After TEDxBrussels in 2011 I was invited to present at TEDx Constitution Drive. Enjoy!
Big Ideas
Talk at TEDx Brussels
I was invited to give a talk at TEDx Brussels.
I explain Identity in the context of the Future. Enjoy!
Rethinking Personal Data: 3 WEF reports
I met Marc Davis at SXSW in 2010, we instantly clicked and began working together. He was on contract to develop pre-reading material for a WEF meeting in the fall about Personal Data. I contributed significantly to the document which became the basis of the first Rethinking Personal Data project Report, Personal Data the Emergence of a New Asset Class. [click on the image to download the report].
I remained actively engaged in the project and two of the Appendixes in the 2nd report were authored by me. The MindMap of Personal Data Types and the Value Network Analysis of the Exploitive Personal Data Ecosystem (Both of these are in the My Data, My Value, 6 Sense Making Diagrams) [Click on the image to download the report PDF]
Diagrams that appeared in the third report I helped sketch out with Bill Hoffman. Here is the Third WEF report PDF [click on the document image].
WEF Report #3 write up on my Blog.
My Data, My Value: 6 Sense Making Diagrams
I was invited to present in the Personal Data Track at the Cloud Identity Summit, 2016 in New Orleans.
This is the talk I gave. It also came with a two sided 11×17 sheet with all 6 diagrams (just below).
My Data, My Value: 6 Sense Making Diagrams from the Personal Data Ecosystem. from Kaliya "Identity Woman" Young
Identity 101, Boot Camp for Identity North 2016
This June I was invited to present the Identity 101 BootCamp ahead of the Identity North Conference in Toronto. People arrived 90 min early at 8am for this presentation.
I walk through some of the core vocabulary for identity (authentication, authorization, enrollment, verification and contextualize the different contexts (Enterprise, Government and User-Centric) and power structures that operates within. We also include the Identity Spectrum between verified and anonymous ID there is a whole range and some combinations) The presentation ends sharing Kim Cameron’s Laws of Identity and the Properties of Identity.
Identity and Social Justice
I co-presented Identification and Social Justice with Bob Blakley who is the Global Director, Information Security Innovation at Citi as the closing keynote at the Cloud Identity Summit in Colorado.
I gave this presentation in 2012 at the Cloud Identity Summit as the Closing Keynote address. It highlights issues that surround the rich having privilege and able to manage their identities more favorably then the poor.
Identity 101 Bootcamp for Identity North 2016
This presentation was presented as the pre-opening talk at Identity North 2016 in Toronto. It covers the big question – What is Identity? Key Concepts and Terms. Contextualizing Identity for Enterprise, Government and in the Commons.
Personal Data, My Value Six Sense Making Diagrams in the Rise of the Personal Information Economy Workshop
This talk was presented at the 2016 Cloud Identity Summit. It was in the Rise of the Identity-enabled Personal Information Economy Track. It puts forward 6 Diagrams to make Sense of the overall Personal Data Ecosystem including What is Personal Data? What Happens to Personal Data? What are Market Models and how is it regulated?
Thinking Ahead: Sean some people did…you didn't.
So the Guardian is reporting about Sean Parkers remarks at the Techonomy conference.
Thinking ahead.
None of us could possibly have understood what it would mean to have a billion or two billion people potentially using these platforms regularly,” said Parker. “That wasn’t something that factored into anyone’s analysis in the starting of these companies. You just want to be a successful company. You want to understand the mechanisms that work, you want to play into them, you want to reinforce them, you want to be a successful company.”
While it is refreshing to hear some self reflection after the fact about the consequences of building a social platform driven by profit with an incentive to get people to engage with it – personal and social costs be-dammed.
I think people did for-see and could understand some of the negative effects he is discussing – the problem is they just were not in the mix of young men founding these companies at the time. The fact is the narrow demographic of who was empowered with funds to create these systems (By men likc Sean Parker and Peter Theil) and who thcy subsequently chose to hire and listen to early on (Read the Boy Kings to get the inside scoop on that) speaks volumes about what was built.
As a side note I developed an outline for building a distributed social network for spiritual activist leaders and their followers in 2003-4. I even raised $35,000 and had two protoypes build in Drupal. I like to think if I got funding beyond that and had the chance to develop the vision we were thinking about the social consequences.
Communities considering the future of social tools and online communities did think thoughtfully about the future and how things could play out and what was needed to support things evolving well from a user-centric perspective. A great starting point published in 2003 is the Augmented Social Network: Building Identity and Trust into the Next Generation Internet.
Enabling Multi-Stakeholder Consensus on Cybersecurity Issues
My friend Allen who was at Brookings got a job with NTIA to figure out what issues to focus on and how to get multi-stakeholder collaboration on cyber security issues. Because he asked me to respond I took the time to give him my thoughts and input drawing on my experience with the attempts by NSTIC to do this same thing. Here is the PDF document. IPTF-Kaliya-2
I will in time work to publish it in blog sized sections online so it is more internally linkable (starting with an index from this post). Until then enjoy.
ID Anthology – the community "cannon"
A few years ago I pulled together the start of a community anthology.
You could think of it as a cannon of key blog posts and papers written in the Identity Gang and circulated around the Internet Identity Workshop and other conferences back in the day like Digital Identity World.
I think with IIW coming into its 10th year and #20 and #21 happening this year the time is right to make a push to get it cleaned up and actually published.
We need to make the important intellectual and practical work done thinking and outlining digital identity that this community has done . I also have included works that highlight key issues around user-centrism and identity that originated from outside the community of the identerati.
I am working on organizing a crowd funding campaign to raise a small amount to work with a professional editor and type setter get the needed copyright clearances so we can have a “real” book.
In the mean time I have this outline below of articles and pieces that should be included.
I would love to hear your suggestions of other works that might be good to include. It may also be that we have So many that choose to do more then one volume. For this first one my focus is more on early works that were foundational to a core group early on – essays and works that we all “know” and implicitly reference but may not be known or accessible (because they are 6-10 years ago in blogosphere time and that is eons ago) or may not even be on the web any more.
You could comment on this blog. You could use the hashtag #idanthology on twitter. You could e-mail me Kaliya (at) Identitywoman (dot) net. Subject line should include IDAnthology
The book would be dedicated to the community members that have died in the last few years (I am open to including more but these are the ones that came to my mind).
- Nick Givitosky
- RL “Bob” Morgan
- Bill Washburn
- Eno Jackson
Digital Identity Anthology
Context and History from the User-Centric Identity Perspective
edited by Kaliya “Identity Woman”
Forward, Preface, Introduction – TBD
Openning Essay – by Kaliya
Contextualizing the Importance of Identity
Protocols are Political – Excerpts from Protocol: How Control Exists after Decentralization
Identity in Social Context
Identity in Digital Systems
The “Words” – taking time to contextualize and discuss the meaning of words with broad meaning often used without anchoring the particular meaning the author is seeking to convey.
Identity
Trust
Reputation
Privacy
Security
Federation
Pre-Identity Gang Papers
Building Identity and Trust into the Next Generation Internet (10 page summary)
Accountable Net (summary or key points)
Cluetrain Manifesto by Doc Searls et al. (some key highlights)
The Support Economy (some key excerpt?)
Identity Gang Formation
Andre Durand’s talk at DIDW way back in the day.
Blog post of Kaliya and Doc meeting at SBC (now ATT ) park in SF –
Dick’s Identity 2.0 talk.
Phil’s Posts
Johannes – early Venn
The Community Lexicon
Laws of Identity + Responses
The Laws of Identity
4 More Laws (by Fen Labalme)
Verifiable, Minimal and Unlinkable (by Ben Laurie)
Axioms of Identity
Key Identity Gang Ideas + Posts
On The Absurdity of “Owning One’s Identity
The Limited Liability Persona
Identity Oracles (Bob Blakley)
Identity Spectrum version 1 version 2 (Kaliya)
Onion Diagram (by Johannes)
Venn of Identity (Eve Mahler)
Claims and Attributes
Context and Identity
Signaling Theory
Agency Costs
Social Protocols
What is Trust?
The Trouble with Trust and the Case for Accountability Frameworks
Trust and the Future of the Internet
User-Centric ID and Person-hood.
At Crossroads: Personhood and Digital Identity in the Information Society
The Properties of Identity
The Privacy Frame
Ann Covukian’s Take
Daniel Solove’s work
Identity and Relationships
A Relationship Layer for the Web, Burton Group Paper
Privileged and Not Gender and Other Difference
Designing a Better Drop-Down Menu for Gender
Disalienation: Why Gender is a Text Field on Diaspora
“Gender is a Text Field” (Diaspora, backstory, and context)
NymRights
There were many posts that arose out of the NymWars that began with Google+ turning of people’s accounts in July of 2012 – I have to go through and pick a good selection of those from BotGirl, Violet Blue and others.
Personal Data Concepts and Principles
Vendor Relationship Management Community,
The Support Economy
LumaScape of Display Advertising
My Digital Footprint (By Tony Fish)
Personal Data the Emergence of a New Asset Class, WEF Report
Rethinking Personal Data: Strengthening Trust
The Paradox of Choice: Why More is Less
Visions and Principles for the Personal Data Ecosystem (Kaliya)
PDX Principles (Phil Windley)
Control and Protocol
Its Not so Simple Governance and Organizational Systems Theory
Accountable Net
Visa the Original “Trust Framework”
Life organizes around identity form When Change is out of Control. and Using Emergence to take Social Innovation to Scale.
Closing Essay
Appendix 1: Information Practices the Evolution of FIPPs
Appendix 2: Bills of Rights
“The” Words
A Preliminary Mapping of the Identity Needs in People’s Life Cycles
This start of a paper and idea for an interactive Exercise to be done at the ID360 Conference was written by myself and Bill Aal. It was submitted to the 2014 ID360 Conference put on by the Center for Identity at the University of Texas at Austin.
Over people’s life cycles there are many different “identity events” that occur. While considering how people interact with an identity ecosystem the whole range of lifecycle events must be considered not just those in mid-life career people. We present a draft Field Guide to the different stages of life naming different key events and contextualizes what identity needs they might have. We also explore a user centric view of the hat looks at the digital lifecycle from the perspective of our needs as people in a social context. This may be contrasted with a view of the digital life cycle from governmental, civil society or business perspectives. We end with exploring the implications of going beyond the tension between privacy rights and institutional desires for security and authentication.
This paper builds on some of the key concepts of the paper also submitted to ID360 by Kaliya Hamlin entitled The Field Guide to Identity: Context, Identifiers, Attributes, Names and More
The first part of the paper draws the key concepts from that paper and go on to articulate to ask critical questions that are particular to the Digital Life Cycle. It is an attempt to layout a research program for a user centered view of the digital life cycle.
The second part of the paper charts key life stages and identity events along with community and institutional interactions that are likely. We would like to work with the organizers of the conference to have a interactive wall sized paper map available in the conference center as the event is happening to both consider each phase from the individual’s point of view and the institutions and potentially contextualize the contributions of different papers/presentations on the map.
Key concepts:
Identity is socially constructed and contextual.
More and more at earlier and earlier ages, we are given identifiers by the state, medical institutions and educational institutions that signify who we are in the social field.
How do our identities evolve through an interaction between our bio/social roots and the institutional identifiers we are assigned?
When are we recognized as a person?
Do we think of ourselves as our drivers license, or library card identifiers??Does our online representation play out in the development as human identities?
Self as a Part of Something Greater
We are defined by who we are, connected to our identities as part of something greater.
Do online identities support that sense of being part of a larger whole?
Context of Observation
The context of observation matters for shaping our identities. It defines the scope of our freedom expression our ability to make choices about context. There are three different types of observation that are quite different.
Being Seen – a mutual act. I see you, You see me. We see each other. ?How do digital social networking identities help us see each other?
Being Watched – This is where one is observed but it is not known by the person who is looked at. There may be interaction between actors, but there is less of an “I- thou” quality. How do we know when we are being watched? In small society social interactions, we grow up being watched and knowing that we are being cared for.
How do our online identities help us be seen as we mature?
Being Stalked – This is what happens when the watching shifts from an appropriate happenstance window of time and space to watching over time and space – to following and monitoring our behavior without our knowledge. Recent attention to government surveillance and corporate access to our most intimate online interactions gives rise to anxiety over privacy/anonymity.
How do we create principles that allow for control over the stalking?
Self in Mass Society
The self is shaped differently by living in a mass society.
The first systems of mass identity were paper and bureaucratic record keeping of the state as way to give abstract identity to citizens to provide them services and to control their movement. It is vital to remember that we are not our government issued paperwork.
We are people with our own identities, our own relational lives in our communities. We must not mistake how identity in mass society operates for what it is a system, a set of technologies to manage identity in mass society.
How can we create systems of digital identity that recognize and support our having continuity across governmental, educational and medical systems, that protect our first amendment and privacy rights?
Self in Communities
Communities provide the middle ground in between the Small Society and Mass Society modalities of Identity. Communities of interest, communities of practice and geography give us the affordance to move between different contexts and develop different aspects of ourselves. This type of contextual movement and flexibility is part of what it mean to live in cities and particularly large cities, where people in one context would not necessarily share other contexts. We need to work to ensure the freedom to move between communities is not implicitly eroded in the digital realm. One key way to do this is to build digital systems that people have the capacity to use non-corelateable identifiers (pseudonyms) across different contexts they do not want linked.
Self in relationship to Employers
The power relationship between an employee and an employer is quite clear. This power relationship is NOT the same of an individual citizen’s relative to their government or the power relationship of a person relative to communities they participate in. There is a tension between the employers rights and responsibilities and the individual employees rights and responsibilities.
For example, should an employer have the “right” to access an employee’s private social network activities, or surveillance of their life outside the workplace?
What are the digital assets that are uniquely the employer or employee?
How can standards apply across the business world??
Other areas we wish to explore:
- Self in Relation to Peers
- Self in Relation to the Education System
- Self in Relationship to the Medical System and Social Services
- Self in Relation to the State
Power and Context
The Self in a Small society is embedded in a social mesh one can not escape. There is no “other place” and one is defined in that society and because it is so small one can not leave. The self in a Mass society is in a power relationship with the state. Where one has rights but one also must use the identification system they issue and manage to interact and connect with it.
The self in community gets to navigate a myriad of different communities ones each with its own social constructions and how power operates and flows within it. (egalitarian, religions, social)communities, work places (traditional owner – worker | worker owners | holocracy). These communities, needs and responsibilities change over a person’s lifetime.
How can consistent, yet user centered identity frame works support this development?
Where to Start
The start of all our conversations about people’s identity comes from being embodied being in a social context. Online digital identifiers and systems at their best should support the unfolding of our identities, help us access institutional and government services, as well as help those systems provide better service.
Contexts in which Identity Lifecycle issues arise:
We are at the beginning stages of exploring how from a person’s perspective, their online identities can evolve. This is in the process of being refined by looking at the identity needs of the individual, the state and businesses and where those interests might clash. This is a long term research project that we are initiating The idea is to go beyond the usual clashes of privacy and personal rights vs big data. Etc/
This is the beginning of a research project that we are just initiating.
We invite the collaboration of the ID360 and other professional and academic communities.
| Person’s View | Institutional View | |
| Pre-Birth | ||
| Prenatal Screening | ||
| Birth | ||
| Naming | ||
| National Identity Number | ||
| Community Acknowledgement | ||
| Enrollment in Mass Society | ||
| Medical Info | ||
| Adoption | ||
| Kid | ||
| School | ||
| After-School | ||
| Camp | ||
| Sports | ||
| Arts | ||
| Online social networks | ||
| Gaming | ||
| Medical | ||
| Biometrics | ||
| RFID Tags | ||
| Teen | ||
| Self Expression / Identity Exploration Online | ||
| School ID | ||
| Drivers License | ||
| Banking Info | ||
| Medical | ||
| Sports | ||
| Social Networking | ||
| Work related | ||
| Student | ||
| University/Trade School | ||
| Student Loan | ||
| Social Identity | ||
| Adult | ||
| Economic Realm | ||
| Consumer | ||
| Worker | ||
| Owner | ||
| Owner of major items such as | ||
| Car/Home | ||
| Social Identity | ||
| Computers / Portable Devices | ||
| Financial | ||
| Community Realm | ||
| Political affiliation | ||
| local, state/provincial and national government, rights and responsibilities | ||
| (Taxation, licensing, relation to court systems, permits etc) | ||
| Voting Eligibility, residential status, citizenship, entitlement programs | ||
| Religious Affiliation | ||
| Interest Groups | ||
| Service Groups | ||
| Special Needs | ||
| Mental Disabilities | ||
| Physical Disabilities | ||
| Relational | ||
| Married | ||
| Partnered | ||
| Parental | ||
| Divorce | ||
| Blended Families | ||
| Elder | ||
| Retirement | ||
| Deteriorating Mental /Physical Condition | ||
| Death | ||
| Post Death Digital Life |
The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 1 Intro + What is Identity
This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.
Introduction
I was attending a day long think tank called Forces Shaping the Future of Identity hosted by the Office of the Director of National Intelligence and facilitated by the Institute for the Future. A man in the audience pipped up “Are we going to Define what we mean by Identity?” I smiled :). One can’t go very far in a conversation about identity before someone asks “that” question. It always is asked when space is opened up to discuss the topic.
I have been engaged with communities of technology professionals and with forward looking civil society organizations circling around the question what is Identity for over 10 years. The simple one-liner comprehensive definition that I use is Identity is socially constructed and contextual. However it’s just one line. This paper is a Field Guide covering core concepts along with a visual language to represent them so we can talk about it in a meaningful way across the whole lifecycle from cradle to grave, both online and off and in other times. It builds on the model we used for the Field Guide to Trust Models that I co-wrote last year for the ID360 Conference.
Part 2: Names, Part 3: Identifiers Part 4: Name Space, Attributes and Conclusion.
This is Part 1:
What is Identity?
Identity is socially constructed and contextual.
Our sense of self arises first from our social interactions with our family of origin. Humans are unique animals in that 80% of our brain growth happens outside of the womb in the first three years of life. Our family of origin is within the context of a community and in this age broader society that ultimately reaches to be global in scope.
The names we have, identifier systems, attributes that are articulated all depend on our context and from there the social constructions that define these.
Sense of Self
We are told who we are by our family – they give us a name and share with us who we are.
When does it begin? When people recognize you?
When are we recognized as a person? Different cultures have different traditions.
I have had a connection with the 3HO Sikh community. When a woman is 120 days pregnant there is a celebration to welcome the spirit of the child into the community. Women who give birth in that tradition stay at home and don’t go out for 40 days after the child is born.
Self as a Part of Something Greater
We are defined by who we are connected to. Our identities as part of something greater. Children seek to understand their environment to understand where they fit in. An example from my childhood is one my first memories. I remember a Canada Day Celebration we attended in Hastings Park. Being Canadian is to be mutli-cultural. The day had different ethnic communities performing on a stage different folk dances while dressed in traditional dress. At some point they handed out Canadian flags on 30 centimeter (12 inch) flag poles with a stand made out of shiny gold colored plastic in a box. It symbolizes this point in time where I understood myself to be part of something bigger to be part of the nation I was born in along with understanding some key values.
Projection of Self
We begin to understand who we are by projecting ourselves into these contexts we find ourselves and learning from the response – shaping ourselves.
There is an African saying/word – Ubuntu – I am because you are. We are the authors of each other.
Context of Observation
The context of observation matters for shaping our identities. It defines the scope of our freedom expression our ability to make choices about context.
There are three different types of observation that are quite different.
Being Seen – a mutual act. I see you, You see me. We see each other.
Being Watched – this is where one is observed but it is not known by the observee. However it is known to the observee that they might be watched for example walking down one’s street, one knows that one could be seen by any of one’s neighbors looking out their window. One also knows that being inside of one’s own home prevents one from being watched. When walking into a store one knows that the storekeeper will see us, watch us in the store and we know that when we leave the store they will not be able to watch us. When we return to the same store they will likely recognize us (because we are returning in the same body) and know something about us based on prior interactions. In time a relationship of knowing might develop.
It should be noted that our bodies in physical space give away attributes about us that we can not proactively hide. Because we live in a society that is full of implicit bias the experiences of different types of people is different in the world. Banaji’s work on implicit bias is a starting point. Following the Trayvon Martin verdict the president gave a speech where he said that before he was president he regularly was shadowed while shopping in stores because he was stereotyped. My partner had this happen to him this fall while shopping at Old Navy and it was not the first time.
Being Stalked – This is what happens when the watching shifts from an appropriate happenstance window of time. To watching over time and space – to following and monitoring our behavior without our knowledge.
Self in Small Society
I have often heard it said that with the advent of what appears to be ubiquitous digital identity and the fact that we can be “seen” is just like it was when we lived in small societies.
In small societies it is said that there is no privacy – everyone knows everyone’s business. Their is another layer there is a relational human connection that weaves the people in this context together.
They know each other, they can understand when they are seen and know they are being watched as the move about town.
In a a small society you also know when you are not being watched when you are in your own home with your blinds drawn.
A mesh-network of relationships that form over life and inter-generationally that inform identity and role in the society.
In a a small society you also know when you are not being watched when you are in your own home with your blinds drawn.
A mesh-network of relationships that form over life and inter-generationally that inform identity and role in the society.
Self in Mass Society
The self of is shaped by living in a mass society.
We developed systems using the technology of paper and bureaucratic record keeping of the state as way to give abstract identity to citizens to provide them services. This began first with the pensions given to civil war veterans. In the 1930’s a system was developed to support people paying for and getting Social Security benefits. The advent of cars as machines that people operate gave rise to the development of licensing of people to be able to drive the vehicles. These all assigned people numbers by the state so they can present themselves to the state at a future time and be recognized. It is vital to remember that we are not our government issued paperwork. We are people with our own identities, our own relational lives in our communities. We must not mistake how identity in mass society operates for what it is a system, a set of technologies to manage identity in mass society.
Self in Communities
Communities provide the middle ground in between the Small Society and Mass Society modalities of Identity. Communities of interest, communities of practice and geography give us the freedom to move between different contexts and develop different aspects of ourselves. This type of contextual movement and flexibility is part of what it mean to live in cities and particularly large cities. Where people in one context would not necessarily share other contexts. The freedom to move between different contexts exists in the digital real. The internet enabled those in more remote locations to also participate in communities of interest and practice well beyond what they could access via their local geography. We need to work to ensure the freedom to move between communities is not implicitly eroded in the digital realm. One key way to do this is to ensure that people have the freedom to use non-corelateable identifiers (pseudonyms) across different contexts they do not want linked.
Self in relationship to Employers
The power relationship between an employee and an employer is quite clear. The employer does the vetting of potential new employees. They are hired and given access to the employers systems to do work for them. When the employee was no longer working for a company because of any number of reasons – retirement, resignation, termination – the employer revokes the employees ability to access those services. This power relationship is NOT the same of an individual citizen’s relative to their government or the power relationship of a person relative to communities they participate in. In both cases the person has an inherent identity that can not be “revoked”.
Power and Context
The Self in a Small society is embedded in a social mesh one can not escape. There is no “other place” and one is defined in that society and because it is so small one can not leave.
The self in a Mass society is in a power relationship with the state. Where one has rights but one also must use the identification system they issue and manage to interact and connect with it.
The self in community gets to navigate a myriad of different ones each with its own social constructions and how power operates and flows within it. (egalitarian, religions, social) communities, work places (traditional owner, worker | worker owners | holocracy).
Abstraction
The start of all our conversations about people’s identity comes from being embodied beings. The beauty of the digital realm is that we can abstract ourselves from our bodies and via digital identities interact via digital media. This gives us the freedom to connect to communities beyond those we could access in our local geographic location.
Atoms and Bits
Atoms and Bits are different. The difference between them is still not well understood.
- “Atoms” Physical things can only be in one place at one time.
- “Bits” Can be replicated and be in two or more places at once.
Physical Body
Atoms – We each have only one physical body. Our physical bodies can only be in one physical place at once. It is recognizable by other humans we meet and interact with. Because it is persistent we can be re-recognized and relationships can grow and evolve based on this. When we move between contexts in physical space – we can be recognized in different ones and connections made across them. We also have social norms, taboos and laws that help us maintain social graces.
Digital Representation
Bits – When we create digital representations of ourselves we get to extend ourselves – our presences to multiple places at the same time. We can use a digital identity that is strongly linked to the identity(ies) and contexts we use/have in the physical world. We also have the freedom to create a digital representation that steps out of the identity we occupy in the physical realm.
We can be an elf or an ork in a online game.
We can cloak our gender or choose to be a different gender.
We can cloak our race or choose to be a different one when we represent ourselves online.
We can interact on a level playing field when in the physical realm we are confined to a wheel chair.
These identities we create and inhabit online are not “fake” or “false” or “not real”. They are representations of the self. The digital realm is an abstraction and gives us the freedom to articulate different aspects of ourselves outside of the physical world.
Digital Dossier
In the digital realm because it is en-coded means that our our movements around digital space leave trails, records of the meta-data generated when we click, type, post a photo, pay for a song do basically anything online. We leave these behind and the systems that we interact with collect them and reconstruct them to develop a digital dossier of us. This behavior if it happened in the world of atoms in the physical space would be considered stalking. We have a stalker economy where our second selves are owned by corporations and used to judge us and target things at us.
Power in Space & Relationships
The freedom of people to transend aspects of identity from the physical world is disruptive to some of default power dynamics.
Disrupting Privilege
The push back against Google+’s requirement for the use of “real names” was lead by women and others who use the freedom of the digital realm to step out of the bias they experience in the physical world.
The people who were pro-real name were largely white men from privileged positions in the technology industry and implicitly through the support of the policies wanted the default privileges they enjoyed in the physical realm to continue into the digital.
Shape of Space
In the physical world we understand how different physical spaces work in terms of how big they are, how many people are in them, what the norms and terms and conditions are. We know that based on these we have a social understanding.
The challenge in the digital world is that the space is shaped by code and defined by the makers of the contexts. These contexts can change at their will. As has happened repeatedly with Facebook’s changing settings for who could see what personal information. This instability creates mistrust particularly by vulnerable people in these systems.
The commercial consumer web spaces currently have a structure where they collect so much information about us via their practices of stalking us digitally. They have enormous power over us.
The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 2: Names
This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.
Part 1: Intro + hat is Identity? Part 3: Identifiers Part 4: Name Space, Attributes and Conclusion.
This is Part 2:
Names
Names are what we call ourselves and what others call us. They are a special kind of identifier because they are the link between us and the social world around us. We present ourselves using names so people know how to refer to us when talking to others or call us when they are talking to us. They convey meaning and have power.
Digital devices can also have names are defined by the administrators of these devices. Places have names given to them by people in a given context these help us refer to a geographic location. It should be noted that the names first nations (indian or native american) people had for places are different then the ones that the American’s colonized their land used.
Given Names
These are the names our parents give us when we are born. In America we have a naming convention of a first name and last name. This convention originates from ___ when states were seeking to impose control.
Name structure in various cultures
Different cultures have very different naming conventions. In Hong Kong their is a convention of an english first name written in English and a Chinese character written last name. In Mayanmar everyone has a first name.
Meaning in Wisdom Traditions
Different wisdom traditions ascribe different ways to interpret and ascribe meaning in names.
NickName
These arise when people start to refer to us by a different name then the name we might give ourselves. We can take these on and they can become our name. They might arise from our families, from school, from sports teams, social clubs, work places. In these different contexts, the name that we are referred to may have nothing to do with the name our our birth certificate and the people using the name to refer to us.
Name on Government Issued Paperwork
We have a convention in the liberal west of registering names with the state. This originated out of several practices in the last several hundred years. One key aspect of this is to both provide services to citizens but also to control citizens.
Pen Name / Stage Name
A name used by artists for their artistic expression and authorship. It does not match the name on government issued paperwork and is often used to obscure the link between such authorship and government paperwork names so that they are free to express themselves artistically.
Autonym
A name that one uses to refer to themselves. An example is that when Jorge Mario Bergoglio became pope he chose to become Pope Francis.
Pseudonym
A name that one uses to interact in various contexts that may be linked one’s name on one’s government issued paperwork. Bob is clearly linked to the name Robert or Barb to Barbara or Liz to Elizabeth on government issued paperwork. It is important to note that many non-european languages also have examples of these.
Mononym
This is name consisting of a single word. Examples include Stilgarian and Sai. Madona or Cher are examples of Pseudonymous, Mononym, Stage Names
Handle
A name that one uses to represent ones digital identity in online contexts. It arose in computer culture when people needed to have a user name within a computer system. This is closely related to Screen names.
Screen Name
The name that one chooses to have displayed on screen. In a system like World of Warcraft the service knows identity information of their clients who pay monthly to access their service. They choose to support those player presenting to the other players on the system and forums a “screen name” that reflects their gaming persona or character name.
Name Haystack
Different Names have different qualities of hiding in the haystack of the similar or the same names. Some people have huge name – haystacks where tens of thousands people have the same name – Mike Smith, Joe Johnston, Mohamed Husain, Avi Blum, Katherine Jones. Mike Garcia who works for NIST said that there were 17 different Mike or Michael Garcia’s. People use pseudonyms to help manage the fact that name-haystacks exist making them more or less identifiable depending on the size of theirs.
Roles
RBAC – Roll Based Access Control is based on managing the rights and privileges for digital systems based on roles. When a person gets a role assigned to them the inherit the privileges.
Community groups also have different roles that might have . Earn role from getting a degree.
Titles, Given and Created
There is a history of titles being pasted down.
Eastern Wisdom Traditions pass them down from guru to student creating lineage’s.
I have had conversations with friends about who the next “Identity Woman” might be. This identity that I have constructed to hold an aspect of my self – work focused on people’s rights around their digital selves. I could see at some point handing this identity over to someone else who wants to continue the torch over.
Collective Single Identity
Theses identities are co-created by two or more people. They are managed and maintained and people jointly act together to create a persona.
The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 3: Identifiers
This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick.
Part 1: Intro + what is Identity? Part 2: Names Part 4: Name Space, Attributes and Conclusion.
This is Part 3:
Part 1: Intro + what is Identity? Part 2: Names Part 4: Name Space, Attributes and Conclusion.
This is Part 3:
Identifiers
For people Names are a special class of Identifiers. They are both self-asserted by people and are used to refer to them and acknowledge them in social context.
System Identifiers
In systems, bureaucratic, digital and techno-bureaucratic identifiers are alpha numeric string pointers at/for people in systems.
This may seem simple but their are many different types and a person with a record in a system will likely have more then one type. To get these different types of identifiers I will share different examples.
Persistent Correlateable Identifiers
This type of identifier is re-used over time within contexts and across multiple contexts.
Examples
Student Number – When I enrolled at my university I was assigned an 8 digit student number. This number was persistent over my time as a student at the school. When interacting with school institutions I was asked to share this number so that activity could be linked together across different facets of the institution.
Social Security Number – This number is issued by the federal government to those born in the US as part of the standard process for being born. It is meant to help those who submit money to the SSN system and when they retire be able to collect money from the system.
Phone Number – People today often have a personal number that they use across many different contexts. It is common place to ask for a phone number to be able to contact a person. What people don’t know is that those are used to look people up in data broker services. The phone number is used to link together activity across contexts.
E-mail Address – Many people have one personal address and use it These are often used across different contexts. What people don’t know is that those are used to look people up in 9data broker services like RapLeaf.
Phone Number – People today often have a personal number that they use across many different contexts. It is common place to ask for a phone number to be able to contact a person. What people don’t know is that those are used to look people up in data broker services. The phone number is used to link together activity across contexts.
E-mail Address – Many people have one personal address and use it These are often used across different contexts. What people don’t know is that those are used to look people up in 9data broker services like RapLeaf.
Directed Identifiers
A directed identifier is created to support individuals using different identifiers in different contexts. The purpose of this is to inhibit the ability to link records across contexts.
Examples
The British Columbia eID System – This system enrolls citizens and issues a card to them. When the card is used to access different government systems by the citizens. It does not use one identifier for the citizen. Rather for each system it uses a different identifier for the system – an identifier directed for a particular system.
Defacto Identifiers
By combining a name names, and key attributes together systems use this combination to create a defacto identifier which uniquely identifies a person often in the context of a whole society. An example is the us of “name” “birth date” and “birth place”. It seems innocent enough to be asked for one’s name, birthdate and place but this becomes a persistent correlateable identifier to link and track activity across many systems. The creation of defacto identifiers that are persistent and correlateable limits people’s ability to control how they present in different contexts.
Opaque Identifiers
An opaque identifier is one that does not give away information about the subject it identifies.
Examples of Opaque Identifiers
The BC Government eID program has at its core an opaque identifier on each card – it points to their card record. It is just a number with no meaning. If they loose their card a new opaque identifier is issued for their next card.
Examples of Non-Opaque Identifiers
National Identity Number in South Africa contains a lot of information it is a 13-digit number containing only numeric characters, and no whitespace, punctuation, or alpha characters. It is defined as YYMMDDSSSSCAZ:
- YYMMDD represents the date of birth (DoB);
- SSSS is a sequence number registered with the same birth date (where females are assigned sequential numbers in the range 0000 to 4999 and males from 5000 to 9999);
- C is the citizenship with 0 if the person is a SA citizen, 1 if the person is a permanent resident;
- A is 8 or 9. Prior to 1994 this number was used to indicate the holder’s race;
• Z is a checksum digit.
The US Social Security Number is created via a formula and so the number gives away information about the person it identifiers.
Phone numbers give away information about the metro region that a person was issued the number from.
The US Social Security Number is created via a formula and so the number gives away information about the person it identifiers.
Phone numbers give away information about the metro region that a person was issued the number from.
End-Point
Some identifiers that represent people are also end-points to which messages can be sent.
Physical Address
It is often forgotten in conversations about digital identity that we had a system of end-points for people before networks known as a mailing address. They system of mailing addresses was developed and is maintained by the US postal service.
Network Address
Phone Number – Now with cellular phones people have their own phone numbers (not just one for a household or their workplace as a whole). This permits both voice calls being made, text messages and MMS Multi-Media messages. The name space for phone number originates from the ITU-T. They are globally unique. They are also recyclable.
E-mail Address – These addresses permit people to send messages to the address they have. They are globally unique. The name space for domain names resides with ICANN. They are also recyclable.
Device Identifier
Many digital devices have unique identifiers. Activity on digital networks can be linked together by tracking these activity originating from particular devices even if people using them .
Non-End-Point
These are identifiers that do not resolve in digital or physical networks.
Document Identifiers
Documents like birth certificates have serial numbers that identify the document.
Document Validation Systems
These systems are used to look up which documents are infact valid. When properly constructed they don’t give away any information about the person. Those using the system type in the serial number of the document and information it contains and the system simply returns a Yes/No answer about weather it is valid or not.
Beacons
A beacon actually broadcasts from a digital device a persistent correlateable identifier to any device that asks for it. It creates a form of tracking people and their devices in the physical world.
Examples
RFID chips, cellular phones, laptop computers
Polymorphic
These systems generate different identifiers depending on context.
Examples
The BC eID system way of using one card that then supports the use of different identifiers depending on context.
Time Limited & Revocable
Some identifiers are created and point at a person but are revocable. An example is a phone number that is after one stops paying one’s phone bill for a month is re-assigned to another person. An employee at a company may have an employee number that is revoked (no longer valid) once employment is terminated. A passport number is an identifier that has a time limit it is good for 5 or 10 years. A landed immigrant card (green card) in the US is only good for 10 years.
Un-Revocable
These identifiers are persistent and are not revoked. Examples include Social Security Numbers.
Identifier Issues
Identifier Recycling
Some identifiers are in systems where identifiers that point at one person can be discontinued (they stop paying their phone bill or using their e-mail address) and then the identifier can be re-assigned to a different user.
Delegation (Acting on Behalf of Another)
This functionality is critically to a variety of user populations. Elders who want to delegate access to their accounts children. Service professionals who have contractual relationships with clients such as an accountant managing access to financial & tax records. Most systems are designed with an assumption that people themselves are the only one accessing accounts. This creates a problem when people want to delegate access they have to turn over their own credentials so the person they are delegating to “pretends” to be the actual user.
Stewardship (Care-Taking – Oversight)
Their is another role that is slightly different then delegation when someone turns over a power of attorney like function for a particular account/set of functions. Stewardship of identity is the type of relationship a parent has for a child’s identity or the type of care needed to help the mentally disabled with their interactions online.
The Mesh of Pointers
We end-up with a way that identifiers work together as a web of pointers towards a particular individual.
The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 4: Name Spaces, Attributes, Conclusion
This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.
Part 1: Intro + What is Identity? Part 2: Names Part 3: Identifiers
This is Part 4:
Name Spaces
Different identifier systems work differently some originate from physical space and others operate purely in the digital realm.
Local
A great example of a local name space in the physical world is a school classroom. It is not uncommon in american classrooms that when there is a name space clash – that is two people have the same name in the same space – they take on different names to be identifiable within that context. Take for example those with the names “Stowe” “Fen” and “Chris” – each is one part of the name Christopher : Chris – Stowe – Fer. When they were in grade school each took on a different part of the name and it stuck with them.
Global
These names spaces mean that identifiers within them are unique and global. Phone numbers, domain names and thus e-mail addresses.
Private
Some private name spaces seem like global name spaces but they are run by private companies under privately decided terms and conditions. Examples include skype handles, twitter handles,
International Registry
These are identifiers in a global space that are registered and managed globally an example is domain names.
Attributes
Self Asserted
These are attributes that people self defined. They include things that are subjective like “favorite color” or “name”
Inherent
These arise from the individual and typically do not change (such as birth date) and are not as morphable. Sex and ethnic identity are things that people have and display in the physical world that don’t (typically) change throughout one’s life.
Ascribed
These are attributes that are given to us by others or by systems. This may include names that are imposed on us by social convention and or power relationships.
Assigned
These are attributes that are given to us by others or by systems.
Examples:
Social Security Numbers are assigned by the Social Security Administration.
Conclusion
Identity is a big topic and outlining the core concepts needed to understand it was the purpose of this paper. We need to think about how the systems that manage identity are structured. Are they designed to have power over people, supporting people having power with one another or enabling power to be networked between us to create something greater then ourselves. These questions are relevant across the whole life-cycle of identity from cradle to grave.
Field Guide to Internet Trust Models: Introduction
This is the first in a series of posts that cover the Field Guide to Internet Trust Models Paper. The paper was presented at the University of Texas at Austin ID360 Conference in 2013.
This paper was collaboration between myself and Steve Greenberg. I had an outline of all the Trust Models and worked with Steve Greenberg for several months to shape it into the paper.
The full papers is downloadable TrustModelFieldGuideFinal (see the bottom of this post for a link to a post on each of the models).
The decreasing cost of computation and communication has made it easier than ever before to be a service provider, and has also made those services available to a broader range of consumers. New services are being created faster than anyone can manage or even track, and new devices are being connected at a blistering rate.
In order to manage the complexity, we need to be able to delegate the decisions to trustable systems. We need specialists to write the rules for their own areas and auditors to verify that the rules are being followed.
This paper describes some of the common patterns in internet trust and discuss some of the ways that they point to an interoperable future where people are in greater control of their data. Each model offers a distinct set of advantages and disadvantages, and choosing the appropriate one will help you manage risk while providing the most services.
For each, we use a few, broad questions to focus the discussion:
- How easy is it for new participants to join? (Internet Scale)
- What mechanisms does this system use to manage risk? (Security)
- How much information the participants require from one another how strongly verified?
(Level of Assurance -not what I think assurance is…but we can talk – it often also refers to the strength of security like number of factors of authentication )
Using the “T” Word
Like “privacy”, “security”, or “love”, the words “trust” and “identity”, and “scale” carry so much meaning that any useful discussion has to begin with a note about how we’re using the words.
This lets each link the others to past behavior and, hopefully, predict future actions. The very notion of trust acknowledges that there is some risk in any transaction (if there’s no risk, I don’t need to trust you) and we define trust roughly as:
The willingness to allow someone else to make decisions on your behalf, based on the belief that your interests will not be harmed.
The requester trusts that the service provider will fulfill their request. The service provider trusts that the user won’t abuse their privileges, or will pay some agreed amount for the service. Given this limited definition, identity allows the actors to place one another into context.
Trust is contextual. Doctors routinely decide on behalf of their patients that the benefits of some medication outweigh the potential side effects, or even that some part of their body should be removed. These activities could be extremely risky for the patient, and require confidence in the decisions of both the individual doctor and the overall system of medicine and science. That trust doesn’t cross contexts to other risky activities. Permission to prescribe medication doesn’t also grant doctors the ability to fly a passenger airplane or operate a nuclear reactor.
Trust is directional. Each party’s trust decisions are independent, and are grounded in the identities that they provide to one another.
Trust is not symmetric. For example, a patient who allows a doctor to remove part of their body should not expect to be able to remove parts of the doctor’s body in return. To the contrary, a patient who attempts to act in this way would likely face legal sanction.
Internet Scale
Services and APIs change faster than anyone can manage or even track. Dealing with this pace of change requires a new set of strategies and tools.
The general use of the term “Internet Scale” means the ability to process a high volume of transactions. This is an important consideration, but we believe that there is another aspect to consider. The global, distributed nature of the internet means that scale must also include the ease with which the system can absorb new participants. Can a participant join by clicking “Accept”, or must they negotiate a custom agreement?
In order to make this new world of user controlled data possible, we must move from a model broad, monolithic agreements to smaller, specialized agreements that integrate with one another and can be updated independently.
A Tour of the Trust Models
The most straightforward identity model, the sole source, is best suited for environments where the data is very valuable or it is technically difficult for service providers to communicate with one another. In this situation, a service provider issues identity credentials to everyone it interacts with and does not recognize identities issued by anyone else. Enterprises employing employees, financial institutions, medical providers, and professional certifying organizations are commonly sole sources. Because this is the most straightforward model to implement, it is also the most common.
Two sole sources might decide that it’s worthwhile to allow their users to exchange information with one another. In order to do so, they negotiate a specific agreement that covers only the two of them. This is called a Pairwise Agreement and, while it allows the two parties to access confidential resources, the need for a custom agreement makes it difficult to scale the number of participants. This is also a kind of federated identity model, which simply means that a service accepts an identity that is managed someplace else.
As communication technology became more broadly available, the number of institutions who wanted to communicate with one another also increased. Groups of similar organizations still wanted to issue their own identities, but wanted their users to be able to interact freely with one another. The prospect of each service having to negotiate a custom agreement with every other service was daunting, so similarly chartered institutions came up with standard contracts that allow any two members to interact. These groups are called Federations, and there are several different kinds. Federation agreements and membership are managed by a Contract Hub.
When the federation agreement limits itself to policy, governance, and common roles, but leaves technical decisions to the individual members, it’s referred to as a Mesh Federations. Individual members communicate form a mesh, and can communicate directly with one another using whatever technology they prefer.
Alternatively, a Technical Federation defines communication methods and protocols, but leaves specific governance and policy agreements to the members. In some cases, the technical federation may also route messages between the members.
As the number of services has increased, so has the problem of managing all of those usernames and passwords. Users might decide to reuse an existing identity rather than creating a new one. In recent years, some organizations have made identities that they issue available to other services. Service providers accept these identities because it lowers the cost of user acquisition. When the same entity provides identities for both the requester and the service provider, it is referred to as a Three Party Model.
If the requester and the service provider have provider have separate but compatible identity providers, it is called a Four Party model. This is present in highly dynamic models, such as credit card processing,
Peer-to-peer networks are for independent entities who want to identity assurance, but who lack a central service that can issue identities to everyone. To get around this, the participants vouch for one another’s identities.
Individual contract wrappers are an innovation to enable complex connections between services where the terms and conditions of using the data are linked to the data.
Common Internet Trust Models
Sole source: A service provider only trusts identities that it has issued.
Pairwise Federation: Two organizations negotiate a specific agreement to trust identities issued by one another.
Peer-to-Peer: In the absence of any broader agreement, individuals authenticate and trust one another.
Three-Party Model: A common third party provides identities to both the requester and the service provider so that they can trust one another.
“Bring your Own” Portable Identity: In the absence of any institutional agreement, service providers accept individual, user-asserted identities.
“Winner Take All” Three Party Model: Service provider wants to allow the requester to use an existing identity, but only accepts authentication from a single or very limited set of providers.
Federations: A single, standard contract defines a limited set of roles and technologies, allowing similar types of institution to trust identities issued by one another.
Mesh Federations: These share a common legal agreement at the contract that creates permissible interoperability.
Technical Federations: These share a common technical hub responsible for making the interoperability happen.
Inter-Federation Federations: This is what happens when one federation actually inter-operates with another federation.
Four-Party Model: An interlocking, comprehensive set of contracts allows different types of entity to trust one another for particular types of transaction.
Centralized Token Issuance, Distributed Enrollment: A shared, central authority issues a high-trust communication token. Each service provider independently verifies and authorizes the identity, but trusts the token to authenticate messages.
Individual Contract Wrappers: Manage how personal data is used rather than trying to control collection. Information is paired contract terms that governs how it can be used. Compliance is held accountable using contract law.
Open Trust Framework Listing: An open marketplace for listing diverse trust frameworks and approved assessors.
Field Guide to Internet Trust Models: The Sole Source
Sole Source
A Sole Source is an organization that acts as identity provider (IdP) and relying party (RP) for itself. This organization issues all identities that it recognizes, and only trusts identities that it has issued.
An organization like this does not federate identities at all. Because it does not connect to anything else, this model is sometimes referred to as a Silo, an Identity Island, or a Standalone Domain. The service provider performs its own verification and dictates governance, privacy, and technical terms to all participants.
There is minimal – if any – negotiation between the requester and the service provider. The service provider manages the entire account lifecycle from creation through retirement.
Examples
Historically, this has been the most common identity model because it can be implemented simply and gives the service provider the most control. Large, consumer-facing services like eBay, Facebook, and Yahoo! were created with sole source identity, although many are adopting newer models as internet technology has evolves. Internal corporate services are often sole source, and only accept identities issued by the organization.
Financial services, and health insurance, are likely to remain sole source identity providers until a strong, multifactor identity gains momentum with consumers and liability questions are settled. There have been several attempts to do this, but none has yet achieved critical mass.
Being a sole source provider does not guarantee account security, as end users may simply give their account login and password to a third party. Tricking users into giving up account information is a common tactic used by “phishing” sites and other criminals, but legitimate services like Mint.com (a US-based financial service provider) also ask for credentials in order to combine information from sites that do not provide APIs.
When to Use
A service that maintains particularly confidential information or valuable assets, or that operates in an uncertain environment. If proper operation and risk management requires a high level of assurance, then consider being a sole source.
Advantages
The service provider can authenticate requesters to whatever level of assurance it desires before issuing an identity and does not depend upon third parties.
Disadvantages
The service provider bears the full management cost of the identity life cycle. The requirement to create a new identity may discourage potential users of the service. The service must provide a product attractive enough to justify asking the requester to create and manage a new account.
Ability To Scale
When the service provider does not need to integrate with any other services or when it is in a position to dictate terms, a sole source trust model can scale to very large systems. The requirement to create and remember new identity can be a barrier to growing the number of active users.
The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions. Below are links to all the different models.
Sole source, Pairwise Federation, Peer-to-Peer,
Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:
Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations
Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing
Field Guide to Internet Trust Models: Open Trust Frameworks
A Trust Framework is a specification that describes a set of identity proofing, security, and privacy policies. The framework is authored by subject matter experts, and is written with the intent that compliance can be assessed. The framework also lists the qualifications that an assessor must have in order to judge compliance.
A Framework Listing Service provides a publicly visible location where trust frameworks can be published and tracked. The listing service sets guidelines for acceptable frameworks and accredits assessors to verify that services implement the frameworks properly.
Examples: The Open Identity Exchange (OIX), Kantara Initiative, and InCommon operate framework listing services. A Framework Creator authors a trust framework that specifies identity validation policies and publishes it to a Framework Listing Service. The framework may also specify the qualifications required in order to be a valid assessor of the policy.
When to use: This should be used by networks who share a common set of technology and policy needs but are not in the business of creating technology networks or accrediting compliance.
Advantages: Standard, publicly available specifications that are designed by subject matter experts. Assessors can verify that the frameworks are implemented properly.
Disadvantages: Not broadly supported, evolving model.
Ability to scale: Because each component can be independently updated, a network based on open trust frameworks could potentially scale to be very large.
The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions. Below are links to all the different models.
Sole source, Pairwise Federation, Peer-to-Peer,
Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:
Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations
Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing
Field Guide to Internet Trust Models: Technical Federation
In addition to contract terms, a Technical federation also provides a central service that acts as a clearinghouse for identity operations. It routes authentication requests from the service back to the requester’s chosen identity provider, translating protocols as needed. The existence of a central service lowers the technical and administrative costs of participating in the network. For contrast, a federation network where the participants connect directly with one another rather than going through a central clearinghouse is called a Mesh.
Examples: WAYF provides federated single sign-on to Denmark’s higher education, research institutions, and libraries.
When to Use: A large entity is available to act as an identity clearing house.
Advantages: Encourages use of digital identity by providing a central clearinghouse for authentication. Service providers only need to integrate with a single identity provider. Requesters can choose from a variety of identity providers.
Disadvantages: Requires substantial investment that may only be available to very large institutions or states.
Ability to Scale: Can scale to support national identity programs.
The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions. Below are links to all the different models.
Sole source, Pairwise Federation, Peer-to-Peer,
Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:
Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations
Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing
Field Guide to Internet Trust Models: Individual Contract Wrappers
Individual Contract Wrappers
When providing information to a service, the requester also provides terms for how that information can be used. Service providers agree to honor those terms in exchange for access to the data, and compliance is enforced through contract law. Terms might include an expiration date, limits on whether the data can be re-sold, or whether it can be used in aggregate form. This model is the mirror image of the Sole Source.
Examples: Personal.com offers a service that provides end users with a place to store personal data. Service providers agree to abide by a set of agreements in order to use this data.
When to use:
Advantages: Provides an incentive for the requester to provide clear, correct, and up-to-date information. In exchange for accepting limits on how the data can be used, the service provider gains access to better quality and more complete data.
Disadvantages: Emerging technology with evolving standards, not widely supported yet.
Ability to scale: It has a high ability to scale but it is almost a reverse architecture of the Sole Source and some of the same challenge.
The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions. Below are links to all the different models.
Sole source, Pairwise Federation, Peer-to-Peer,
Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:
Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations
Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing