Higgins is an open source identity framework that provides a consistent user experience for managing identity data across multiple sources through the use of "information cards". It allows users to control their personal information distributed across different systems from a single point. The framework includes plug-ins to integrate various identity sources and provides APIs for applications to access identity attributes. Future versions aim to support additional card types, social relationships and improve access control and interoperability with other standards.

1. Higgins 1: A species of Tasmanian long-tailed mouse 2: An open source identity framework being developed at the Eclipse Foundation

3. Section One: Higgins 1.0 Released February 2008 Commercial products based on Higgins 1.0 have been announced by Novell, Serena, Computer Associates and IBM Copyright © 2008 Parity. Made available under EPL 1.0

4. Higgins is an Identity Framework Enables users and applications to integrate identity, profile, and social relationship information across multiple data sources and protocols. Copyright © 2008 Parity. Made available under EPL 1.0

5. End-users experience Higgins through the UI metaphor of Information Cards using an app called an Identity Selector Information Cards and selectors are just tip of the iceberg of what can be done with Higgins, but it’s a place to start… Copyright © 2008 Parity. Made available under EPL 1.0

6. Today you go from site to site filling in forms and passwords Copyright © 2008 Parity. Made available under EPL 1.0 Type, type, type. Click, click. Here a password, there a password. Everywhere a password. Here a form, there a form, ... Websites…

7. Information Cards Put You in Control Copyright © 2008 Parity. Made available under EPL 1.0 Each card is a slice of the digital you (or a friend of yours) held in some data silo. Any kind of information: your preferences, favorite songs, employee id numbers, drivers licenses, affiliations, your health plan id, ...you get the idea, can be accessed using a card. This wallet-like thing is an app called an Identity Selector

8. Higgins Identity Selectors Copyright © 2008 Parity. Made available under EPL 1.0 Identity Selectors Identity Attribute Service Identity Providers Relying Parties Client Apps, Web Services, Web apps Identity Services Identity Providers Identity Selectors Identity Selectors

10. Identity Selector “Wallet” Click on a card to send it to a site Click Copyright © 2008 Parity. Made available under EPL 1.0 Higgins is interoperable with Microsoft CardSpace™ shown here

12. Identity Selector Supported Card Types Copyright © 2008 Parity. Made available under EPL 1.0 Managed What some other entity says about you Personal What you say about you

14. Identity Selectors Cards and Tokens Flow Identity Selector Browser Extension & Client App Identity Provider Relying Party Website or App Cards are generated and downloaded from here. A local Token Service issues tokens as requested by Selector. Cards are stored and selected here Tokens containing claim data is requested and received here

15. Identity Selectors Cards and Tokens Flow Identity Selector Browser Extension & Client App Identity Provider Relying Party Some Higgins Identity Selectors rely on a hosted I-Card Service component

16. Identity Selector Component View Identity Provider Relying Website Token Service Browser Browser Extension Identity Selector Internet Key: Generic Technology Higgins Components RP Libraries Selector Selector Higgins Identity Selectors. Client apps for Windows, OSX and Linux I-Card Web Service User

17. Identity Selector Selector Selector – Component View Identity Provider Relying Website Token Service Browser Browser Extension Identity Selector Internet Key: Generic Technology Higgins Components RP Libraries Selector Selector Higgins includes a Higgins Selector Selector component (Windows-only) Provides an abstraction layer that decouples browser extensions from selectors. I-Card Web Service User

18. Architecture Identity Providers Copyright © 2008 Parity. Made available under EPL 1.0 Identity Selectors Identity Providers Relying Parties Client Apps, Web Services, Web apps Identity Providers Identity Selectors Identity Selectors Identity Attribute Service Identity Services

19. Identity Providers Component View Identity Provider Relying Website Token Service Browser Browser Extension Identity Selector Internet Key: Generic Technology Higgins Components RP Libraries Selector Selector Higgins Token/IdP Service is used by the Identity Provider website User

21. Architecture Relying Party Website Copyright © 2008 Parity. Made available under EPL 1.0 Identity Selectors Identity Providers Relying Parties Client Apps, Web Services, Web apps Identity Providers Identity Selectors Identity Selectors Identity Attribute Service Identity Services

22. Relying Party Website Component View Identity Provider Relying Website Token Service Browser Browser Extension Identity Selector Internet RP Libraries Selector Selector Higgins RP Website provides code to validate tokens from Identity Selectors Key: Generic Technology Higgins Components User

24. Architecture Identity Services Copyright © 2008 Parity. Made available under EPL 1.0 Identity Selectors Identity Attribute Service Identity Providers Relying Parties Client Apps, Web Services, Web apps Identity Services Identity Providers Identity Selectors Identity Selectors

25. Architecture Extensible Identity Services Copyright © 2008 Parity. Made available under EPL 1.0 CardSpace Protocol Provider-Plugins Implement RP protocols OpenID Managed I-Card Provider-Plugins Implement card types Personal SAML X509 Relationship Kerberos Token Provider-Plugins Implement security tokens UN/PW Idemix Plug-ins Identity Services Login (un/pw) Key: Beyond Higgins 1.0 Higgins 1.0

26. Architecture Identity Attribute Service Copyright © 2008 Parity. Made available under EPL 1.0 Identity Selectors Identity Attribute Service Identity Providers Relying Parties Client Apps, Web Services, Web apps Identity Services Identity Providers Identity Selectors Identity Selectors

27. Architecture Extensible Identity Attribute Service Copyright © 2008 Parity. Made available under EPL 1.0 Identity Attribute Service (IdAS) LDAP XML File IdAS Context Providers-Plugins Connect to existing data sources RDF Google Contacts Others… Plug-ins Key: Beyond Higgins 1.0 Higgins 1.0

31. Architecture Interoperability Points Copyright © 2008 Parity. Made available under EPL 1.0 Identity Selectors Identity Attribute Service Identity Providers Relying Parties Client Apps, Web Services, Web apps Identity Services Identity Providers Identity Selectors Identity Selectors

32. Interoperability Event Participants RSA 2008 Copyright © 2008 Parity. Made available under EPL 1.0

33. Interoperability Event Participants RSA 2008 Copyright © 2008 Parity. Made available under EPL 1.0

34. Section Two: Higgins 1.1 June 2009 Copyright © 2008 Parity. Made available under EPL 1.0

39. Relationship Cards Relationship Card What you and Best Buy say about you Copyright © 2008 Parity. Made available under EPL 1.0

44. Selector as an OpenID Service OpenID Provider Identity Provider Relying Website I-Card Web Service Token Service Browser Browser Extension Identity Selector Internet Key: Generic Technology Higgins Components RP Libraries Selector Selector OpenID 2.0 OP with associated Higgins Selector Service User

46. IdAS Client Component (maybe) Higgins Identity Selector Local App Higgins I-Card Service Banking Site eCommerce or Community Site SAML Enterprise Directory Social Network Site Social Networks RDF Semantic Web Repository Social Network Site STS IdP RP STS IdP RP SAML2 IdP I dAS Client LDAP Server Linked Data Server OpenSocial OpenID Provider I dAS Client IdAS Client Other Local Apps & Bots IdAS Client Internet Extension Browser Key: K ey: O ther… R DF O pen Social L DAP Enterprise Directories Enterprise Directories Enterprise Directories Social Networks Linked Data Linked Data Linked Data Higgins 1.0 H iggins X.X 3 rd Party I dAS RDF Data Source LDAP Directory Browser Computer or mobile device LDAP Identity Providers Web apps CP XDI Service XDI4J Selector Selector RDF CP Personal Data Services Web 2.0 and Enterprise Apps Higgins Extension Data Contexts Identity Attribute Service

47. Section Three: Beyond Higgins 1.1 Mobile Higgins Higgins project is seeking project funding and/or contributions to develop a Higgins selector for mobile platforms Copyright © 2008 Parity. Made available under EPL 1.0

49. Project Co-leads http://higgins-project.org Paul Trevithick Mary Ruddy [email_address] [email_address] +1.617.513.7924 +1.617.290.8591 Copyright © 2008 Parity. Made available under EPL 1.0

50. Appendix Original Project Goals Copyright © 2008 Parity. Made available under EPL 1.0