology landscape is rigid in terms of protocols, formats, syntax and semantics. The system represents a single source of truth.

Users want to obtain a service, not be defined by it. We face all kinds of silos: operating systems, applications, enterprises, services, networks, and the access control stack.

Security in this world is based on layers of protection, but there's no end-to-end policy for coordinating their actions.

Claims are the information through which loosely coupled components can decide whether and how to provide services. There are different sources of claims for different purposes. A claim is an assertion which is in doubt. Claims describe entities. Claims can be static, relationship based, derived, describe capabilities, or even be claims about other claims (meta-claims).

An identity provider is a claims transformer. Those transformers can transform trust (partner claim to local claim), format (X.509 cert to SAML token), and content (role to access). To get loose coupling, we need systems that are linked by claims that can be transfered, transformed, and evaluated to match local needs.

In short, user-controlled claims are the key to loose coupling. My personal experience is that this is a tough concept for many in IT to understand. They like the idea of loose coupling, but their instinct is towards control--which leads to tight coupling.

Tags: identity didw07

Some thoughts on identity from Phil Becker. Identity transforms security from "keep out unauthorized" to "allow access by authorized." Digital identity is the organizing construct for a distributed, service oriented computing that allows it to dynamically adjust to the needs of each user while simultaneously following the policies of various authorities who control and manage the data and applications being used, ad enabling visibility into what occurs.

Identity today:

• Identity deployments now succeed far more often than they fail
• Identity virtualization and federation are prover technologies with growing deployment base
• Authentication has evolved significantly in response to use experience requirements.
• Regaining lost visibility for compliance is a continuing driver as is compliance automation.
• Self service delegation has become a big driver.

The coming third wave: truly networked management by identity. The drivers:

• The nature of networking drives promiscuous inconnectivity and use empowerment (self-service)
• Scale revealing the need to modularize solutions and have interoperability standards
• The nee to interconnect (and network identity systems becomes undeniable.

Identity's natural state is decentralized, since it has its origins in many disparate places. The concept that we can centralize identity data on a large scale has been tried and found wanting. The task is to manage and leverage identity while respecting it's decentralized nature.

The future:

• Greatly increased networking between identity management domains
• The emergence of compelling identity based user experience driven applications

Tags: identity didw07

I posted a short piece at BTL about the Bandit project's InfoCard selector for the Mac. There have been some solutions in the past, but they were hard to install or flaky. This one is solid and the install is a breeze.

Tags: osx identity cardspace novell

Here's the slides from the user centric identity tutorial that I gave this afternoon. The PDF won't show the embedded screencasts. I've included them separately. Here's one on using CardSpace and one on using OpenID. If you're interested in getting my Perl wrappers for using the JanRain OpenID libraries and the guestbook application, contact me.

Tags: identity utosc uosc07 openid