Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.


3.276 visualizaciones

Publicado el

This is a talk from IIW 11 - introducing people to the overall user-centric identity space.

  • Sé el primero en comentar

  • Sé el primero en recomendar esto


  1. 1. XI November 2, 2010 INTRODUCTION by Kaliya Hamlin @identitywomanMonday, December 6, 2010
  2. 2. Where does my personal inspiration about user- centric digital identity come from? Building Identity and Trust into the Next Generation Internet asn.planetwork.netMonday, December 6, 2010
  3. 3. Who am I? IDENTITY GANG! Internet Identity Workshop formed in 2004 www.internetidentityworkshop.comMonday, December 6, 2010
  4. 4. We have been meeting together every 6 months since the fall of 2005. The Internet Identity Workshop is the work group of Identity Commons an industry consortia & community linking many efforts focused on a people centric identity layer of the net. The Workshop provides open forum for both the big guys and the small fry to come together in a safe and balanced space. It is not about any one technology - rather it is a place to discuss multiple interoperating (and possible competing) projects, standards, and networks for identity, data sharing, and reputation. IIW is Co-Produced by Phil Windley (@windley),Kaliya Hamlin (@identitywoman) & Doc Searls (dsearls) IIWX is being co-facilitated by Kaliya Hamlin and Heidi Nobantu Saul (@nobantu). The Notes Collection Center is being run by Kas Neteler (@kasneteler) and Heidi Nobantu Saul.Monday, December 6, 2010
  5. 5. Face 2 Face DIDW Meetings Burton Group IIW5 RSA IOS 4 2007 IIW 4 IOS 3 IOS 2 OSIS Interop 2 2006 IIW 3 Data Sharing Workshop DIDW RSA Burton Group IOS 1 OSIS Interop 1 2005 DIDW IIW 2 2004 DIDW IIW 1 2003 DIDWMonday, December 6, 2010
  6. 6. Face 2 Face DIDWMeetings Burton Group IIW 11 2010 RSA IIW 10 DIDW 2009 Burton Group IIW 9 RSA DIDW IIW 8 Burton Group OSIS Interop5 RSA IIW 7 2008 OSIS Interop 4 IIW 6 Data Sharing Summit Data Sharing Workshop OSIS Interop 3Monday, December 6, 2010
  7. 7. Broad Base of Participation SMALL COMPANY BIG COMPANY SPONSORS SPONSORS NONPROFIT SPONSORS MSFT FuGen Solutions ISOC PingID OUNO Kantara/Liberty Alliance CORPORATE PARTICIPANTS SUN Rel-ID Info Card Foundation Paypal Facebook Poken OASIS IDTrust Booz Allen Hamilton SMALL COMPANY Google Vidoop Mozilla Apple PATICIPANTS Yahoo Chimp Higgins Project Cisco Burton Group Authentrus Ångströ Bandit Project Hewlett Packared Digg, Inc. Plaxo Sxip Planetwork International Business Machines Privo Internet Society Commerce Net Intuit ClaimID Expensify Adobe LexisNexis NONPROFIT BT Nippon Telegraph and Telephone Corporation FreshBooks PARTICIPANTS Novell Nokia Siemens Networks Gigya Center for Democracy and Facebook NRI Gluu Technology AOL Oracle Janrain DataPortability Project Ping Identity Orange Kynetx IdM Network Netherlands Paypal / eBay Rackspace NetMesh Inc. OCLC Radiant Logic Protiviti Open Forum Foundation World Economic Forum Sony Ericsson The MITRE Corporation IETF Socialtext TriCipher, Inc. UNIVERSITY PARTICIPANTS Tucows Inc VeriSign, Inc. W3C Trusted-ID Wave Systems Goldsmiths, University of London Newcastle University Stanford University Vodafone Group R &D Alcatel-Lucent OASIS Six Apart Acxiom Identity Solutions Acxiom Research GOVERNMENT PARTICIPANTS Equifax Office of the Chief Informaiton Office, Province of British Columbia LinkedIn Amazon and more...Monday, December 6, 2010
  8. 8. Unconference FormatMonday, December 6, 2010
  9. 9. a Shared HistoryMonday, December 6, 2010
  10. 10. SHARED EXPERIENCE in past wars THE Directory Wars of the 90sMonday, December 6, 2010
  11. 11. SHARED EXPERIENCE in past wars Passport & Hailstorm vsMonday, December 6, 2010
  12. 12. a Shared ContextMonday, December 6, 2010
  13. 13. CONTEXT For Shared Vision IDENTITY GANG! formed in 2004Monday, December 6, 2010
  14. 14. CONTEXT For Shared Vision Early on the Identity Gang list was a critical forum for community collaboration it is still active here & many of the protocol efforts & foundations that have emerged have their own lists., December 6, 2010
  15. 15. CONTEXT For Shared Vision The Identity Gang was probably one of the first technical communities to have a very active community blog life that complemented our mailing list conversations. Doc Searls played a critical role in getting almost all community members to blog in the early days of the community 2004-2005. There are several aggregated blogs you can go to get a sense of activity in the community. The Classic - A newer one under development -, December 6, 2010
  16. 16. CONTEXT For Shared Vision s Wiki forums were critical for sharing ideas and common language like the LexiconMonday, December 6, 2010
  17. 17. CONTEXT For Shared Vision Real Time Web Tools SEARCH These are newer mediums for collaboration and information sharing using #hashtags etc. to connect work.Monday, December 6, 2010
  18. 18. a Shared LanguageMonday, December 6, 2010
  19. 19. SHARED LANGUAGE developed in Shared Context Identity Gang LEXICON (driven by Paul Trevithick) in August 2005 1.Agent 6. Entity 2.Claim 7. Identity Attribute 3.Claimant 8. Identity Context 4.Digital Identity 9. Party 5.Digital Identity Provider 10. Persona 6.Digital Subject 11. Relying Party, December 6, 2010
  20. 20. a Shared UnderstandingMonday, December 6, 2010
  21. 21. SHARED UNDERSTANDING using shared language Laws of Identity Kim Cameron in May 2005, December 6, 2010
  22. 22. SHARED UNDERSTANDING using shared language Laws of Identity Kim Cameron in May 2005 1. User Control and Consent 2. Minimal Disclosure for a Constrained Use 3. Justifiable Parties 4. Directed Identity 5. Pluralism of Operators and Technologies 6. Human Integration 7. Consistent Experience Across ContextsMonday, December 6, 2010
  23. 23. SHARED UNDERSTANDING using shared language A Bill of Rights for Users of the Social Web September 4, 2007 Authored by Joseph Smarr, Marc Canter, Robert Scoble, and Michael Arrington Preamble: There are already many who support the ideas laid out in this Bill of Rights, but we are actively seeking to grow the roster of those publicly backing the principles and approaches it outlines. That said, this Bill of Rights is not a document “carved in stone” (or written on paper). It is a blog post, and it is intended to spur conversation and debate, which will naturally lead to tweaks of the language. So, let’s get the dialogue going and get as many of the major stakeholders on board as we can! A Bill of Rights for Users of the Social Web We publicly assert that all users of the social web are entitled to certain fundamental rights, specifically: • Ownership of their own personal information, including: ◦ their own profile data ◦ the list of people they are connected to ◦ the activity stream of content they create; • Control of whether and how such personal information is shared with others; and • Freedom to grant persistent access to their personal information to trusted external sites. Sites supporting these rights shall: • Allow their users to syndicate their own profile data, their friends list, and the data that’s shared with them via the service, using a persistent URL or API token and open data formats; • Allow their users to syndicate their own stream of activity outside the site; • Allow their users to link from their profile pages to external identifiers in a public way; and • Allow their users to discover who else they know is also on their site, using the same external identifiers made available for lookup within the service.Monday, December 6, 2010
  24. 24. SHARED UNDERSTANDING using shared language OECD Paper Properties of Identity At a Crossroads: "Personhood" and the Digital Identity in the Information Society, December 6, 2010
  25. 25. SHARED UNDERSTANDING using shared language Properties of Identity 1.Identity is social. 6.Identity is consequential. 2.Identity is subjective. 7.Identity is dynamic. 3.Identity is valuable. 8.Identity is contextual. 4.Identity is referential. 9.Identity is equivocal. 5.Identity is composite. OECD Paper At a Crossroads: "Personhood" and the Digital Identity in the Information Society The Properties of Identity were articulated by Bob Blakley, Jeff Broberg, Anthony Nadalin, Dale Olds, Mary Ruddy, Mary Rundle, and Paul Trevithick.Monday, December 6, 2010
  26. 26. SHARED UNDERSTANDING Identifiers Claims Single String Pairs A claim is by one party about Identifiers link things together another or itself. and enable correlation. It does not have to be linked to They can be endpoints on the an identifier. internet. Proving you are over 18 for example and not giving your real name.Monday, December 6, 2010
  27. 27. SHARED UNDERSTANDING Project VRM - 4th Parties, December 6, 2010
  29. 29. What is User Centric Digital Identity?Monday, December 6, 2010
  30. 30. The Identity Dog Represents 2 things: * Freedom to be who you want to be * Freedom to share more specific info about yourself that is validatedMonday, December 6, 2010
  31. 31. What is User Centric Digital Identity?Monday, December 6, 2010
  32. 32. Freedom to AggregateMonday, December 6, 2010
  33. 33. Freedom to DisaggregateMonday, December 6, 2010
  34. 34. Freedom to DisaggregateMonday, December 6, 2010 X
  35. 35. XWhy does User Centric Digital Identity Matter?, December 6, 2010
  36. 36. Buddhist in Tennessee, December 6, 2010
  37. 37. Women having the freedom not to present as women. Why James Chartrand Wears Women’s Underpants, December 6, 2010
  38. 38. Real world examples of women managing different personae from She’s Geeky conference. 1) Live Journal Friends 2) Professional ID 3) Feminist Identity 1) Me linked to real name 2) Spiritual 3) Gaming 1) Totally Professional on Domain, GMail, LinkedIN 2) Social but me on Facebook 3) Spiritual under pseudonym on Live JournalMonday, December 6, 2010
  39. 39. Monday, December 6, 2010
  40. 40. Goofy Habits or HobbiesMonday, December 6, 2010
  41. 41. Freedom of Expression personal and politicalMonday, December 6, 2010
  42. 42. Freedom of Action Teachers being able to drink Young people free to socially when in own time. explore themselves BLIZARD WoW in game ID vs “RealID” change this comes from not having all contexts linked togetherMonday, December 6, 2010
  43. 43. Freedom of Movement and Assembly Freedom to group and cluster outside commercial silos & business contexts.Monday, December 6, 2010
  44. 44. Freedom to Peer-to-Peer Link Freedom to determine how the link is seen by othersMonday, December 6, 2010
  45. 45. What is the context for people gathering? “We’re trying to build a social layer for everything.” - Mark ZuckerburgMonday, December 6, 2010
  46. 46. ORMonday, December 6, 2010
  47. 47. Monday, December 6, 2010
  48. 48. Monday, December 6, 2010
  49. 49. Monday, December 6, 2010
  50. 50. Monday, December 6, 2010
  51. 51. How can people and groups be first class objects on the web (and other electronic networks)?Monday, December 6, 2010
  52. 52. Transition to Technology SectionMonday, December 6, 2010
  53. 53. Text Text + ? Can you have both?Monday, December 6, 2010
  54. 54. OpenID 101 (identifier)Monday, December 6, 2010
  55. 55. Monday, December 6, 2010
  56. 56. Monday, December 6, 2010
  57. 57. Monday, December 6, 2010
  58. 58. Monday, December 6, 2010
  59. 59. Monday, December 6, 2010
  60. 60. Monday, December 6, 2010
  61. 61. Monday, December 6, 2010
  62. 62. Monday, December 6, 2010
  63. 63. Monday, December 6, 2010
  64. 64. Monday, December 6, 2010
  65. 65. Monday, December 6, 2010
  66. 66. Monday, December 6, 2010
  67. 67. Monday, December 6, 2010
  68. 68. OpenID has a Ton of Issues • security • no payload - identifiers are not enough • people donʼt understand format URL • people donʼt have their own domains • often 3rd level domain • Nascar Problem • ADOPTION • Namespace issue - “solved Facebook”Monday, December 6, 2010
  69. 69. Users take actions on your site Users come to your site to consume your unique content. They take Connect actions like commenting, reviewing, making purchases, rating, and more. Users share with friends, who discover your site With Facebook Connect, users can easily share your content and their actions with their friends on Facebook. As these friends discover your content, they click back to your site, engaging with your content and completing the viral loop. Social features increase engagement Creating deeper, more social integrations keeps users engaged with your site longer, and more likely to take actions they share with their friends. (For example — dont just show users whats most popular on your site, but whats most popular with their friends on your site.)Monday, December 6, 2010
  70. 70. Proposal for OpenID Connect The response is a JSON object which contains some (or all) of the following reserved keys: • user_id - e.g. "" • asserted_user - true if the access token presented was issued by this user, false if it is for a different user • profile_urls - an array of URLs that belong to the user • display_name - e.g. "David Recordon" • given_name - e.g. "David" • family_name - e.g. "Recordon" • email - e.g. "" • picture - e.g. "" The server is free to add additional data to this response (such as Portable Contacts) so long as they do not change the reserved OpenID Connect keys.Monday, December 6, 2010
  71. 71. Information Cards (claims) informationcard.netMonday, December 6, 2010
  72. 72. Monday, December 6, 2010
  73. 73. Monday, December 6, 2010
  74. 74. Monday, December 6, 2010
  75. 75. Monday, December 6, 2010
  76. 76. Managed Cards Come in two Flavors “Phones Home” Doesn’t “Phone Home” Government Employee issued ID Issued age verification the employer sees where used just like a drivers license in the real worldMonday, December 6, 2010
  77. 77. Verified Anonymity (U-Prove)Monday, December 6, 2010
  78. 78. Information Cards have a ton of issues: • Relying Party Adoption • why shift to claims from identifiers • Where are the libraries and tools for Relying parties • Client Download Required • New User Experience • What are Active Clients and How do they work • Risk & Liability Models are Unclear • If a claim is validated and it is untrue who is liableMonday, December 6, 2010
  79. 79. More TechnologiesMonday, December 6, 2010
  80. 80. XRD (the most successful standard arising from user centric ID community that you have never heard of)Monday, December 6, 2010
  81. 81. Discovery = Patterns + Interfaces + DescriptorsMonday, December 6, 2010
  82. 82. Evolution of Discovery XRDS --> XRD-Simple --> XRD (within XRI spec)Monday, December 6, 2010
  83. 83. Application of XRI/XDIMonday, December 6, 2010
  84. 84. OStatus isnt a new protocol; it applies some great protocols in a natural and reasonable way to make distributed social networking possible. • Activity Streams encode social events in standard Atom or RSS feeds. • PubSubHubbub pushes those feeds in realtime to subscribers across the Web. • Salmon notifies people of responses to their status updates. • Webfinger makes it easy to find people across social sites.Monday, December 6, 2010
  85. 85. OAuthMonday, December 6, 2010
  86. 86. Monday, December 6, 2010
  87. 87. Monday, December 6, 2010
  88. 88. Monday, December 6, 2010
  89. 89. Monday, December 6, 2010
  90. 90. Monday, December 6, 2010
  91. 91. Monday, December 6, 2010
  92. 92. Monday, December 6, 2010
  93. 93. Monday, December 6, 2010
  94. 94. Monday, December 6, 2010
  95. 95. Monday, December 6, 2010
  96. 96. Monday, December 6, 2010
  97. 97. Monday, December 6, 2010
  98. 98. Monday, December 6, 2010
  99. 99. Monday, December 6, 2010
  100. 100. User Managed AccessMonday, December 6, 2010
  101. 101. SAML SAML has two parts used in higher education 1. Authentication 2. ProfilesMonday, December 6, 2010
  102. 102. Protocol Family Tree XNS Current Organizations Organizations (no longer) XDI XRI XDI.ORG Event XRDS Internet Identity Independent Open Protocol Workshop Independent Open Protocol XRD #1 Oct 2005 i-names (no longer) Simple XRI Protocol standardized at OASIS YADIS OpenID Protocol standardized at OASIS earlier version (no longer) XRD v1 OpenID LID v2 sxip OpenID Web Foundation OpenID Finger v NextMonday, December 6, 2010
  103. 103. Big Challenge Protocol InteropMonday, December 6, 2010
  104. 104. OSIS InteropMonday, December 6, 2010
  105. 105. 3rd Interop RSA Conference Spring 2007 European Identity ConferenceMonday, December 6, 2010
  106. 106. Open Identity For Open Government Fast Company blog post by Kaliya Government Experimenting with Identity Technologies Government Services Administration website on ID, December 6, 2010
  107. 107. Monday, December 6, 2010
  108. 108. Trust Frameworks / Policy Repositories Open Identity Exchange Policy Repository Levels of for Auditors Levels of Assurance Protection Trust Frameworks Identity Providers Relying Parties ICAM John Google Relying Party Steensen OCLC PayPal Other Relying Party Auditor PBS Kids Equifax Other Auditor Yahoo! XAuthMonday, December 6, 2010
  109. 109. SHARED VISION for people’s identity on the scale of the web.Monday, December 6, 2010
  110. 110. Freedom and Autonomy for PeopleMonday, December 6, 2010
  111. 111. Open Standards are EssentialMonday, December 6, 2010
  112. 112. No One Dominant PlayerMonday, December 6, 2010
  113. 113. There will be a Big Bang With all new technologies there is a point at which new things start happening that the creators of the technology did not envision this is a big bang in identity.Monday, December 6, 2010
  114. 114. Mission statements: • Identity Commons: Support, facilitate, and promote the creation of an open identity layer for the Internet, one that maximizes control, convenience, and privacy for the individual while encouraging the development of healthy, interoperable communities. • Information Card Foundation: Promote, protect, and enable the development of an open, trusted, interoperable, royalty-free identity layer for the Internet that maximizes control over personal information by individuals • OpenID Foundation: To foster and promote the development of, public access to, and adoption of OpenID as a framework for user-centric identity on the Internet; and To acquire, create, hold, and manage intellectual property related to OpenID and provide equal access to such intellectual property to the OpenID community and public at no charge. • Kantara Intiative: Foster identity community harmonization, interoperability, innovation, and broad adoption through the development of open identity specifications, operational frameworks, education programs, deployment and usage best practices for privacy- respecting, secure access to online services • Open Identity Exchange: Collecting aggregating, and distributing information regarding the identity-related services industry to businesses and other stakeholders in that industry in order to improve conditions in that industry by fostering innovation, market transparency, and identity-related product and service interoperability; Providing a neutral, open market registration system for participants in the identity-related services industry; • Data Portability Project: Data portability enables a borderless experience, where people can move easily between network services, reusing data they provide while controlling their privacy and respecting the privacy of others. Our Mission is to help people to use and protect the data they create on networked services, and to advocate for compliance with the values of DataPortability.Monday, December 6, 2010
  115. 115. Planetwork Loose Affiliations of People Evolution of Identity Community Link Tank FireFly Liberty Alliance Current Organizations Higgins Project SUN Oracle BT Microsoft Identity Lots of Companies Commons (1) Organizations (no longer) Passport XRI XDI Hailstorm SAML v1 & 2 Company Identity IBM Gang Proprietary Service (no longer) VENN OF IDENTITYProtocol standardized at OASIS Internet Identity OpenID Workshop v2Protocol standardized at OASIS IMI Identity Metasystem OpenID earlier version (no longer) Interoperability Foundation TIME Information Card Standard Independent Open Protocol Information Card Independent Open Protocol Foundation Identity Commons (2) (no longer) Pamela Project Paper:Shared Understanding Kantara Intiative Project to be annouced at Event IIW Open Identity Exchange Project to be Project with Code annouced at IIWMonday, December 6, 2010
  116. 116. CollaborationMonday, December 6, 2010
  117. 117. Monday, December 6, 2010
  118. 118. One of the main community organizations linking various efforts is Identity Commons. OIX Open ID PDX OSIS Open Source Key Foundation Identity System Information Group that whos Card home is at Identity Foundation IDMedia Commons Review XDI.ORG Data Independant Photo Nonprofit Portability Project Identity Group Organization Commons Kids Internet Identity Online Project at Workshop another organization Project Identity Schemas Identity VRM Gang Nicks Pamela Legacy EVENT Higgins Project ID-Legal ProjectMonday, December 6, 2010
  119. 119. Conclusion: a funny take the identity dog logo On the dog, no one knows when you’re on the Internet.Monday, December 6, 2010
  120. 120. Kaliya Hamlin @identitywoman www.identitywoman.netMonday, December 6, 2010