IIW-East Introduction to Identity Community

IIW-East INTERNET IDENTITY WORKSHOP A WORKING GROUP OF IDENTITY COMMONS Open Identity for Open Government September 9th, 2010 Introduction to the Identity Community by Kaliya Hamlin @identitywoman

Who is IIW? Co-Founders Co-Producers Phil Kaliya Doc Windley Young Searls Hamlin Heidi Nobantu Saul IIW-East Production Co-Facilitation

5 yrs of Face to DIDW Face MeetingsBurton Group IIW5 RSA IOS 4 2007 IIW 4 IOS 3 IOS 2 OSIS Interop 2 2006 IIW 3 Data Sharing Workshop DIDW RSA Burton Group IOS 1 OSIS Interop 1 2005 DIDW IIW 2 2004 DIDW IIW 1 2003 DIDW

5 yrs of Face to DIDW Face Meetings Group Burton IIW 11 2010 RSA IIW-Europe DIDW IIW-East Burton Group IIW 10 2009 RSA IIW 9 DIDW IIW 8 Burton Group OSIS Interop5 RSA IIW 7 2008 OSIS Interop 4 IIW 6 Data Sharing Summit Data Sharing Workshop OSIS Interop 3

Peers and Relationships

Unconference Format

Container to Connect Various Efforts

Planetwork Loose Afﬁliations of People Evolution of Identity Community Link Tank FireFly Liberty Alliance Current Organizations Higgins Project SUN Oracle BT Microsoft Identity Lots of Companies Commons (1) Organizations (no longer) Passport XRI XDI Hailstorm SAML v1 & 2 Company Identity IBM Gang Proprietary Service (no longer) VENN OF IDENTITY Protocol standardized at OASIS Internet Identity OpenID Workshop v2 Protocol standardized at OASIS IMI Identity Metasystem OpenID earlier version (no longer) Interoperability Foundation TIME Information Card Standard Independent Open Protocol Information Card Independent Open Protocol Foundation Identity Commons (2) (no longer) Pamela Project Paper:Shared Understanding Kantara Intiative Project to be annouced at Event IIW Open Identity Exchange Project to be Project with Code annouced at IIW

Mission statements: • Identity Commons: Support, facilitate, and promote the creation of an open identity layer for the Internet, one that maximizes control, convenience, and privacy for the individual while encouraging the development of healthy, interoperable communities. • Information Card Foundation: Promote, protect, and enable the development of an open, trusted, interoperable, royalty-free identity layer for the Internet that maximizes control over personal information by individuals • OpenID Foundation: To foster and promote the development of, public access to, and adoption of OpenID as a framework for user-centric identity on the Internet; and To acquire, create, hold, and manage intellectual property related to OpenID and provide equal access to such intellectual property to the OpenID community and public at no charge. • Kantara Intiative: Foster identity community harmonization, interoperability, innovation, and broad adoption through the development of open identity specifications, operational frameworks, education programs, deployment and usage best practices for privacy- respecting, secure access to online services • Open Identity Exchange: Collecting aggregating, and distributing information regarding the identity-related services industry to businesses and other stakeholders in that industry in order to improve conditions in that industry by fostering innovation, market transparency, and identity-related product and service interoperability; Providing a neutral, open market registration system for participants in the identity-related services industry; • Data Portability Project: Data portability enables a borderless experience, where people can move easily between network services, reusing data they provide while controlling their privacy and respecting the privacy of others. Our Mission is to help people to use and protect the data they create on networked services, and to advocate for compliance with the values of DataPortability.

One of the main community organizations linking various efforts is Identity Commons. OIX Open ID PDX OSIS Open Source Key Foundation Identity System Information Group that who's Card home is at Identity Foundation IDMedia Commons Review XDI.ORG Data Independant Photo Nonproﬁt Portability Project Identity Group Organization Commons Kids Internet Identity Online Project at Workshop another organization Project Identity Schemas Identity VRM Gang Nick's Pamela Legacy EVENT Higgins Project ID-Legal Project

Broad Base of Participation SMALL COMPANY BIG COMPANY SPONSORS SPONSORS NONPROFIT SPONSORS MSFT FuGen Solutions ISOC PingID OUNO Kantara/Liberty Alliance CORPORATE PARTICIPANTS SUN Rel-ID Info Card Foundation Paypal Facebook Poken OASIS IDTrust Booz Allen Hamilton SMALL COMPANY Google Vidoop Mozilla Apple PATICIPANTS Yahoo Chimp Higgins Project Cisco Burton Group Authentrus Ångströ Bandit Project Hewlett Packared Digg, Inc. Plaxo Sxip Planetwork International Business Machines Privo Internet Society Commerce Net Intuit ClaimID Expensify Adobe LexisNexis FamilySearch.org NONPROFIT BT Nippon Telegraph and Telephone Corporation FreshBooks PARTICIPANTS Novell Nokia Siemens Networks Gigya Center for Democracy and Facebook NRI Gluu Technology AOL Oracle Janrain DataPortability Project Ping Identity Orange Kynetx IdM Network Netherlands Paypal / eBay Rackspace NetMesh Inc. OCLC Radiant Logic Protiviti Open Forum Foundation World Economic Forum Sony Ericsson The MITRE Corporation IETF Socialtext TriCipher, Inc. UNIVERSITY PARTICIPANTS Tucows Inc VeriSign, Inc. W3C Trusted-ID Wave Systems Goldsmiths, University of London Newcastle University Stanford University Vodafone Group R &D Alcatel-Lucent OASIS Six Apart Acxiom Identity Solutions Acxiom Research GOVERNMENT PARTICIPANTS Equifax Office of the Chief Informaiton Office, Province of British Columbia LinkedIn Amazon and more...

Lots of Open Standards Information XRI/XDI Cards SAML

What do we Share? Shared History Shared Vision Shared Context Shared Language Shared Understanding Shared Technology Development

Shared History

SHARED EXPERIENCE in past wars THE Directory Wars of the 90s

SHARED EXPERIENCE in past wars Passport & Hailstorm vs

SHARED VISION for people’s identity on the scale of the web.

Freedom and Autonomy for People

Open Standards are Essential

No One Dominant Player

There will be a Big Bang With all new technologies there is a point at which new things start happening that the creators of the technology did not envision this is a big bang in identity.

Shared Context

CONTEXT For Shared Vision IDENTITY GANG! formed in 2004

CONTEXT For Shared Vision Early on the Identity Gang list was a critical forum for community collaboration it is still active here & many of the protocol efforts & foundations that have emerged have their own lists. http://lists.idcommons.net/lists/info/community

CONTEXT For Shared Vision The Identity Gang was probably one of the ﬁrst technical communities to have a very active community blog life that complemented our mailing list conversations. Doc Searls played a critical role in getting almost all community members to blog in the early days of the community 2004-2005. There are several aggregated blogs you can go to get a sense of activity in the community. The Classic - www.planetidentity.org/ A newer one under development - http://seriouslyidentity.com/

CONTEXT For Shared Vision s Wiki forums were critical for sharing ideas and common language like the Lexicon

CONTEXT For Shared Vision Real Time Web Tools SEARCH These are newer mediums for collaboration and information sharing using #hashtags etc. to connect work.

Shared Language

SHARED LANGUAGE developed in Shared Context Identity Gang LEXICON (driven by Paul Trevithick) in August 2005 1.Agent 6. Entity 2.Claim 7. Identity Attribute 3.Claimant 8. Identity Context 4.Digital Identity 9. Party 5.Digital Identity Provider 10. Persona 6.Digital Subject 11. Relying Party http://wiki.idcommons.net/Lexicon

SHARED LANGUAGE developed in Shared Context Scott David’s chair of the ID-Legal group at Identity Commons and council to several of the organizations in this space is working with the American Bar Association to develop a meta lexicon across 35+ lexicons in related fields. “We have included 37 glossaries of terms and have over 1700 different definitions! Most of the definitions are more security related than identity related, but they may prove useful to have them all together.”

Shared Understanding

SHARED UNDERSTANDING using shared language Laws of Identity Kim Cameron in May 2005 http://www.identityblog.com/stories/2004/12/09/thelaws.html

SHARED UNDERSTANDING using shared language Laws of Identity Kim Cameron in May 2005 1. User Control and Consent 2. Minimal Disclosure for a Constrained Use 3. Justifiable Parties 4. Directed Identity 5. Pluralism of Operators and Technologies 6. Human Integration 7. Consistent Experience Across Contexts

SHARED UNDERSTANDING using shared language A Bill of Rights for Users of the Social Web September 4, 2007 Authored by Joseph Smarr, Marc Canter, Robert Scoble, and Michael Arrington Preamble: There are already many who support the ideas laid out in this Bill of Rights, but we are actively seeking to grow the roster of those publicly backing the principles and approaches it outlines. That said, this Bill of Rights is not a document “carved in stone” (or written on paper). It is a blog post, and it is intended to spur conversation and debate, which will naturally lead to tweaks of the language. So, let’s get the dialogue going and get as many of the major stakeholders on board as we can! A Bill of Rights for Users of the Social Web We publicly assert that all users of the social web are entitled to certain fundamental rights, specifically: • Ownership of their own personal information, including: ◦ their own profile data ◦ the list of people they are connected to ◦ the activity stream of content they create; • Control of whether and how such personal information is shared with others; and • Freedom to grant persistent access to their personal information to trusted external sites. Sites supporting these rights shall: • Allow their users to syndicate their own profile data, their friends list, and the data that’s shared with them via the service, using a persistent URL or API token and open data formats; • Allow their users to syndicate their own stream of activity outside the site; • Allow their users to link from their profile pages to external identifiers in a public way; and • Allow their users to discover who else they know is also on their site, using the same external identifiers made available for lookup within the service.

SHARED UNDERSTANDING using shared language OECD Paper Properties of Identity At a Crossroads: "Personhood" and the Digital Identity in the Information Society http://bit.ly/OECDdigitalpersonnood

SHARED UNDERSTANDING using shared language Properties of Identity 1.Identity is social. 6.Identity is consequential. 2.Identity is subjective. 7.Identity is dynamic. 3.Identity is valuable. 8.Identity is contextual. 4.Identity is referential. 9.Identity is equivocal. 5.Identity is composite. OECD Paper At a Crossroads: "Personhood" and the Digital Identity in the Information Society The Properties of Identity were articulated by Bob Blakley, Jeff Broberg, Anthony Nadalin, Dale Olds, Mary Ruddy, Mary Rundle, and Paul Trevithick.

Shared Technology Development

SHARED UNDERSTANDING Identifiers Claims Single String Pairs A claim is by one party about Identifiers link things together another or itself. and enable correlation. It does not have to be linked to They can be endpoints on the an identifier. internet. Proving you are over 18 for example and not giving your real name.

the Evolution of the VENN

Eve’s diagram 1.0 and 2.0

Evolution of OpenID } OpenID v1 + Lightweight Identity LID + XRI / i-names + sxip v2

Evolution of SAML This diagram is from a presentation by Eve Maler given at IIW

Information Cards

SHARED INDUSTRY LANDSCAP

the Evolution of Discovery

Evolution of Discovery XRDS --> XRD-Simple --> XRD (within XRI spec)

Hammer Stack Today

Protocol Family Tree XNS XNS.org Current Organizations Organizations (no longer) XDI XRI XDI.ORG Event XRDS Internet Identity Independent Open Protocol Workshop Independent Open Protocol XRD #1 Oct 2005 i-names (no longer) Simple XRI Protocol standardized at OASIS YADIS OpenID Protocol standardized at OASIS earlier version (no longer) XRD v1 OpenID LID v2 sxip OpenID Web Foundation OpenID Finger v Next

Collaboration

OSIS Interop

3rd Interop RSA Conference Spring 2007 European Identity Conference

Emerging Ideas

User Data Banks & Exchanges $ APPLICATIONS EXCHANGE REFINEMENT STORAGE ID + ENCRYPTION DATA + META DATA SOURCES Stack for User Data Banks - Marc Davis

Personal Data Store Ecology Open Standards based Personal Data Stores with people groups and businesses as ﬁrst class objects on network. Will include full portability and a range of services.

Project VRM - 4th Parties http://bit.ly/VRM4thParty

Challenges and Opportunities

How do all these technical protocols solve real problems?

How do we apply these technologies in different realms? Government Social Sites Ultimately it must work for “regular” people Businesses Organizations

Usability? Different Contexts

What are the emerging legal frameworks to protect & empower end-users?

How does identity work between them? TECHNOLOGY SOCIAL ? BUSINESS LEGAL

Where are we going? Open Identity for Open Government covered in the next presentation by Mary Ruddy

IIW-East INTERNET IDENTITY WORKSHOP A WORKING GROUP OF IDENTITY COMMONS Open Identity for Open Government www.internetidentityworkshop.com www.idcommons.net Kaliya Young Hamlin @identitywoman kaliya@mac.com www.identitywoman.net

http://www.identitywoman.net	1548
http://www.internetidentityworkshop.com	826
http://identitywoman.kaliyasblogs.net	22
http://webcache.googleusercontent.com	2
http://localhost	2
https://webcache.googleusercontent.com	1
http://dustpan.intranet	1
http://translate.googleusercontent.com	1
https://x.disconnect.me	1

IIW-East Introduction to Identity Community

by Kaliya Hamlin on Sep 09, 2010

Accessibility

Tags

Upload Details

Usage Rights

9 Embeds 2,404

Statistics

IIW-East Introduction to Identity Community — Presentation Transcript