The Design of Everyday Identity - Pushing String | … · The Design of Everyday Identity ... The...

of 30/30
1 The Design of Everyday Identity Eve Maler Principal Engineer Sun Microsystems, Inc.
  • date post

    01-Sep-2018
  • Category

    Documents

  • view

    219
  • download

    0

Embed Size (px)

Transcript of The Design of Everyday Identity - Pushing String | … · The Design of Everyday Identity ... The...

  • 11

    The Design of Everyday Identity

    Eve MalerPrincipal EngineerSun Microsystems, Inc.

  • 2

    The sea change in IdM

    Captive Homogeneous Penalizable Rules-based Centralized

    Free Heterogeneous Persuadable Capricious Emergent

  • 3

    The design of everyday things:a cautionary tale

    the difference between pleasure and frustration

    design is an act of communication

    human-centered design

  • 4

    Identity awareness? Identity wariness

  • 5

    The obvious value of differentiated service

  • 6

    The everyday enterprise looks more and more like the open Internet

  • 7

    Building the Participation Age on federated identity

  • 8

    What human tendenciesmight inform our approach to identity?

  • 9

    New-relationship energy

  • 10

    The efficiency imperative

    Reactions: Frustration Anxiety Impatience Annoyance

    Strategies: Avoidance Lying Rote behavior

  • 11

    The self-revelation imperative

  • 12

    Some general lessons we can draw

    Make do the right thingthe easiest thing to do

    Try to make what peoplewant to do possible

    Respect and balanceall parties' needs

  • 13

    The parties

  • 14

    Needs, pressures, and tensions

    NRE, efficiency,self-revelation

    Consent,permission

    Community Liability,

    compliance,auditing

    Security,attack surface

    Payment, profit Ease of use Privacy,

    minimal disclosure Enjoyment Flexibility

    ...

    Privacy vs.self-revelation,efficiency,liability

    Real-timeconsent vs.efficiency

    Ease of use vs.attack surface...

  • 15

    What specific lessons might wedraw about identity?

    1. Make sign-on as seamless as you can

    2. Make a little shared data go a long way

    3. Make consent more meaningful

  • 16

    The discovery challenge in SSO

    1. Make sign-on as seamless as you can

  • 17

    The holy grail of true single sign-on

    Historically, it has required tight coupling between IdPs and RPs

    1. Make sign-on as seamless as you can

  • 18

    With looser coupling comes complexity How can the RP find the identity data it needs? Which other needs must be balanced against true single sign-on?

    1. Make sign-on as seamless as you can

  • 19

    What if... We could take our pick from among many identity-aware

    services on the market?> Personal profile, presence, geolocation, payment, buddy list,

    calendar, shipping... They could coordinate in providing

    differentiated services on our behalf?> Exposing minimum data about me

    to each of the others> Without having met each other before

    Their actions were secure, controlledby policy, and auditable?

    They could function even when I'm offline?

    2. Make a little shared data go a long way

  • 20

    Liberty ID-WSF enablesreduced-disclosure ecosystems

    2. Make a little shared data go a long way

  • 21

    Real-time attention is a scarce resource

    3. Make consent more meaningful

  • 22

    Use the ID-WSF Interaction Service

    Additional approaches forhigh-quality consent

    3. Make consent more meaningful

    Use CARML / AAPML> Being standardized at

    Liberty as ID-Governance Create and manage

    policies under human control> For consent, purpose of

    use, data requirements... Implement and audit

    governance and compliance

  • 23

    The mutual-respect dilemmain data-sharing relationships

    3. Make consent more meaningful

  • 24

    New directions: Vendor Relationship Management (VRM)

    3. Make consent more meaningful

    Explicitly about empowering users

    Seminal use case: how can you propagate a change of address to all your online partners in a way that works for you (and them), withoutlock-in?

    ID-WSF offers one potential solution

  • 25

    What if...

    3. Make consent more meaningful

    We could host our own digital data, for sharing only withour chosen online partners, on terms we set?

    We could create the data however we wish once thenshare it in bulk?

    Partners could grab thefreshest version at any time?

    We could audit usage andcut off bad partners?

    We could combine this with existing identities silo-based, traditionally federated, OpenID and identity-aware services?

    We could build an ecosystem for this on the very thinnest of standard Web technology layers?

  • 26

    3. Make consent more meaningful

    You have a personal data store (e.g. where you keep your blog), in which...

    ...you craft private-use URLs for custom Atom feeds that you offer to vendors when you register...

    ...feeds to which they can subscribe, and from which they can pull data just-in-time...

    ...allowing you to manage and terminate data-sharing relationships as you wish

    The new new thing: feed-based VRM

  • 27

    3. Make consent more meaningful

    Does thismodel

    empowerparties

    moreevenly?

    Can itsupport

    newsocial

    and commercial

    data-sharing opportunities?

  • 28

    Human beings aren't always users

    Everyday identity should be human-centered

    Employees and citizens are people, too

  • 29

    Cast (in order of appearance)

    These slides: www.xmlgrrl.com/blog in the Publications area> Also the IEEE Security and Privacy article on The Venn of

    Identity, information on ID-WSF, and much much more Don Norman usability info: jnd.org OpenSSO and The Fedlet: opensso.org [email protected] initiative: openid.sun.com Project Concordia: projectconcordia.org Project VRM: cyber.law.harvard.edu/projectvrm

  • 30

    Thanks for yourkind attention!

    Eve [email protected]/blog

    30