Iiw11introtalk

XI
November 2, 2010
INTRODUCTION
by Kaliya Hamlin @identitywoman

Monday, December 6, 2010

Where does my personal inspiration about user-
centric digital identity come from?

Building Identity and
Trust into the Next
Generation Internet

asn.planetwork.net


Who am I?

IDENTITY GANG! Internet Identity Workshop
formed in 2004 iiw.idcommons.net
www.internetidentityworkshop.com


We have been meeting together every 6 months since the fall of 2005.
The Internet Identity Workshop is the work group of Identity Commons
an industry consortia & community linking many efforts focused on a
people centric identity layer of the net.
The Workshop provides open forum for both the big guys and the
small fry to come together in a safe and balanced space. It is not
about any one technology - rather it is a place to discuss multiple
interoperating (and possible competing) projects, standards, and
networks for identity, data sharing, and reputation.

IIW is Co-Produced by Phil Windley (@windley),Kaliya Hamlin (@identitywoman) & Doc Searls (dsearls)
IIWX is being co-facilitated by Kaliya Hamlin and Heidi Nobantu Saul (@nobantu).
The Notes Collection Center is being run by Kas Neteler (@kasneteler) and Heidi Nobantu Saul.


Face 2 Face DIDW
Meetings Burton Group IIW5
RSA IOS 4
2007 IIW 4 IOS 3
IOS 2 OSIS Interop 2

2006 IIW 3 Data Sharing Workshop
DIDW
RSA Burton Group
IOS 1 OSIS Interop 1
2005 DIDW IIW 2
2004 DIDW IIW 1

2003
DIDW

Face 2 Face DIDW
Meetings Burton Group IIW 11
2010 RSA
IIW 10
DIDW
2009 Burton Group
IIW 9
RSA
DIDW IIW 8
Burton Group OSIS Interop5

RSA IIW 7
2008 OSIS Interop 4
IIW 6 Data Sharing Summit

Data Sharing Workshop OSIS Interop 3


Broad Base of Participation SMALL COMPANY
BIG COMPANY SPONSORS SPONSORS
NONPROFIT SPONSORS
MSFT FuGen Solutions
ISOC
PingID OUNO
Kantara/Liberty Alliance CORPORATE PARTICIPANTS
SUN Rel-ID
Info Card Foundation Paypal
Facebook Poken
OASIS IDTrust Booz Allen Hamilton SMALL COMPANY
Google Vidoop
Mozilla Apple PATICIPANTS
Yahoo Chimp
Higgins Project
Cisco
Burton Group Authentrus Ångströ
Bandit Project Hewlett Packared Digg, Inc.
Plaxo Sxip
Planetwork International Business Machines Privo
Internet Society Commerce Net Intuit ClaimID
Expensify
Adobe LexisNexis FamilySearch.org
NONPROFIT BT Nippon Telegraph and Telephone Corporation FreshBooks
PARTICIPANTS Novell Nokia Siemens Networks Gigya
Center for Democracy and Facebook NRI Gluu
Technology AOL Oracle Janrain
DataPortability Project Ping Identity Orange Kynetx
IdM Network Netherlands Paypal / eBay Rackspace NetMesh Inc.
OCLC Radiant Logic Protiviti
Open Forum Foundation
World Economic Forum
Sony Ericsson
The MITRE Corporation
IETF Socialtext
TriCipher, Inc.
UNIVERSITY PARTICIPANTS
Tucows Inc
VeriSign, Inc.
W3C Trusted-ID
Wave Systems
Goldsmiths, University of London
Newcastle University
Stanford University
Vodafone Group R &D
Alcatel-Lucent OASIS Six Apart

Acxiom Identity Solutions
Acxiom Research
GOVERNMENT PARTICIPANTS Equifax
Office of the Chief Informaiton Office,
Province of British Columbia
LinkedIn
Amazon
and more...

Unconference Format


a Shared History


SHARED EXPERIENCE in past wars

THE Directory Wars
of the 90s


SHARED EXPERIENCE in past wars

Passport & Hailstorm
vs


a Shared Context


CONTEXT For Shared Vision

IDENTITY GANG!
formed in 2004


Early on the Identity Gang list was a critical forum for community
collaboration it is still active here & many of the protocol efforts &
foundations that have emerged have their own lists.

http://lists.idcommons.net/lists/info/community



The Identity Gang was probably one of the ﬁrst technical communities to have a very active
community blog life that complemented our mailing list conversations. Doc Searls played a
critical role in getting almost all community members to blog in the early days of the
community 2004-2005.

There are several aggregated blogs you can go to get a sense of activity in the community.
The Classic - www.planetidentity.org/
A newer one under development - http://seriouslyidentity.com/



s
Wiki forums were critical for sharing ideas and
common language like the Lexicon


Real Time Web Tools

SEARCH

These are newer mediums for collaboration and
information sharing using #hashtags etc. to connect work.


a Shared Language


SHARED LANGUAGE
developed in Shared Context
Identity Gang LEXICON (driven by Paul Trevithick)
in August 2005
1.Agent 6. Entity
2.Claim 7. Identity Attribute
3.Claimant 8. Identity Context
4.Digital Identity 9. Party
5.Digital Identity Provider 10. Persona
6.Digital Subject 11. Relying Party

http://wiki.idcommons.net/Lexicon

a Shared Understanding


SHARED UNDERSTANDING
using shared language
Laws of Identity

Kim Cameron in May 2005

http://www.identityblog.com/stories/2004/12/09/thelaws.html

Laws of Identity Kim Cameron in May 2005
1. User Control and Consent
2. Minimal Disclosure for a Constrained Use
3. Justifiable Parties
4. Directed Identity
5. Pluralism of Operators and Technologies
6. Human Integration
7. Consistent Experience Across Contexts


A Bill of Rights for Users of the Social Web September 4, 2007
Authored by Joseph Smarr, Marc Canter, Robert Scoble, and Michael Arrington

Preamble:
There are already many who support the ideas laid out in this Bill of Rights, but we are actively seeking
to grow the roster of those publicly backing the principles and approaches it outlines. That said, this Bill
of Rights is not a document “carved in stone” (or written on paper). It is a blog post, and it is intended
to spur conversation and debate, which will naturally lead to tweaks of the language. So, let’s get the
dialogue going and get as many of the major stakeholders on board as we can!
A Bill of Rights for Users of the Social Web
We publicly assert that all users of the social web are entitled to certain fundamental rights, specifically:
• Ownership of their own personal information, including:
◦ their own profile data
◦ the list of people they are connected to
◦ the activity stream of content they create;
• Control of whether and how such personal information is shared with others; and
• Freedom to grant persistent access to their personal information to trusted external sites.

Sites supporting these rights shall:
• Allow their users to syndicate their own profile data, their friends list, and the data that’s shared
with them via the service, using a persistent URL or API token and open data formats;
• Allow their users to syndicate their own stream of activity outside the site;
• Allow their users to link from their profile pages to external identifiers in a public way; and
• Allow their users to discover who else they know is also on their site, using the same external
identifiers made available for lookup within the service.

OECD Paper Properties of Identity
At a Crossroads: "Personhood"
and the Digital Identity in the
Information Society

http://bit.ly/OECDdigitalpersonnood

Properties of Identity
1.Identity is social. 6.Identity is consequential.
2.Identity is subjective. 7.Identity is dynamic.
3.Identity is valuable. 8.Identity is contextual.
4.Identity is referential. 9.Identity is equivocal.
5.Identity is composite.
OECD Paper At a Crossroads: "Personhood" and the Digital Identity in
the Information Society

The Properties of Identity were articulated by Bob Blakley, Jeff Broberg, Anthony Nadalin, Dale Olds,
Mary Ruddy, Mary Rundle, and Paul Trevithick.



Identifiers Claims
Single String Pairs
A claim is by one party about
Identifiers link things together another or itself.
and enable correlation.
It does not have to be linked to
They can be endpoints on the an identifier.
internet.
Proving you are over 18 for
example and not giving your
real name.


Project VRM - 4th Parties

http://bit.ly/VRM4thParty


TECHNOLOGY

SOCIAL ? BUSINESS

LEGAL


What is User Centric Digital Identity?


The Identity Dog
Represents 2 things:

* Freedom to be who you want to be

* Freedom to share more speciﬁc
info about yourself that is validated


Freedom to Aggregate


Freedom to Disaggregate


Freedom to Disaggregate

X

X
Why does User Centric Digital Identity Matter?

http://www.fullenglishfood.com/?p=799

Buddhist in Tennessee

http://religions.iloveindia.com/buddhism.html http://wwp.greenwichmeantime.com/time-zone/usa/tennessee/map.htm


Women having the freedom not to present as women.

Why James Chartrand
Wears Women’s Underpants

http://www.copyblogger.com/james-chartrand-underpants/

Real world examples of women managing different
personae from She’s Geeky conference.
1) Live Journal Friends
2) Professional ID
3) Feminist Identity 1) Me linked to real name
2) Spiritual
3) Gaming

1) Totally Professional on Domain, GMail, LinkedIN
2) Social but me on Facebook
3) Spiritual under pseudonym on Live Journal


Goofy Habits or Hobbies


Freedom of Expression

personal
and
political


Freedom of Action

Teachers being able to drink Young people free to
socially when in own time. explore themselves

BLIZARD WoW in game ID
vs “RealID” change

this comes from not having all contexts linked together

Freedom of
Movement and Assembly

Freedom to group and cluster outside commercial silos
& business contexts.


Freedom to
Peer-to-Peer Link

Freedom to determine
how the link is seen by
others


What is the context for people gathering?

“We’re trying to build a social
layer for everything.”
- Mark Zuckerburg

OR


How can people and groups be
ﬁrst class objects on the web
(and other electronic networks)?


Transition to Technology Section


Text
Text
+
?
Can you have both?


OpenID 101
(identiﬁer)


OpenID has a Ton of Issues

• security
• no payload - identiﬁers are not enough
• people donʼt understand format URL
• people donʼt have their own domains
• often 3rd level domain
• Nascar Problem
• ADOPTION

• Namespace issue - “solved Facebook”


Users take actions on your site
Users come to your site to consume
your unique content. They take

Connect actions like commenting, reviewing,
making purchases, rating, and more.
Users share with friends, who
discover your site
With Facebook Connect, users can
easily share your content and their
actions with their friends on
Facebook. As these friends discover
your content, they click back to your
site, engaging with your content and
completing the viral loop.
Social features increase
engagement
Creating deeper, more social
integrations keeps users engaged with
your site longer, and more likely to
take actions they share with their
friends. (For example — don't just
show users what's most popular on
your site, but what's most popular
with their friends on your site.)


Proposal for OpenID Connect

The response is a JSON object which contains some (or all) of the
following reserved keys:
• user_id - e.g. "https://graph.facebook.com/24400320"
• asserted_user - true if the access token presented was issued by
this user, false if it is for a different user
• profile_urls - an array of URLs that belong to the user
• display_name - e.g. "David Recordon"
• given_name - e.g. "David"
• family_name - e.g. "Recordon"
• email - e.g. "recordond@gmail.com"
• picture - e.g. "http://graph.facebook.com/davidrecordon/picture"

The server is free to add additional data to this response (such as
Portable Contacts) so long as they do not change the reserved OpenID
Connect keys.


Information Cards (claims)

informationcard.net


Managed Cards Come in two Flavors

“Phones Home” Doesn’t “Phone Home”

Government
Employee issued ID Issued age
veriﬁcation
the employer sees
where used just like a drivers
license in the real
world


Veriﬁed Anonymity (U-Prove)


Information Cards have a ton of issues:

• Relying Party Adoption
• why shift to claims from identiﬁers
• Where are the libraries and tools for Relying
parties

• Client Download Required
• New User Experience
• What are Active Clients and How do they work
• Risk & Liability Models are Unclear
• If a claim is validated and it is untrue who is liable


More Technologies


XRD
(the most successful standard arising
from user centric ID community that
you have never heard of)


Discovery =
Patterns +
Interfaces +
Descriptors


Evolution of Discovery
XRDS --> XRD-Simple --> XRD
(within XRI spec)


Application of

XRI/XDI


OStatus isn't a new protocol; it
applies some great protocols in a natural
and reasonable way to make distributed
social networking possible.
• Activity Streams encode social events in
standard Atom or RSS feeds.
• PubSubHubbub pushes those feeds in
realtime to subscribers across the Web.
• Salmon notifies people of responses to
their status updates.
• Webfinger makes it easy to find people
across social sites.

OAuth


User Managed
Access


SAML

SAML has two parts used in higher education
1. Authentication
2. Proﬁles


Protocol Family Tree
XNS XNS.org
Current Organizations

Organizations (no longer) XDI XRI
XDI.ORG
Event
XRDS Internet
Identity
Independent Open Protocol
Workshop

XRD #1 Oct 2005
i-names
(no longer) Simple XRI
Protocol standardized at OASIS YADIS
OpenID
Protocol standardized at OASIS
earlier version (no longer) XRD v1
OpenID LID
v2
sxip
OpenID
Web Foundation
OpenID
Finger v Next


Big Challenge Protocol Interop


OSIS Interop


3rd Interop RSA Conference
Spring 2007
European Identity Conference


Open Identity For Open
Government
Fast Company blog post by Kaliya
Government Experimenting with http://bit.ly/FastCo-IDGov
Identity Technologies

Government Services
Administration website on ID http://bit.ly/ID-Gov-Open


Trust Frameworks /
Policy Repositories
Open Identity Exchange
Policy Repository Levels of
for Auditors Levels of Assurance Protection
Trust Frameworks Identity Providers Relying Parties

ICAM
John Google
Relying Party
Steensen

OCLC PayPal

Other
Relying Party
Auditor
PBS Kids Equifax

Other
Auditor Yahoo!
XAuth


SHARED VISION for people’s identity
on the scale of the web.


Freedom
and
Autonomy
for People

Open Standards
are Essential


No One
Dominant Player


There will be a
Big Bang
With all new technologies there is a point at which new things start
happening that the creators of the technology did not envision this is a
big bang in identity.


Mission statements:
• Identity Commons: Support, facilitate, and promote the creation of an open identity layer
for the Internet, one that maximizes control, convenience, and privacy for the individual
while encouraging the development of healthy, interoperable communities.

• Information Card Foundation: Promote, protect, and enable the development of an open,
trusted, interoperable, royalty-free identity layer for the Internet that maximizes control over
personal information by individuals

• OpenID Foundation: To foster and promote the development of, public access to, and
adoption of OpenID as a framework for user-centric identity on the Internet; and To acquire,
create, hold, and manage intellectual property related to OpenID and provide equal access to
such intellectual property to the OpenID community and public at no charge.

• Kantara Intiative: Foster identity community harmonization, interoperability, innovation,
and broad adoption through the development of open identity specifications, operational
frameworks, education programs, deployment and usage best practices for privacy-
respecting, secure access to online services

• Open Identity Exchange: Collecting aggregating, and distributing information regarding
the identity-related services industry to businesses and other stakeholders in that industry in
order to improve conditions in that industry by fostering innovation, market transparency,
and identity-related product and service interoperability; Providing a neutral, open market
registration system for participants in the identity-related services industry;

• Data Portability Project: Data portability enables a borderless experience, where people
can move easily between network services, reusing data they provide while controlling their
privacy and respecting the privacy of others. Our Mission is to help people to use and protect
the data they create on networked services, and to advocate for compliance with the values
of DataPortability.


Planetwork
Loose Afﬁliations of People Evolution of Identity Community Link Tank
FireFly

Liberty Alliance
Current Organizations Higgins
Project SUN Oracle BT
Microsoft Identity
Lots of Companies Commons (1)
Organizations (no longer) Passport XRI
XDI
Hailstorm SAML
v1 & 2
Company
Identity
IBM Gang
Proprietary Service (no longer)
VENN OF
IDENTITY
Protocol standardized at OASIS Internet Identity
OpenID Workshop
v2
Protocol standardized at OASIS IMI
Identity Metasystem OpenID
earlier version (no longer) Interoperability Foundation
TIME

Information Card
Standard
Information
Card
Independent Open Protocol Foundation Identity
Commons (2)
(no longer)
Pamela
Project
Paper:Shared Understanding
Kantara Intiative
Project to be
annouced at
Event IIW

Open Identity
Exchange
Project to be
Project with Code annouced at
IIW


Collaboration


One of the main community organizations linking various
efforts is Identity Commons.

OIX
Open ID
PDX
OSIS
Open Source
Key
Foundation Identity System
Information
Group that who's
Card home is at Identity
Foundation IDMedia Commons
Review
XDI.ORG

Data Independant
Photo Nonproﬁt
Portability
Project
Identity Group Organization

Commons Kids
Internet Identity Online Project at
Workshop another
organization

Project Identity
Schemas Identity
VRM Gang
Nick's
Pamela Legacy EVENT
Higgins Project ID-Legal
Project


Conclusion: a funny take the identity dog logo

On the dog, no one knows when
you’re on the Internet.

www.internetidentityworkshop.com

www.idcommons.net

Kaliya Hamlin
@identitywoman
kaliya@mac.com
www.identitywoman.net

Iiw11introtalk

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à Iiw11introtalk

Similaire à Iiw11introtalk (20)

Plus de Kaliya "Identity Woman" Young

Plus de Kaliya "Identity Woman" Young (20)

Iiw11introtalk