Iiw11introtalk

November 2, 2010

INTRODUCTIONby Kaliya Hamlin @identitywoman

XI

Monday, December 6, 2010

Building Identity and Trust into the Next Generation Internet

asn.planetwork.net

Where does my personal inspiration about user-centric digital identity come from?


Who am I?

IDENTITY GANG! formed in 2004

Internet Identity Workshopiiw.idcommons.net

www.internetidentityworkshop.com


http://www.internetidentityworkshop.com


We have been meeting together every 6 months since the fall of 2005. The Internet Identity Workshop is the work group of Identity Commons an industry consortia & community linking many efforts focused on a people centric identity layer of the net. The Workshop provides open forum for both the big guys and the small fry to come together in a safe and balanced space. It is not about any one technology - rather it is a place to discuss multiple interoperating (and possible competing) projects, standards, and networks for identity, data sharing, and reputation.

IIW is Co-Produced by Phil Windley (@windley),Kaliya Hamlin (@identitywoman) & Doc Searls (dsearls) IIWX is being co-facilitated by Kaliya Hamlin and Heidi Nobantu Saul (@nobantu). The Notes Collection Center is being run by Kas Neteler (@kasneteler) and Heidi Nobantu Saul.


2003

2004

2006

IIW 1

IIW 2

IIW 3

2005IOS 1

IOS 2

2007

DIDW

DIDW

DIDW

DIDW

DIDW

IOS 3IIW 4

IIW5

IOS 4RSA

Burton Group

RSA Burton Group

Data Sharing Workshop

OSIS Interop 1

OSIS Interop 2

Face 2 Face Meetings


2009

2010

DIDW

DIDW

DIDW

RSABurton Group

RSA

Burton Group

RSABurton Group

IIW 6

IIW 7

IIW 8

IIW 9

IIW 10

IIW 11

2008

Data Sharing Workshop

Data Sharing Summit

OSIS Interop 3

OSIS Interop 4

OSIS Interop5

Face 2 Face Meetings


Broad Base of Participation BIG COMPANY SPONSORSMSFTPingIDSUNFacebookGoogleYahooCiscoPlaxoCommerce NetAdobeBTNovellFacebookAOLPing IdentityPaypal / eBay

NONPROFIT SPONSORSISOCKantara/Liberty AllianceInfo Card FoundationOASIS IDTrustMozillaHiggins ProjectBandit ProjectPlanetworkInternet Society

CORPORATE PARTICIPANTSPaypal Booz Allen Hamilton AppleBurton GroupHewlett PackaredInternational Business MachinesIntuitLexisNexisNippon Telegraph and Telephone CorporationNokia Siemens NetworksNRIOracleOrangeRackspaceRadiant LogicSony EricssonThe MITRE CorporationTucows IncVeriSign, Inc.Vodafone Group R &DAlcatel-LucentAcxiom Identity SolutionsAcxiom ResearchEquifaxLinkedInAmazon

SMALL COMPANYSPONSORSFuGen SolutionsOUNORel-IDPokenVidoopChimpAuthentrusSxipClaimID

IETFW3COASIS

SMALL COMPANY PATICIPANTSÅngströDigg, Inc.PrivoExpensifyFamilySearch.orgFreshBooksGigyaGluuJanrainKynetxNetMesh Inc.ProtivitiSocialtextTriCipher, Inc.Trusted-IDWave SystemsSix Apart

NONPROFIT PARTICIPANTSCenter for Democracy and TechnologyDataPortability ProjectIdM Network NetherlandsOCLCOpen Forum FoundationWorld Economic Forum

UNIVERSITY PARTICIPANTSGoldsmiths, University of LondonNewcastle UniversityStanford University

GOVERNMENT PARTICIPANTSOffice of the Chief Informaiton Office, Province of British Columbia

and more...


Unconference Format


a Shared History


THE Directory Wars of the 90s

SHARED EXPERIENCE in past wars


SHARED EXPERIENCE in past wars

vs

Passport & Hailstorm


a Shared Context


IDENTITY GANG! formed in 2004

CONTEXT For Shared Vision



Early on the Identity Gang list was a critical forum for community collaboration it is still active here & many of the protocol efforts & foundations that have emerged have their own lists.

http://lists.idcommons.net/lists/info/community





The Identity Gang was probably one of the first technical communities to have a very active community blog life that complemented our mailing list conversations. Doc Searls played a critical role in getting almost all community members to blog in the early days of the community 2004-2005.

There are several aggregated blogs you can go to get a sense of activity in the community.The Classic - www.planetidentity.org/A newer one under development - http://seriouslyidentity.com/


http://www.planetidentity.org/

http://www.planetidentity.org/

http://seriouslyidentity.com/

http://seriouslyidentity.com/

s


Wiki forums were critical for sharing ideas and common language like the Lexicon


Real Time Web Tools


SEARCH

These are newer mediums for collaboration and information sharing using #hashtags etc. to connect work.


a Shared Language


SHARED LANGUAGE developed in Shared Context

Identity Gang LEXICON (driven by Paul Trevithick)in August 2005

1.Agent2.Claim3.Claimant4.Digital Identity5.Digital Identity Provider 6.Digital Subject

6. Entity7. Identity Attribute8. Identity Context9. Party10. Persona11. Relying Party

http://wiki.idcommons.net/LexiconMonday, December 6, 2010

http://wiki.idcommons.net/Lexicon

http://wiki.idcommons.net/Lexicon

a Shared Understanding


SHARED UNDERSTANDINGusing shared language

Laws of Identity

Kim Cameron in May 2005

http://www.identityblog.com/stories/2004/12/09/thelaws.htmlMonday, December 6, 2010

http://www.identityblog.com/stories/2004/12/09/thelaws.html

http://www.identityblog.com/stories/2004/12/09/thelaws.html

Laws of Identity 1.User Control and Consent

2.Minimal Disclosure for a Constrained Use

3.Justifiable Parties

4.Directed Identity

5.Pluralism of Operators and Technologies

6.Human Integration

7.Consistent Experience Across Contexts

Kim Cameron in May 2005



A Bill of Rights for Users of the Social Web September 4, 2007

Authored by Joseph Smarr, Marc Canter, Robert Scoble, and Michael Arrington

Preamble:There are already many who support the ideas laid out in this Bill of Rights, but we are actively seeking to grow the roster of those publicly backing the principles and approaches it outlines. That said, this Bill of Rights is not a document “carved in stone” (or written on paper). It is a blog post, and it is intended to spur conversation and debate, which will naturally lead to tweaks of the language. So, let’s get the dialogue going and get as many of the major stakeholders on board as we can!

A Bill of Rights for Users of the Social WebWe publicly assert that all users of the social web are entitled to certain fundamental rights, specifically:

• Ownership of their own personal information, including:◦ their own profile data◦ the list of people they are connected to◦ the activity stream of content they create;

• Control of whether and how such personal information is shared with others; and• Freedom to grant persistent access to their personal information to trusted external sites.

Sites supporting these rights shall:• Allow their users to syndicate their own profile data, their friends list, and the data that’s shared

with them via the service, using a persistent URL or API token and open data formats;• Allow their users to syndicate their own stream of activity outside the site;• Allow their users to link from their profile pages to external identifiers in a public way; and• Allow their users to discover who else they know is also on their site, using the same external

identifiers made available for lookup within the service.



http://opensocialweb.org/2007/09/05/bill-of-rights/

http://opensocialweb.org/2007/09/05/bill-of-rights/

http://josephsmarr.com/

http://josephsmarr.com/

http://marc.blogs.it/

http://marc.blogs.it/

http://scobleizer.com/

http://scobleizer.com/

http://techcrunch.com/

http://techcrunch.com/

Properties of Identity OECD Paper At a Crossroads: "Personhood" and the Digital Identity in the Information Society


http://bit.ly/OECDdigitalpersonnoodMonday, December 6, 2010

http://bit.ly/OECDdigitalpersonnood

http://bit.ly/OECDdigitalpersonnood

Properties of Identity 1.Identity is social.2.Identity is subjective.3.Identity is valuable.4.Identity is referential. 5.Identity is composite.

6.Identity is consequential. 7.Identity is dynamic.8.Identity is contextual. 9.Identity is equivocal.

OECD Paper At a Crossroads: "Personhood" and the Digital Identity in the Information Society

The Properties of Identity were articulated by Bob Blakley, Jeff Broberg, Anthony Nadalin, Dale Olds, Mary Ruddy, Mary Rundle, and Paul Trevithick.



Identifiers ClaimsSingle String Pairs

SHARED UNDERSTANDING

Identifiers link things together and enable correlation.

They can be endpoints on the internet.

A claim is by one party about another or itself.

It does not have to be linked to an identifier.

Proving you are over 18 for example and not giving your real name.


Project VRM - 4th Parties


http://bit.ly/VRM4thPartyMonday, December 6, 2010

http://bit.ly/VRM4thParty

http://bit.ly/VRM4thParty


TECHNOLOGY

LEGAL

SOCIAL BUSINESS?


What is User Centric Digital Identity?


The Identity DogRepresents 2 things:

* Freedom to be who you want to be

* Freedom to share more specific info about yourself that is validated


What is User Centric Digital Identity?


Freedom to Aggregate


Freedom to Disaggregate


XFreedom to Disaggregate


http://www.fullenglishfood.com/?p=799

XWhy does User Centric Digital Identity Matter?


Buddhist in Tennessee

http://wwp.greenwichmeantime.com/time-zone/usa/tennessee/map.htmhttp://religions.iloveindia.com/buddhism.html


http://wwp.greenwichmeantime.com/time-zone/usa/tennessee/map.htm

http://wwp.greenwichmeantime.com/time-zone/usa/tennessee/map.htm

http://religions.iloveindia.com/buddhism.html

http://religions.iloveindia.com/buddhism.html

Women having the freedom not to present as women.

http://www.copyblogger.com/james-chartrand-underpants/

Why James Chartrand Wears Women’s Underpants




1) Live Journal Friends2) Professional ID3) Feminist Identity

1) Totally Professional on Domain, GMail, LinkedIN2) Social but me on Facebook3) Spiritual under pseudonym on Live Journal

1) Me linked to real name2) Spiritual3) Gaming

Real world examples of women managing different personae from She’s Geeky conference.


Goofy Habits or Hobbies


personal and

political

Freedom of Expression


Teachers being able to drink socially when in own time.

BLIZARD WoW in game IDvs “RealID” change

Young people free to explore themselves

Freedom of Action

this comes from not having all contexts linked togetherMonday, December 6, 2010

Freedom to group and cluster outside commercial silos& business contexts.

Freedom of Movement and Assembly


Freedom to Peer-to-Peer Link

Freedom to determine how the link is seen by

others


What is the context for people gathering?

“We’re trying to build a social layer for everything.”

- Mark ZuckerburgMonday, December 6, 2010

OR


How can people and groups be first class objects on the web

(and other electronic networks)?


Transition to Technology Section


TextText

+?

Can you have both?


OpenID 101 (identifier)


OpenID has a Ton of Issues

• security• no payload - identifiers are not enough• people donʼt understand format URL• people donʼt have their own domains• often 3rd level domain• Nascar Problem• ADOPTION

• Namespace issue - “solved Facebook”


Users take actions on your siteUsers come to your site to consume your unique content. They take actions like commenting, reviewing, making purchases, rating, and more.Users share with friends, who discover your siteWith Facebook Connect, users can easily share your content and their actions with their friends on Facebook. As these friends discover your content, they click back to your site, engaging with your content and completing the viral loop.Social features increase engagementCreating deeper, more social integrations keeps users engaged with your site longer, and more likely to take actions they share with their friends. (For example — don't just show users what's most popular on your site, but what's most popular with their friends on your site.)

Connect


The response is a JSON object which contains some (or all) of the following reserved keys:

• user_id - e.g. "https://graph.facebook.com/24400320"• asserted_user - true if the access token presented was issued by

this user, false if it is for a different user• profile_urls - an array of URLs that belong to the user• display_name - e.g. "David Recordon"• given_name - e.g. "David"• family_name - e.g. "Recordon"• email - e.g. "[email protected]"• picture - e.g. "http://graph.facebook.com/davidrecordon/picture"

The server is free to add additional data to this response (such as Portable Contacts) so long as they do not change the reserved OpenID Connect keys.

Proposal for OpenID Connect


http://portablecontacts.net/draft-spec.html

http://portablecontacts.net/draft-spec.html

Information Cards (claims)

informationcard.net


Employee issued ID

the employer sees where used

Government Issued age verification

just like a drivers license in the real world

“Phones Home” Doesn’t “Phone Home”

Managed Cards Come in two Flavors


Verified Anonymity (U-Prove)


Information Cards have a ton of issues:

• Relying Party Adoption• why shift to claims from identifiers• Where are the libraries and tools for Relying

parties

• Client Download Required• New User Experience• What are Active Clients and How do they work

• Risk & Liability Models are Unclear• If a claim is validated and it is untrue who is liable


More Technologies


XRD (the most successful standard arising from user centric ID community that you have never heard of)


Discovery = Patterns +

Interfaces + Descriptors


XRDS --> XRD-Simple --> XRD (within XRI spec)

Evolution of Discovery


Application of

XRI/XDI


OStatus isn't a new protocol; it applies some great protocols in a natural and reasonable way to make distributed social networking possible.• Activity Streams encode social events in standard Atom or RSS feeds.

• PubSubHubbub pushes those feeds in realtime to subscribers across the Web.

• Salmon notifies people of responses to their status updates.

• Webfinger makes it easy to find people across social sites.


http://activitystrea.ms/

http://activitystrea.ms/

http://code.google.com/p/pubsubhubbub/

http://code.google.com/p/pubsubhubbub/

http://www.salmon-protocol.org/

http://www.salmon-protocol.org/

http://code.google.com/p/webfinger/

http://code.google.com/p/webfinger/

OAuth


User Managed Access


SAML

SAML has two parts1. Authentication2. Profiles

used in higher education


Protocol Family Tree

OpenID

Foundation

XNS

XDI XRI

XNS.org

XDI.ORG

OpenID

v1

LID

i-names

XRI

sxip

OpenIDv2

YADIS

XRD

XRD Simple

OpenID

v Next

Web Finger

XRDS

Current Organizations

Organizations (no longer)

Event

Independent Open Protocol


(no longer)

Protocol standardized at OASIS


earlier version (no longer)

Internet

Identity

Workshop

#1 Oct 2005


Big Challenge Protocol Interop


OSIS Interop


3rd InteropSpring 2007

RSA Conference

European Identity Conference


Open Identity For Open Government

http://bit.ly/ID-Gov-Open

http://bit.ly/FastCo-IDGovFast Company blog post by KaliyaGovernment Experimenting with

Identity Technologies

Government Services Administration website on ID




http://bit.ly/FastCo-IDGov

http://bit.ly/FastCo-IDGov

Trust Frameworks / Policy Repositories

Google

PayPal

Equifax

Yahoo!

AuditorsPolicy Repository

for

Trust Frameworks

ICAM John Steensen

OCLC

XAuth

PBS Kids

Levels of Assurance

Identity Providers

Levels of

Protection

Relying Parties

OtherAuditor

Open Identity Exchange

OtherAuditor

Relying Party

Relying Party


SHARED VISION for people’s identity on the scale of the web.


Freedom and

Autonomy for People


Open Standardsare Essential


No One Dominant Player


There will be a Big Bang

With all new technologies there is a point at which new things start happening that the creators of the technology did not envision this is a

big bang in identity.


Mission statements:• Identity Commons: Support, facilitate, and promote the creation of an open identity layer

for the Internet, one that maximizes control, convenience, and privacy for the individual while encouraging the development of healthy, interoperable communities.

• Information Card Foundation: Promote, protect, and enable the development of an open, trusted, interoperable, royalty-free identity layer for the Internet that maximizes control over personal information by individuals

• OpenID Foundation: To foster and promote the development of, public access to, and adoption of OpenID as a framework for user-centric identity on the Internet; and To acquire, create, hold, and manage intellectual property related to OpenID and provide equal access to such intellectual property to the OpenID community and public at no charge.

• Kantara Intiative: Foster identity community harmonization, interoperability, innovation, and broad adoption through the development of open identity specifications, operational frameworks, education programs, deployment and usage best practices for privacy-respecting, secure access to online services

• Open Identity Exchange: Collecting aggregating, and distributing information regarding the identity-related services industry to businesses and other stakeholders in that industry in order to improve conditions in that industry by fostering innovation, market transparency, and identity-related product and service interoperability; Providing a neutral, open market registration system for participants in the identity-related services industry;

• Data Portability Project: Data portability enables a borderless experience, where people can move easily between network services, reusing data they provide while controlling their privacy and respecting the privacy of others. Our Mission is to help people to use and protect the data they create on networked services, and to advocate for compliance with the values of DataPortability.


Hailstorm SAMLv1 & 2

BTOracleSUN

XRIXDI

Passport

Microsoft

FireFly

Liberty Alliance

Kantara Intiative

Planetwork Link Tank

Identity Commons (1)

Identity Gang

Identity Commons (2)

OpenIDv2

OpenID Foundation

Open Identity Exchange

Information Card

Foundation

IMIIdentity Metasystem

Interoperability

Information Card

Standard

VENN OF IDENTITY

HigginsProject

Lots of Companies

Project to be annouced at

IIW

IBM

Project to be annouced at

IIW

Pamela Project

TIM

EInternet Identity Workshop

Loose Affiliations of People

Current Organizations

Organizations (no longer)

Company

Proprietary Service (no longer)



earlier version (no longer)



(no longer)

Paper:Shared Understanding

Event

Project with Code

Evolution of Identity Community


Collaboration


One of the main community organizations linking various

efforts is Identity Commons.

Identity Commons

Open ID

FoundationInformation

Card

Foundation

XDI.ORG

Data

Portability

Project

Internet Identity

Workshop

Project

VRM

Higgins

Project

Pamela

Project

OSIS

Open Source

Identity System

ID-Legal

Identity

Schemas Identity

Gang

Kids

Online

Photo

Group

IDMedia

Review

OIX

Nick's

Legacy

PDX

Group that who's home is at Identity

Commons

Independant

Nonprofit

Organization

Project at

another organization

EVENT

Key


Conclusion: a funny take the identity dog logo

On the dog, no one knows when you’re on the Internet.


www.internetidentityworkshop.com

www.idcommons.net

Kaliya Hamlin@[email protected]

www.identitywoman.net




http://www.idcommons.net

http://www.idcommons.net

mailto:[email protected]

mailto:[email protected]

http://www.identitywoman.net

http://www.identitywoman.net

Iiw11introtalk

Documents

Transcript of Iiw11introtalk