Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
My Digital Identity
Heidegger - Questioning <ul><li>Track one - these slides </li></ul><ul><li>Track two - notes on identity </li></ul><ul><li...
Four slides on Technology
Swirling <ul><li>Gary Brown - “50 percent of the college population is &quot;swirling&quot; now; students are taking cours...
The Web 2.0 e-Portfolio <ul><li>Gary Brown: “we should start thinking not so much in terms of an ePortfolio but, instead, ...
Personal Learning Environments <ul><li>Web 2.0 (AJAX, REST) based </li></ul><ul><li>Distributed Content </li></ul><ul><li>...
Personal Learning Environment
Identity <ul><li>http://www.downes.ca/post/12 </li></ul>
Establishing Identity… <ul><li>Formerly - an ontological problem - produce the body and you have the identity </li></ul><u...
The Nature of the Question: <ul><li>No longer ‘who am I?’ </li></ul><ul><li>But rather: ‘who goes there?’ </li></ul><ul><l...
Definitions <ul><li>Identification  - the  assertion  that I am a certain person </li></ul><ul><li>Authentication  - the  ...
Identification <ul><li>Requires a system of self-verification - memory </li></ul><ul><li>My identification therefore inclu...
Naming <ul><li>A name is seldom sufficient to establish identity </li></ul><ul><li>Presumption of  uniqueness </li></ul><u...
Tokens <ul><li>Physical entities carrying a record of my name (so I can remember it) </li></ul><ul><li>Typically a combina...
Authentication <ul><li>Is impossible without identification </li></ul><ul><li>There must be ananswer to the question ‘who ...
Identity Claims <ul><li>‘I am P’ when I am P </li></ul><ul><li>‘I am P’ when I am not P </li></ul>
Presentation of Tokens <ul><li>Are typically the same tokens we use to self-identfy </li></ul><ul><li>Nothing  inherently ...
Claiming <ul><li>when you present your driver's license to the police officer, that's an identity claim. When the police o...
Authentication, Again <ul><li>No system of authentication succeeds </li></ul><ul><li>by 'succeeds' we mean here 'proving b...
Testimony <ul><li>Authentication is usually the testimony of a third party </li></ul><ul><li>Eg., a government, a bank, an...
The Token <ul><li>The problem of authentication thus resolves to this: the presentation of an artifact that is in some way...
Proxies <ul><li>ID-based authentication </li></ul><ul><li>Device-based authentication - processor based, trusted computing...
Motivation <ul><li>Once upon a time, “a man’s word is his bond” - no more - there is no ‘word’ </li></ul><ul><li>The cost ...
The True Nature of Trust <ul><li>self-identification can be trusted if it is in the interest of the self to self-identify ...
Privacy and Control <ul><li>The advantage of self-identification is that the control of my identity is in my won hands </l...
Stealing data <ul><li>Governments and companies share data </li></ul><ul><li>People also steal data </li></ul><ul><li>This...
Ownership <ul><li>When the right to assert who you are is controlled by someone else, your identity is owned by someone el...
Identity, in the end… <ul><li>Needs to be understood from the perspective of  objectives </li></ul><ul><li>Not  how do you...
Self-identification Using OpenID <ul><li>Your identity is a web address </li></ul><ul><li>You prove your identity by provi...
Profiles <ul><li>http://www.downes.ca/post/41750 </li></ul>
Resources <ul><li>What are resources? - the RDF answer </li></ul><ul><li>Data and Metadata </li></ul>
Describing Resources <ul><li>Is essentially the ascription of having or not having a property </li></ul><ul><li>This requi...
Being ‘Right’ <ul><li>The expectation  is that the description will be ‘right’  </li></ul><ul><li>Can mean ‘true’, ‘accura...
Multiple (Conflicting) Descriptions <ul><li>Goodman: “Metatags, as many in the industry are aware, were an early victim, s...
Fundamental Concepts <ul><li>Vocabularies - for different resource types </li></ul><ul><li>Authorship - attribution, multi...
Identifiers <ul><li>The premise of the Handle system </li></ul><ul><li>Why the system fails </li></ul>
Models <ul><li>Uninstantiated descriptions of resources </li></ul><ul><li>(aka ‘roles’ in another world) </li></ul><ul><li...
Types of Metadata <ul><li>Bibliographical </li></ul><ul><li>Technical </li></ul><ul><li>Classification </li></ul><ul><li>E...
Three Types of Metadata <ul><li>First party - creator  (I) </li></ul><ul><li>Second Party - user (You) </li></ul><ul><li>T...
The Lifecycle of a Resource <ul><li>Is like the lifecycle of a human </li></ul>
Generating Resource Profiles <ul><li>The metadata distribution network - Aggregators and harvesting </li></ul><ul><li>Part...
Harvesting vs Federation <ul><li>Federation based on trust and authentication </li></ul><ul><li>Tightly integrated applica...
Interoperability <ul><li>interoperability is not - and cannot be - a property of the resource.  </li></ul><ul><li>With res...
Conclusion? <ul><li>Profiles - like identity - belong to the user </li></ul><ul><li>There is not and cannot be a single ‘v...
Upcoming SlideShare
Loading in …5
×

My Digital Identity

4,797 views

Published on

Published in: Technology, Education

My Digital Identity

  1. 1. My Digital Identity
  2. 2. Heidegger - Questioning <ul><li>Track one - these slides </li></ul><ul><li>Track two - notes on identity </li></ul><ul><li>Track Three - Montreal </li></ul>
  3. 3. Four slides on Technology
  4. 4. Swirling <ul><li>Gary Brown - “50 percent of the college population is &quot;swirling&quot; now; students are taking courses from multiple colleges and universities…” </li></ul><ul><li>http://www.campustechnology.com/articles/58872_1/ </li></ul>
  5. 5. The Web 2.0 e-Portfolio <ul><li>Gary Brown: “we should start thinking not so much in terms of an ePortfolio but, instead, in terms of a personal learning environment (PLE).” </li></ul><ul><li>http://www.campustechnology.com/articles/58872_2/ </li></ul>
  6. 6. Personal Learning Environments <ul><li>Web 2.0 (AJAX, REST) based </li></ul><ul><li>Distributed Content </li></ul><ul><li>Interactive / Collaborative </li></ul><ul><ul><li>the nature of an enquiry </li></ul></ul>
  7. 7. Personal Learning Environment
  8. 8. Identity <ul><li>http://www.downes.ca/post/12 </li></ul>
  9. 9. Establishing Identity… <ul><li>Formerly - an ontological problem - produce the body and you have the identity </li></ul><ul><li>Today - an epistemological problem - the internet has abstracted the body </li></ul>
  10. 10. The Nature of the Question: <ul><li>No longer ‘who am I?’ </li></ul><ul><li>But rather: ‘who goes there?’ </li></ul><ul><li>It has become the requirement to prove who you are </li></ul><ul><li>There is no way to ‘step forward and be recognized’ </li></ul>
  11. 11. Definitions <ul><li>Identification - the assertion that I am a certain person </li></ul><ul><li>Authentication - the verification that I am who I say I am </li></ul>
  12. 12. Identification <ul><li>Requires a system of self-verification - memory </li></ul><ul><li>My identification therefore includes the history of who I am </li></ul><ul><li>Memory of self is central to identity - amnesiacs ask first “who am I?” and not “what is the capital of France?” </li></ul>
  13. 13. Naming <ul><li>A name is seldom sufficient to establish identity </li></ul><ul><li>Presumption of uniqueness </li></ul><ul><li>Need eg. Social Insurance Number </li></ul><ul><li>Other ID, transient and permanent - school number, phone number, PIN </li></ul>
  14. 14. Tokens <ul><li>Physical entities carrying a record of my name (so I can remember it) </li></ul><ul><li>Typically a combination - eg. Name, Credit Card Number, Expiry Date, Security Code </li></ul><ul><li>Encodings in language, photo, magnetic stripe </li></ul>
  15. 15. Authentication <ul><li>Is impossible without identification </li></ul><ul><li>There must be ananswer to the question ‘who am I?” before we can answer ‘Who are you?’ </li></ul>
  16. 16. Identity Claims <ul><li>‘I am P’ when I am P </li></ul><ul><li>‘I am P’ when I am not P </li></ul>
  17. 17. Presentation of Tokens <ul><li>Are typically the same tokens we use to self-identfy </li></ul><ul><li>Nothing inherently in the token presents false claims </li></ul><ul><li>Eg. - false ID, borrowed PIN number, etc. </li></ul>
  18. 18. Claiming <ul><li>when you present your driver's license to the police officer, that's an identity claim. When the police officer compares the photo on the license with your face, that's authentication. </li></ul><ul><li>Nothing in the claim prevents it from being a false claim </li></ul>
  19. 19. Authentication, Again <ul><li>No system of authentication succeeds </li></ul><ul><li>by 'succeeds' we mean here 'proving beyond reasonable doubt that &quot;I am P&quot; is true.’ </li></ul><ul><li>‘ Succeeds’ vary - standard depends on the consequences </li></ul>
  20. 20. Testimony <ul><li>Authentication is usually the testimony of a third party </li></ul><ul><li>Eg., a government, a bank, an employer, who attests that you say who you say you are </li></ul><ul><li>Typically enforced through some tamper-proof token </li></ul><ul><li>But this simply creates two problems - because, how does the authority know who you are? </li></ul>
  21. 21. The Token <ul><li>The problem of authentication thus resolves to this: the presentation of an artifact that is in some way knowably unique to the person and which also attests to the truth of the statement that &quot;I am P.&quot; </li></ul><ul><li>But there is no such token (other than the body) </li></ul>
  22. 22. Proxies <ul><li>ID-based authentication </li></ul><ul><li>Device-based authentication - processor based, trusted computing </li></ul><ul><li>Epistemological identification (answer questions) </li></ul><ul><li>But: proxies work only if the owner does not want to give up the proxy (the credit card, the computer, etc) </li></ul>
  23. 23. Motivation <ul><li>Once upon a time, “a man’s word is his bond” - no more - there is no ‘word’ </li></ul><ul><li>The cost was diminished standing in the community </li></ul><ul><li>Today the cost is… what, access to a bank account? </li></ul><ul><li>Even biometrics relies on there being a cost </li></ul>
  24. 24. The True Nature of Trust <ul><li>self-identification can be trusted if it is in the interest of the self to self-identify accurately. </li></ul><ul><li>When sufficiently motivated, I can prove my own identity to my own satisfaction. </li></ul><ul><li>Logically, no authentication system is more secure than self-identification. </li></ul>
  25. 25. Privacy and Control <ul><li>The advantage of self-identification is that the control of my identity is in my won hands </li></ul><ul><li>The question of privacy is a question of trust: can the user trust the service provider to respect the user's rights with respect to personal data? </li></ul><ul><li>So: in fact the question of trust is the opposite to what we assume it is </li></ul>
  26. 26. Stealing data <ul><li>Governments and companies share data </li></ul><ul><li>People also steal data </li></ul><ul><li>This will happen so long as it is in their interest to do so </li></ul>
  27. 27. Ownership <ul><li>When the right to assert who you are is controlled by someone else, your identity is owned by someone else, and a person whose identity is owned does not own any of the attributes commonly associated with identity: attribution of authorship, ownership of houses, permission to drive, residency, citizenship, the right to vote, and more. </li></ul>
  28. 28. Identity, in the end… <ul><li>Needs to be understood from the perspective of objectives </li></ul><ul><li>Not how do you prove who you are, but rather </li></ul><ul><li>How do I maintain control over my own identity </li></ul><ul><li>As Terry Anderson might say - how do I manage my own presence? </li></ul><ul><ul><li>The ontology of being = presence in space and time </li></ul></ul>
  29. 29. Self-identification Using OpenID <ul><li>Your identity is a web address </li></ul><ul><li>You prove your identity by proving you can modify the address </li></ul><ul><li>You choose your provider, your level of security </li></ul><ul><li>It remains in your interest to secure your site </li></ul>
  30. 30. Profiles <ul><li>http://www.downes.ca/post/41750 </li></ul>
  31. 31. Resources <ul><li>What are resources? - the RDF answer </li></ul><ul><li>Data and Metadata </li></ul>
  32. 32. Describing Resources <ul><li>Is essentially the ascription of having or not having a property </li></ul><ul><li>This requires a vocabulay of possible properties </li></ul><ul><li>The use of this vocabulary in turn presupposes not only a set of logical relations ('is a type of', 'contains') but also a specific vocabulary generally agreed upon by a linguistic community. </li></ul>
  33. 33. Being ‘Right’ <ul><li>The expectation is that the description will be ‘right’ </li></ul><ul><li>Can mean ‘true’, ‘accurate’ or even ‘useful’ </li></ul>
  34. 34. Multiple (Conflicting) Descriptions <ul><li>Goodman: “Metatags, as many in the industry are aware, were an early victim, succumbing to the opportunism of web site owners.” </li></ul><ul><li>There is no guarantee inherent in the RSS format - or any XML format - that the information placed into the file will be accurate. </li></ul><ul><li>Categorizations will be needlessly broad. 'Interactivity' will always be 'high', even if the resource is a static web page. </li></ul>
  35. 35. Fundamental Concepts <ul><li>Vocabularies - for different resource types </li></ul><ul><li>Authorship - attribution, multiple authors </li></ul><ul><li>Distribution - multiple sites </li></ul>
  36. 36. Identifiers <ul><li>The premise of the Handle system </li></ul><ul><li>Why the system fails </li></ul>
  37. 37. Models <ul><li>Uninstantiated descriptions of resources </li></ul><ul><li>(aka ‘roles’ in another world) </li></ul><ul><li>And inheritance… (a theory of types in metadata) </li></ul>
  38. 38. Types of Metadata <ul><li>Bibliographical </li></ul><ul><li>Technical </li></ul><ul><li>Classification </li></ul><ul><li>Evaluative </li></ul><ul><li>Educational </li></ul><ul><li>Sequencing & Relational </li></ul><ul><li>Interaction (Trackback, eg) </li></ul><ul><li>Rights </li></ul>
  39. 39. Three Types of Metadata <ul><li>First party - creator (I) </li></ul><ul><li>Second Party - user (You) </li></ul><ul><li>Third party - Other (It) </li></ul>
  40. 40. The Lifecycle of a Resource <ul><li>Is like the lifecycle of a human </li></ul>
  41. 41. Generating Resource Profiles <ul><li>The metadata distribution network - Aggregators and harvesting </li></ul><ul><li>Partial ‘views’ of Networks </li></ul><ul><li>Layers of filtering </li></ul><ul><li>(Projected Metadata) </li></ul>
  42. 42. Harvesting vs Federation <ul><li>Federation based on trust and authentication </li></ul><ul><li>Tightly integrated applications, not loose </li></ul><ul><li>Problems: </li></ul><ul><ul><li>Vulnerable to malfunction or attack </li></ul></ul><ul><ul><li>Interoperability difficult, ‘Plugfests’ needed </li></ul></ul><ul><ul><li>Limited range of data </li></ul></ul><ul><ul><li>Single point of view </li></ul></ul>
  43. 43. Interoperability <ul><li>interoperability is not - and cannot be - a property of the resource. </li></ul><ul><li>With respect to the meanings of words, interoperability is a property of the reader </li></ul><ul><li>(after all, a word such as 'cat' does not inherently contain its own denotation; it must be interpreted, and against a conceptual background, a denotation derived). </li></ul>
  44. 44. Conclusion? <ul><li>Profiles - like identity - belong to the user </li></ul><ul><li>There is not and cannot be a single ‘view’ </li></ul>

×