"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Internet Identity Workshop 10 - Introduction to the User-Centric Identity Community
1. May 17th 2010
INTRODUCTION
by Kaliya Hamlin @identitywoman
Tuesday, May 18, 2010
2. We have been meeting together every 6 months since the fall of 2005.
The Internet Identity Workshop is the work group of Identity Commons
an industry consortia & community linking many efforts focused on a
people centric identity layer of the net.
The Workshop provides open forum for both the big guys and the
small fry to come together in a safe and balanced space. It is not about
any one technology - rather it is a place to discuss multiple
interoperating (and possible competing) projects, standards, and
networks for identity, data sharing, and reputation.
IIW is Co-Produced by Phil Windley (@windley),Kaliya Hamlin (@identitywoman) & Doc Searls (dsearls)
IIWX is being co-facilitated by Kaliya Hamlin and Heidi Nobantu Saul (@nobantu).
The Notes Collection Center is being run by Kas Neteler (@kasneteler) and Heidi Nobantu Saul.
Tuesday, May 18, 2010
3. SHARED VISION for people’s identity
on the scale of the web.
Tuesday, May 18, 2010
4. Freedom
and
Autonomy
for People
Tuesday, May 18, 2010
7. There will be a
Big Bang
With all new technologies there is a point at which new things start
happening that the creators of the technology did not envision this is a
big bang in identity.
Tuesday, May 18, 2010
8. Mission statements:
• Identity Commons: Support, facilitate, and promote the creation of an open identity layer
for the Internet, one that maximizes control, convenience, and privacy for the individual
while encouraging the development of healthy, interoperable communities.
• Information Card Foundation: Promote, protect, and enable the development of an open,
trusted, interoperable, royalty-free identity layer for the Internet that maximizes control over
personal information by individuals
• OpenID Foundation: To foster and promote the development of, public access to, and
adoption of OpenID as a framework for user-centric identity on the Internet; and To acquire,
create, hold, and manage intellectual property related to OpenID and provide equal access to
such intellectual property to the OpenID community and public at no charge.
• Kantara Intiative: Foster identity community harmonization, interoperability, innovation,
and broad adoption through the development of open identity specifications, operational
frameworks, education programs, deployment and usage best practices for privacy-
respecting, secure access to online services
• Open Identity Exchange: Collecting aggregating, and distributing information regarding
the identity-related services industry to businesses and other stakeholders in that industry in
order to improve conditions in that industry by fostering innovation, market transparency,
and identity-related product and service interoperability; Providing a neutral, open market
registration system for participants in the identity-related services industry;
• Data Portability Project: Data portability enables a borderless experience, where people
can move easily between network services, reusing data they provide while controlling their
privacy and respecting the privacy of others. Our Mission is to help people to use and protect
the data they create on networked services, and to advocate for compliance with the values
of DataPortability.
Tuesday, May 18, 2010
9. What is the state of the
world now?
Tuesday, May 18, 2010
14. Lots of Open Standards
XRI/XDI
Information SAML
Cards
Tuesday, May 18, 2010
15. Broad Base of Participation SMALL COMPANY
BIG COMPANY SPONSORS SPONSORS
NONPROFIT SPONSORS
MSFT FuGen Solutions
ISOC
PingID OUNO
Kantara/Liberty Alliance CORPORATE PARTICIPANTS
SUN Rel-ID
Info Card Foundation Paypal
Facebook Poken
OASIS IDTrust Booz Allen Hamilton SMALL COMPANY
Google Vidoop
Mozilla Apple PATICIPANTS
Yahoo Chimp
Higgins Project
Cisco
Burton Group Authentrus Ångströ
Bandit Project Hewlett Packared Digg, Inc.
Plaxo Sxip
Planetwork International Business Machines Privo
Internet Society Commerce Net Intuit ClaimID
Expensify
Adobe LexisNexis FamilySearch.org
NONPROFIT BT Nippon Telegraph and Telephone Corporation FreshBooks
PARTICIPANTS Novell Nokia Siemens Networks Gigya
Center for Democracy and Facebook NRI Gluu
Technology AOL Oracle Janrain
DataPortability Project Ping Identity Orange Kynetx
IdM Network Netherlands Paypal / eBay Rackspace NetMesh Inc.
OCLC Radiant Logic Protiviti
Open Forum Foundation
World Economic Forum
Sony Ericsson
The MITRE Corporation
IETF Socialtext
TriCipher, Inc.
UNIVERSITY PARTICIPANTS
Tucows Inc
VeriSign, Inc.
W3C Trusted-ID
Wave Systems
Goldsmiths, University of London
Newcastle University
Stanford University
Vodafone Group R &D
Alcatel-Lucent OASIS Six Apart
Acxiom Identity Solutions
Acxiom Research
GOVERNMENT PARTICIPANTS Equifax
Office of the Chief Informaiton Office,
Province of British Columbia
LinkedIn
Amazon
and more...
Tuesday, May 18, 2010
21. CONTEXT For Shared Vision
IDENTITY GANG!
formed in 2004
Tuesday, May 18, 2010
22. CONTEXT For Shared Vision
Early on the Identity Gang list was a critical forum for community
collaboration it is still active here & many of the protocol efforts &
foundations that have emerged have their own lists.
http://lists.idcommons.net/lists/info/community
Tuesday, May 18, 2010
23. CONTEXT For Shared Vision
The Identity Gang was probably one of the first technical communities to have a very active
community blog life that complemented our mailing list conversations. Doc Searls played a
critical role in getting almost all community members to blog in the early days of the
community 2004-2005.
There are several aggregated blogs you can go to get a sense of activity in the community.
The Classic - www.planetidentity.org/
A newer one under development - http://seriouslyidentity.com/
Tuesday, May 18, 2010
24. CONTEXT For Shared Vision
s
Wiki forums were critical for sharing ideas and
common language like the Lexicon
Tuesday, May 18, 2010
25. CONTEXT For Shared Vision
Real Time Web Tools
SEARCH
These are newer mediums for collaboration and
information sharing using #hashtags etc. to connect work.
Tuesday, May 18, 2010
27. SHARED LANGUAGE
developed in Shared Context
Identity Gang LEXICON (driven by Paul Trevithick)
in August 2005
1.Agent 6. Entity
2.Claim 7. Identity Attribute
3.Claimant 8. Identity Context
4.Digital Identity 9. Party
5.Digital Identity Provider 10. Persona
6.Digital Subject 11. Relying Party
http://wiki.idcommons.net/Lexicon
Tuesday, May 18, 2010
28. SHARED LANGUAGE
developed in Shared Context
Scott David’s chair of the ID-Legal group at
Identity Commons and council to several of the
organizations in this space is working with the
American Bar Association to develop a meta
lexicon across 15+ lexicons in related fields.
Tuesday, May 18, 2010
29. SHARED LANGUAGE
developed in Shared Context
Information Sharing Working Group Lexicon
Tuesday, May 18, 2010
31. SHARED UNDERSTANDING
using shared language
Laws of Identity
Kim Cameron in May 2005
http://www.identityblog.com/stories/2004/12/09/thelaws.html
Tuesday, May 18, 2010
32. SHARED UNDERSTANDING
using shared language
Laws of Identity Kim Cameron in May 2005
1. User Control and Consent
2. Minimal Disclosure for a Constrained Use
3. Justifiable Parties
4. Directed Identity
5. Pluralism of Operators and Technologies
6. Human Integration
7. Consistent Experience Across Contexts
Tuesday, May 18, 2010
33. SHARED UNDERSTANDING
using shared language
A Bill of Rights for Users of the Social Web September 4, 2007
Authored by Joseph Smarr, Marc Canter, Robert Scoble, and Michael Arrington
Preamble:
There are already many who support the ideas laid out in this Bill of Rights, but we are actively seeking
to grow the roster of those publicly backing the principles and approaches it outlines. That said, this Bill
of Rights is not a document “carved in stone” (or written on paper). It is a blog post, and it is intended
to spur conversation and debate, which will naturally lead to tweaks of the language. So, let’s get the
dialogue going and get as many of the major stakeholders on board as we can!
A Bill of Rights for Users of the Social Web
We publicly assert that all users of the social web are entitled to certain fundamental rights, specifically:
• Ownership of their own personal information, including:
◦ their own profile data
◦ the list of people they are connected to
◦ the activity stream of content they create;
• Control of whether and how such personal information is shared with others; and
• Freedom to grant persistent access to their personal information to trusted external sites.
Sites supporting these rights shall:
• Allow their users to syndicate their own profile data, their friends list, and the data that’s shared
with them via the service, using a persistent URL or API token and open data formats;
• Allow their users to syndicate their own stream of activity outside the site;
• Allow their users to link from their profile pages to external identifiers in a public way; and
• Allow their users to discover who else they know is also on their site, using the same external
identifiers made available for lookup within the service.
Tuesday, May 18, 2010
34. SHARED UNDERSTANDING
using shared language
OECD Paper Properties of Identity
At a Crossroads: "Personhood"
and the Digital Identity in the
Information Society
http://bit.ly/OECDdigitalpersonnood
Tuesday, May 18, 2010
35. SHARED UNDERSTANDING
using shared language
Properties of Identity
1.Identity is social. 6.Identity is consequential.
2.Identity is subjective. 7.Identity is dynamic.
3.Identity is valuable. 8.Identity is contextual.
4.Identity is referential. 9.Identity is equivocal.
5.Identity is composite.
OECD Paper At a Crossroads: "Personhood" and the Digital Identity in
the Information Society
The Properties of Identity were articulated by Bob Blakley, Jeff Broberg, Anthony Nadalin, Dale Olds,
Mary Ruddy, Mary Rundle, and Paul Trevithick.
Tuesday, May 18, 2010
36. SHARED UNDERSTANDING
Identifiers Claims
Single String Pairs
A claim is by one party about
Identifiers link things together another or itself.
and enable correlation.
It does not have to be linked to
They can be endpoints on the an identifier.
internet.
Proving you are over 18 for
example and not giving your
real name.
Tuesday, May 18, 2010
49. OAuth
The user belongs to two different sites.
Tuesday, May 18, 2010
50. How can the user move photos from photo site to the
social network site without giving away the password
for the photo site to the social network site?
Tuesday, May 18, 2010
51. The user asked if they want to share - then
redirected to the site to give their permission
Tuesday, May 18, 2010
52. The photo site gives the social network site a token
to the social network that gives it access to their account.
Tuesday, May 18, 2010
53. A data tunnel is created between the user’s
accounts on both sites
Tuesday, May 18, 2010
54. A user posts photos and they can flow from
one to the other - and they didn’t give away their password.
Tuesday, May 18, 2010
56. Protocol Family Tree
XNS XNS.org
Current Organizations
Organizations (no longer) XDI XRI
XDI.ORG
Event
XRDS Internet
Identity
Independent Open Protocol
Workshop
Independent Open Protocol
XRD #1 Oct 2005
i-names
(no longer) Simple XRI
Protocol standardized at OASIS YADIS
OpenID
Protocol standardized at OASIS
earlier version (no longer) XRD v1
OpenID LID
v2
sxip
OpenID
Web Foundation
OpenID
Finger v Next
Tuesday, May 18, 2010
59. 3rd Interop RSA Conference
Spring 2007
European Identity Conference
Tuesday, May 18, 2010
60. Planetwork
Loose Affiliations of People Evolution of Identity Community Link Tank
FireFly
Liberty Alliance
Current Organizations Higgins
Project SUN Oracle BT
Microsoft Identity
Lots of Companies Commons (1)
Organizations (no longer) Passport XRI
XDI
Hailstorm SAML
v1 & 2
Company
Identity
IBM Gang
Proprietary Service (no longer)
VENN OF
IDENTITY
Protocol standardized at OASIS Internet Identity
OpenID Workshop
v2
Protocol standardized at OASIS IMI
Identity Metasystem OpenID
earlier version (no longer) Interoperability Foundation
TIME
Information Card
Standard
Independent Open Protocol
Information
Card
Independent Open Protocol Foundation Identity
Commons (2)
(no longer)
Pamela
Project
Paper:Shared Understanding
Kantara Intiative
Project to be
annouced at
Event IIW
Open Identity
Exchange
Project to be
Project with Code annouced at
IIW
Tuesday, May 18, 2010
61. Project Concordia
Ongoing deployers or providers of input:
AOL Identity Management Use Case
Boeing Identity Management Use Case
Cisco Policy & Entitlements Managment Use Case
General Motors Identity Management Use Case
Government of B.C. Identity Management Use Case
InCommon Federation Identity Management Use Case
Micron Policy & Entitlements Management Use Case
New Zealand State Services Commission Identity Management Use Case
U.S. Army Policy & Entitlements Management Use Case
U.S. General Services Administration Identity Management Use Case
Tuesday, May 18, 2010
64. One of the main community organizations linking various
efforts is Identity Commons.
OIX
Open ID
PDX
OSIS
Open Source
Key
Foundation Identity System
Information
Group that who's
Card home is at Identity
Foundation IDMedia Commons
Review
XDI.ORG
Data Independant
Photo Nonprofit
Portability
Project
Identity Group Organization
Commons Kids
Internet Identity Online Project at
Workshop another
organization
Project Identity
Schemas Identity
VRM Gang
Nick's
Pamela Legacy EVENT
Higgins Project ID-Legal
Project
Tuesday, May 18, 2010
70. What is happening now?
Open Identity Exchange
Policy Repository Levels of
for Auditors Levels of Assurance Protection
Trust Frameworks Identity Providers Relying Parties
ICAM
John Google
Relying Party
Steensen
OCLC PayPal
Other
Relying Party
Auditor
PBS Kids Equifax
Other
Auditor Yahoo!
XAuth
Tuesday, May 18, 2010
71. Open Identity For Open
Government
Fast Company blog post by Kaliya
Government Experimenting with http://bit.ly/FastCo-IDGov
Identity Technologies
Government Services
Administration website on ID http://bit.ly/ID-Gov-Open
Tuesday, May 18, 2010
73. Personal Data Stores
/ User Data Banks
$
APPLICATIONS
EXCHANGE
REFINEMENT
STORAGE
ID + ENCRYPTION
DATA + META DATA
SOURCES
Invention Arts Stack for User Data Banks
Tuesday, May 18, 2010
74. Context Engines
for
Purpose Driven Apps
Kynetx.com
Tuesday, May 18, 2010
77. How do all these technical
protocols solve real problems?
Tuesday, May 18, 2010
78. How to communicate clearly
about our ideas and
share this work?
Tuesday, May 18, 2010
79. How do we apply identity
technologies
in different realms?
Government Social Sites
Ultimately it must work
for “regular” people
Businesses Organizations
Tuesday, May 18, 2010
80. USABILITY
Different Contexts
Tuesday, May 18, 2010
81. How does identity work
between them?
TECHNOLOGY
SOCIAL ? BUSINESS
LEGAL
Tuesday, May 18, 2010
82. Conclusion: a funny take the identity dog logo
On the dog, no one knows when
you’re on the Internet.
Tuesday, May 18, 2010