Opening Up User-Centric Identity Nate Klingenstein [email_address] Internet2 Shibboleth Project Royal College of Physicians Eduserv Symposium 2009 21 st May, 2009: London

Nate Klingenstein

[email_address]

Internet2

Shibboleth Project

Identity is Totally Forked Federated identity has diverged Enterprise-centric User-centric Nothing matters but users and applications Is divergence desirable, feasible, neither? “When you come to a fork in the road, take it” – Yogi Berra

Federated identity has diverged

Enterprise-centric

User-centric

Nothing matters but users and applications

Is divergence desirable, feasible, neither?

“When you come to a fork in the road, take it” – Yogi Berra

Enterprise-Centric Federated Identity Enterprise asserts identity data on behalf of an individual for which it is authoritative Attributes Identity Trust relationships and integrated applications defined by the enterprise Federations SAML is the primary protocol

Enterprise asserts identity data on behalf of an individual for which it is authoritative

Attributes

Identity

Trust relationships and integrated applications defined by the enterprise

Federations

SAML is the primary protocol

User-Centric Federated Identity Self-asserted or unverified User-mediated trust establishment Opens up worlds of apps OpenID Yahoo ID, MyspaceID, Google Friend Connect Twitter?, and maybe your provider here Facebook Connect Federated identity’s largest success by far

Self-asserted or unverified

User-mediated trust establishment

Opens up worlds of apps

OpenID

Yahoo ID, MyspaceID, Google Friend Connect Twitter?, and maybe your provider here

Facebook Connect

Federated identity’s largest success by far

Universities and Identity Both services and identities The natural “home” for some user data Courses, majors, titles, affiliations, grades, HR Identity-proofing? Also a home to applications Many outside applications federated today Some are low-risk, consumer-oriented

Both services and identities

The natural “home” for some user data

Courses, majors, titles, affiliations, grades, HR

Identity-proofing?

Also a home to applications

Many outside applications federated today

Some are low-risk, consumer-oriented

Students, Identity, and School Services how many email accounts do they have that parents don't know about- do they use same password 4 all #socialmedia ? #teens “ They don't use email so it's more a matter of which ones they forgot about. They often forget their passwords so I would guess that they don't use the same password consistently. Of course, they also share certain passwords with their closest "trusted" friends so that gets messy really fast. And they change it when there's a breakup.” Do they really care about/use school library websites? “ Nope, they don't. All but Twitter [which they don’t use] are categorized as school tools and are only used when absolutely necessary and Google won't suffice.” http://www.zephoria.org/thoughts/archives/2009/05/16/answers_to_ques.html

how many email accounts do they have that parents don't know about- do they use same password 4 all #socialmedia ? #teens

“ They don't use email so it's more a matter of which ones they forgot about. They often forget their passwords so I would guess that they don't use the same password consistently. Of course, they also share certain passwords with their closest "trusted" friends so that gets messy really fast. And they change it when there's a breakup.”

Do they really care about/use school library websites?

“ Nope, they don't. All but Twitter [which they don’t use] are categorized as school tools and are only used when absolutely necessary and Google won't suffice.”

http://www.zephoria.org/thoughts/archives/2009/05/16/answers_to_ques.html

Natural Pressures Economy Discovery Trust and Ease of Use Users, developers, administrators We’re lazy

Economy

Discovery

Trust and Ease of Use

Users, developers, administrators

We’re lazy

Economic Pressures User data is extremely valuable To both IdP/OP and SP/RP User data is extremely expensive Password resets, vetting, aging, etc. Network externalities Security externalities Save now, maybe pay later: easy choice?

User data is extremely valuable

To both IdP/OP and SP/RP

User data is extremely expensive

Password resets, vetting, aging, etc.

Network externalities

Security externalities

Save now, maybe pay later: easy choice?

Discovery Pressures Users are Lazy Interface Work is Hard Pull-downs? Text boxes? Buttons? Client code? Buttons are winning http://google-code-updates.blogspot.com/2009/05/google-openid-api-taking-next-steps.html Social bookmarking syndrome Browsers ready to enter the fray? Whither Cardspace?

Users are Lazy

Interface Work is Hard

Pull-downs? Text boxes? Buttons? Client code?

Buttons are winning

http://google-code-updates.blogspot.com/2009/05/google-openid-api-taking-next-steps.html

Social bookmarking syndrome

Browsers ready to enter the fray? Whither Cardspace?

Trust Pressures Administrator-mediated trust mediation is slow and arduous Federations help; could help more in a different world Consent-based trust is faster, gives users control Will they use it responsibly? Do they care? Do we care? Does it depend?

Administrator-mediated trust mediation is slow and arduous

Federations help; could help more in a different world

Consent-based trust is faster, gives users control

Will they use it responsibly? Do they care? Do we care? Does it depend?

What to do? Reunification of federated identity? Protocols Discovery Trust Attributes Ne’er the two shall meet?

Reunification of federated identity?

Protocols

Discovery

Trust

Attributes

Ne’er the two shall meet?

Protocols World’s most ridiculous fight But there’s bad blood and high stakes Most protocols can solve most problems Hacks, revisions, kludges Identity sources should support many protocols and apps should be agnostic Deployed base is large

World’s most ridiculous fight

But there’s bad blood and high stakes

Most protocols can solve most problems

Hacks, revisions, kludges

Identity sources should support many protocols and apps should be agnostic

Deployed base is large

Discovery If we don’t come up with something good, buttons win E-mail? Auto-complete with institutional name? Client software? Cardspace, Mozilla? Remember the economic pressures A few providers would also win

If we don’t come up with something good, buttons win

E-mail?

Auto-complete with institutional name?

Client software? Cardspace, Mozilla?

Remember the economic pressures

A few providers would also win

Trust One size will never fit all Many different user preferences Many different application needs Many different legal requirements The answer must be flexible enough Federations, consent, reputation systems, roots, authorities…

One size will never fit all

Many different user preferences

Many different application needs

Many different legal requirements

The answer must be flexible enough

Federations, consent, reputation systems, roots, authorities…

Attributes Attributes cannot be divorced from the asserting/attesting entity Natural sources of authority exist Legal name, course enrollment, music preferences Aggregation happens out-of-band today Must be automated for tomorrow Levels of Assurance

Attributes cannot be divorced from the asserting/attesting entity

Natural sources of authority exist

Legal name, course enrollment, music preferences

Aggregation happens out-of-band today

Must be automated for tomorrow

Levels of Assurance

Would a Lack of Unification be Bad? User confusion, particularly with discovery or client software Data duplication, distribution Additional deployment and software complexity -- maybe Nothing new here…

User confusion, particularly with discovery or client software

Data duplication, distribution

Additional deployment and software complexity -- maybe

Nothing new here…

Will Unification Happen? Dunno Probably some, particularly aggregation Probably not all We should endeavor to ensure that the outcome is deliberate and sufficient Cooperation Economic pressures

Dunno

Probably some, particularly aggregation

Probably not all

We should endeavor to ensure that the outcome is deliberate and sufficient

Cooperation

Economic pressures