• Skip to primary navigation
  • Skip to main content

Identity Woman

Independent Advocate for the Rights and Dignity of our Digital Selves

  • About
  • Services
  • Media Coverage
  • Podcast
  • Blog
  • Contact
  • Show Search
Hide Search

Open Identity for Open Government Explained

Kaliya Young · September 9, 2009 · 7 Comments

Today the United States Government with digital identity industry leaders announced the development of a pilot project with NIH and related agencies using two of the open identity technology standards OpenID and Information Cards.
This is, as a friend said to me, a “jump the shark moment” – these technologies are moving out from their technologists technology cave into mainstream adoption by government agencies. We are seeing the convergence of several trends transform the way citizens participate in and communicate with government:

  • Top-down support for open government
  • The proliferation of social media
  • The availability of open identity technologies

The Obama administration open government memorandum called for transparency participation, collaboration and federal agencies have begun to embrace Web 2.0 technologies like blogs, surveys, social networks, and videocasts.
Today there are over 500 government websites and about 1/3 of them require a user name and password. Users need to be able to register and save information and preferences on government websites the same way they do today with their favorite consumer sites, but without revealing any personally identifiable information to the government.
The challenge is that supporting this kind of citizen interaction with government via the web means that identity needs to be solved. On the one hand you can’t just ask citizens to get a new user-name and password for all the websites across dozens of agencies that they log in to. On the other you also can’t have one universal ID that the government issues to you and works across all government sites. Citizens need a way to interact with their government pseudonymously & in the future in verified ways.
So how will these technologies work?
Those already familiar with OpenID know that typically when users login with it they give their own URL – www.openIDprovider.com/username. (see this slideshare of mine if you want to see OpenID 101) There is a little known part of the OpenID protocol called directed identity – that is a user gives the name of their identity provider – Yahoo!, Google, MSN etc – but not their specific identifier. The are re-directed to their IdP and in choosing to create a directed identity they get an identifier that is unique to the site they are logging into. It will be used by them again and again for that site but is not correlatable across different websites / government agencies. The good news is it is like having a different user-name across all these sites but since the user is using the same IdP with different identifiers (unlinked publicly) but connected to the same account they just have to remember one password.
Information Cards are the new kids on the identity block in a way – this is their first major “coming out party” – I am enthusiastic bout their potential. It requires a client-side tool called a selector that stores the user’s “digital cards”. Cards can be created by the end user OR third parties like an employer, financial institution, or school can also issue them.

In essence, this initiative will help transform government websites from basic “brochureware” into interactive resources, saving individuals time and increasing their direct involvement in governmental decision making. OpenID and Information Card technologies make such interactive access simple and safe. For example, in the coming months the NIH intends to use OpenID and Information Cards to support a number of services including customized library searches, access to training resources, registration for conferences, and use of medical research wikis, all with strong privacy protections.

Dr. Jack Jones, NIH CIO and Acting Director, CIT, notes, “As a world leader in science and research, NIH is pleased to participate in this next step for promoting collaboration among Assurance Level 1 applications. Initially, the NIH Single Sign-on service will accept credentials as part of an “Open For Testing” phase, with full production expected within the next several weeks. At that time, OpenID credentials will join those currently in use from InCommon, the higher education identity management federation, as external credentials trusted by NIH.” In digital identity systems, certification programs that enable a site — such as a government agency — to trust the identity, security, and privacy assurances from an identity provider are called trust frameworks. The OIDF and ICF have worked closely with the federal government to meet the security, privacy, and reliability requirements set forth by the ICAM Trust Framework Adoption Process (TFAP), published on the IDManagement.gov website. By adopting OpenID and Information Card technologies, government agencies can cost effectively serve their constituencies in a more personalized and user friendly way.

“It’s good to see government taking a leadership role in moving identity technology forward. It’s also good to see government working with experts from private sector and especially with the Information Card Foundation and the OpenID Foundation because identity is not a technical phenomenon — it’s a social phenomenon. And technological support for identity requires the participation of a broad community and of representatives of government who define the legal framework within which identity will operate,” said Bob Blakley, Vice President and Research Director, Identity and Privacy Strategies, Burton Group. “Today’s announcement supplies the most important missing ingredient of the open identity infrastructure, mainly the trust framework. Without a trust framework it’s impossible to know whether a received identity is reliable.”

Under the OIDF and ICF’s open trust frameworks, any organization that meets the technical and operational requirements of the framework will be able to apply for certification as an identity provider (IdP). These IdPs can then supply authentication credentials on behalf of their users. For some activities these credentials will enable the user to be completely anonymous; for others they may require personal information such as name, email address, age, gender, and so on. Open trust frameworks enable citizens to choose the identity technology, identity provider, and credential with which they are most comfortable, while enabling government websites to accept and trust these credentials. This approach leads to better innovation and lower costs for both government and citizens.

The government is looking to leverage industry based credentials that citizens already have to provide a scalable model for identity assurance across a broad range of citizen and business needs – doing this requires a trust framework to assess the trustworthiness of the electronic credentials; see Trust Framework Provider Adoption Process (TFPAP).   A Trust Framework Provider is an organization that defines or adopts an online identity trust model involving one or more identity schemes, has it approved by a government or community such as ICAM, and certifies identity providers as compliant with that model. The OIDF and ICF will jointly serve as a TFP operating an Open Trust Framework as defined in their joint white paper, Open Trust Frameworks for Open Government.
Both the OpenID and Information Card Foundation have been working very hard on this for many months – last night I was fortunate to their boards at a history first ever joint dinner.
There are two women in particular though who have driven this forward: Judith Spencer of the Federal Identity, Credential, and Access Management Committee on the government side and Mary Ruddy of Meristic Inc on the industry side. Both of them will be speaking about the project at the Gov 2.0 Summit on Thursday.
Personally this announcement shows how far things have come since I facilitated the first Internet Identity Workshop in 2005 with 75 idealistic identity technologies talking about big ideas for use-centric identity. I am really looking forward to discussing these developments at the forthcoming 9th Internet Identity Workshop in November.

Government, ID Protocol, Industry Commentary, Industry Developments Information Cards, Open ID

ConvertKit Form

Join to get updates from Identity Woman

Kaliya is beginning to share regular updates about her work. This will help keep you up to date with all her work.

Success! Now check your email to confirm your subscription.

There was an error submitting your subscription. Please try again.

We won't send you spam. Unsubscribe at any time. Powered by ConvertKit

Reader Interactions

Comments

  1. David Kearns says

    September 9, 2009 at 9:42 am

    Um, I don’t think your friend understands the “jump the shark” idiom which refers to the moment when something is no longer viable….

    Reply
  2. Ultimate Frisbee Video says

    December 13, 2010 at 7:05 pm

    Many thanks for the good post. I’ve been studying as well as making the most of your blog. I will be returning!

    Reply

Trackbacks

  1. WebHosts 2009» Blog Archive » OpenID Pilot Program to be Announced by US Government says:
    September 9, 2009 at 6:19 am

    […] Conversation about whether and how best to implement a system of Federated Identity across government websites has been underway for at least the last 6 months. We wrote about the first public rumblings this summer. Kaliya Hamlin explains the state of the conversation in detail on her blog. […]

    Reply
  2. OpenID Pilot Program to be Announced by US Government | google android os blog says:
    September 9, 2009 at 7:05 am

    […] Conversation about whether and how best to implement a system of Federated Identity across government websites has been underway for at least the last 6 months. We wrote about the first public rumblings this summer. Kaliya Hamlin explains the state of the conversation in detail on her blog. […]

    Reply
  3. OpenID: uno standard anche per il Governo Americano says:
    September 9, 2009 at 10:39 am

    […] più di 500 siti web governativi con quasi un terzo di essi che richiede username e password (come riporta Identity Woman), ecco che il vantaggio di possedere un’identità digitale OpenID diviene oltremodo […]

    Reply
  4. OpenID Pilot Program to be Announced by US Government - Partytow says:
    September 9, 2009 at 4:59 pm

    […] Conversation about whether and how best to implement a system of Federated Identity across government websites has been underway for at least the last 6 months. We wrote about the first public rumblings this summer. Kaliya Hamlin explains the state of the conversation in detail on her blog. […]

    Reply
  5. Henrik Biering » USA’s regering bag privacy fokuseret OpenID says:
    September 12, 2009 at 7:37 am

    […] Ashish Jain fra Paypal har lavet et blogindlæg med en række relevante links til OpenID for OpenGov Kaliya Hamlin, a.k.a. IdentityWoman opridser baggrunden og perspektiverne for OpenID for OpenGov […]

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

     Copyright © 2023 Identity Woman  evelurie.com/web design/develop     

  • Terms of Use
  • Privacy Policy
  • Sitemap
  • Contact