The document discusses user-centric identity and managing identity online. It talks about concepts like Identity 2.0, where users have more control over their identity and claims about themselves. The document raises questions about when institutions should host resources for users, manage user identities, verify identities for service providers, and broker access to resources. It discusses the role of OpenID in providing infrastructure to allow moving towards more user-managed digital identities and single identities across different services. The document also outlines some identity-related projects and studies being undertaken by JISC.

1. OpenID and User-Centric Identity: It’s All About Me Nicole Harris, JISC Executive

2. An Apology Today, I will be saying very little about OpenID

3. What are we talking about? Identity 2.0??

4. “ in Identity 2.0, usage of identity more closely resembles today's offline identity systems, but with the advantages of a digital medium. As with a driver's license, the issuer provides the user with a certified document containing claims. The user can then choose to show this information when the situation requires.” Burton Group

5. What are we talking about? The multiple identity problem?

6. Multiple Identities

11. Approaches to managing multiple affiliations and lots more……

12. Identity 2.0 Is Too Ill-Defined for Imminent Deployment Gartner, 9 th August 2006

13. We are talking about… What services are users accessing? Who is responsible?

14. Access and Identity Within the UK Service Provider Credentials Single Central Identity Provider Devolved Authentication User Centric Identity??

15. Managing Identity or..

16. Managing Resource Access

17. What’s the difference?

18. It’s All About Me

19. What is my Identity? Personal Information 27 th April 1977 [email_address] Victoria 07734 058308

20. What is my Identity? Stuff I like

21. What is my Identity? Stuff I am Allowed to do

22. Disconnecting Identity from Resources

23. Can I manage my own identity?

24. Can I manage my own identity?

25. Can I manage my own identity?

26. Redefining the institutional role as identity provider and service provider for students

27. The role of the broker

28. Direct Relationship between User-Institution-Resource

29. No Direct Relationship Between User-Institution-Resource

30. Questions When is it better for the institution to physically host the resource for an end-user? Institution provided blogs, wikis, google video etc.? When is it better for the institution to manage an identity for the end-user? (registration / revocation). When is it better for the institution to verify identity for service providers? (authentication) When is it better for the institution to broker access to resources for the end-user (authorisation process)? Can this be disaggregated from all service providers? Do we have the infrastructure to allow institutions to broker access against a user-managed identity? Where will this be important? Who benefits, and where?

31. So, OpenID? Important role to play in providing the infrastructure to allow us to move forward. Better than e-mail verification. Role for institutions as an OpenID provider? Links to ‘policy-lite’ approaches. Single digital identity very important. Great for people without an identity provider.

32. What is JISC Doing? Full review of access and identity management against the Information Environment. Identity Project: reporting soon. Focus on current landscape within institutions. OpenID / external identity provision study to be commissioned. Identity Metasystems study to be commissioned. Personalisation study. E-Portfolio work: ULN?? Importance of links to repositories work. Users and Innovation Programme.

33. Contacts [email_address] [email_address] www.jisc.ac.uk