In the Internet’s early days, users often felt shielded behind an electronic veil of anonymity, able to take on any persona they pleased. Now, nearly every online service has adopted technologies that build user profiles, offer product recommendations, and piece together personal histories that go back farther than most of us even know.
Digital identifiers and the attributes tied to those identifiers are key to establishing trust in any form of online communication. What are the underlying identifiers we use on the Internet today? What are their properties? How do these identifiers and attributes relate to our ideas of "identity?" If we were to dream of an ideal world with multiple interlinked and interoperable identity ecosystems, what would good look like?
During this Briefing Panel, the Internet Society’s Chief Internet Technology Officer Olaf Kolkman and four panelists from various layers of the stack will discuss whether identity management is, or will be, a fundamental building block for the Internet, the forces currently at play in the identity sphere, the push for single sign-on, the role of mobile, and more.
Moderator
Olaf Kolkman, Internet Society
Panel
Leif Johansson, SUNET
Ken Klingenstein, Internet2
Jef Hodges, PayPal
Natasha Rooney, GSMA
4. Identity:
everythings gots it..
but what is it..
and how do we use it?
ISOC Briefing Panel | 11 Nov 2014
Jeff Hodges, ISOC Briefing Panel
11-Nov-2014 IETF-91
7. For myself (speaking as an individual), the context of our
ISOC Briefing Panel | 11 Nov 2014
discussion is:
! how do we (“human subjects”) interact with various
entities (human and not) throughout the Internet and..
! ..be known as “us”..
! ..(for some definition of “us”, not necessarily under
our control)..
! ..and/or assert ourselves as “us”?
8. What does this mean under the hood?
This: Mapping of human subjects to..
ISOC Briefing Panel | 11 Nov 2014
! Actions,
! Events,
! Processes,
! Communication channels,
! Physical devices,
! Etc.
9. ..while keeping in mind there are various tensions/
ISOC Briefing Panel | 11 Nov 2014
tussles involved, e.g.:
! naming,
! identification,
! agency,
! autonomy,
! privacy,
! security,
! etc.
10. Where things are headed (one way or another)....
ISOC Briefing Panel | 11 Nov 2014
Source: AndroidCentral.com
11. Identity is a cross-layer notion,
but: which layers and how?
flmrw
And
/or
Her
e..
ISOC Briefing Panel | 11 Nov 2014
Sources: Evi Nemeth (RIP), xkcd
12. NOTE: we really going to need to keep that Layer 9
ISOC Briefing Panel | 11 Nov 2014
thing in mind...
Source: biometricupdate.com
16. @thisNatasha
[1] Use Cases:
Login and Do Something
- Managing money at my bank
(secure, not fast)
- Accessing your health records
(secure, not fast)
- Login and buy
(secure, fast)
- Login and Tweet
(not as secure, fast)
17. @thisNatasha
[1] Use Cases:
Adding Attributes
- Buying alcohol online
(age)
- Accessing your health records
(attributes to strengthen identity)
- Renting a Car
(have a drivers license)
18. [1] Use Cases:
Identity is dependant on the situation
- Login and Tweet
(Does Twitter really need to know that I am this Natasha, or just
@thisNatasha?)
@thisNatasha
20. @thisNatasha
[2] Identity Providers
& Business
- Trust
(Who manages your identity?)
- How
(How is identity information transported throughout the internet?)
- Who else needs to be involved
(Business, regulation, trusted entities, government...)
21. [1] How do we solve for
all the use cases?
@thisNatasha
(solve the simplest first?)
[2] How do we enable secure,
trusted identity management?
(can internet technologies help?)
24. “User-centric” is a
ISOC Briefing Panel | 11 Nov 2014
distraction
We need both trusted 3rd, 4th and maybe 5th parties to help users stay safe .. and >1 of each
25. There is no such thing as
an Internet identity layer
Identity happens at most layers … and no, it isn’t FB either… however (drumroll...)
ISOC Briefing Panel | 11 Nov 2014
26. The Internet needs
reusable, non-hierarchical
and scalable technical trust
Not dnssec, but like what BGP is to the network… and with many of the same properties
ISOC Briefing Panel | 11 Nov 2014