This document summarizes a talk on user-centric identity and the evolving social web. The talk outlines the speaker's organizations working in this space, discusses early successes with tools like OAuth and OpenID, and looks ahead to emerging issues around personal data management, trust frameworks, and national digital identity strategies. The overall vision is of empowering users with control, choice and portability of their online identities and data across different applications and services.
My keynote at the Velocity Conference 2010. Why web operations and web performance optimization matter, and will matter more as technology evolves. Video of this talk is available at http://bit.ly/93J7d1
Open Source and Open Data in the Age of the CloudTim O'Reilly
Another of my "State of the Internet Operating System" talks, this one given at the MySQL User Conference on April 14, 2010. A bit more of a focus on open data.
Martin Pot: "Wat betekent het IoT voor de architectuur, voor ons bouwen en wonen? Hoe verhouden wij ons tot deze technologie; wat is onze rol en invloed als bewoner?"
Internet Intermediaries - Does one definition fit all ?Cedric Manara
The expression 'internet intermediary' is broadly used to describe operators offering various services on the Internet. However, these services can differ considerably and depending on the specific service offered, the operator may be more or less actively involved in treating data. During this WIPO conference, I was invited to describe some of the existing forms of internet intermediaries, to what extent they actively or passively handle data and how this potentially impacts on trademark rights.
This talk was presented at the 2016 Cloud Identity Summit. It was in the Rise of the Identity-enabled Personal Information Economy Track. It puts forward 6 Diagrams to make Sense of the overall Personal Data Ecosystem including What is Personal Data? What Happens to Personal Data? What are Market Models and how is it regulated?
My keynote at the Velocity Conference 2010. Why web operations and web performance optimization matter, and will matter more as technology evolves. Video of this talk is available at http://bit.ly/93J7d1
Open Source and Open Data in the Age of the CloudTim O'Reilly
Another of my "State of the Internet Operating System" talks, this one given at the MySQL User Conference on April 14, 2010. A bit more of a focus on open data.
Martin Pot: "Wat betekent het IoT voor de architectuur, voor ons bouwen en wonen? Hoe verhouden wij ons tot deze technologie; wat is onze rol en invloed als bewoner?"
Internet Intermediaries - Does one definition fit all ?Cedric Manara
The expression 'internet intermediary' is broadly used to describe operators offering various services on the Internet. However, these services can differ considerably and depending on the specific service offered, the operator may be more or less actively involved in treating data. During this WIPO conference, I was invited to describe some of the existing forms of internet intermediaries, to what extent they actively or passively handle data and how this potentially impacts on trademark rights.
This talk was presented at the 2016 Cloud Identity Summit. It was in the Rise of the Identity-enabled Personal Information Economy Track. It puts forward 6 Diagrams to make Sense of the overall Personal Data Ecosystem including What is Personal Data? What Happens to Personal Data? What are Market Models and how is it regulated?
It's 2010. is your business social. milena regosMilena Regos
It's not a question of whether you do social media but how well you do it. This presentation covers social media stats, listening, engagement and measurements. Presented by Milena Regos, Out&About Marketing Oct 7, 2010.
The Social Web for Skeptics (or, Using the Social Web for Social Change)Lauren Bacon
Hype, hype, and more hype: To many, the whole Web 2.0 revolution feels like one big bandwagon with little relationship to real-world concerns. And let’s face it: A Twitter account and a Facebook page will not change the world all by themselves. But let’s talk about what’s at the heart of the social web, and where its potential for real change lies. Web 2.0 has been around for a while now, and we’ve learned some important lessons about what works. In this presentation, I share five effective strategies for facilitating social change movements online, and encourage you to identify your own top priorities for using the social web to further your organizational mission.
This is the final presentation I did in Madrid in April 2010. It's about doing.
Basically it contains an argument against distilling rich conversations down into simple, light messages; that you can bring people into the richer story simply by getting them to do one, simple thing.
This is a presentation from the MyData Online 2020 Conference that covers the history and evolution of digital identity from the first computers in World War 2 to Enterprise Identity and Access Management and emerging new Self-Sovereign Identity Technology.
More Related Content
Similar to Us our Organizations and the Evolving Web v2
It's 2010. is your business social. milena regosMilena Regos
It's not a question of whether you do social media but how well you do it. This presentation covers social media stats, listening, engagement and measurements. Presented by Milena Regos, Out&About Marketing Oct 7, 2010.
The Social Web for Skeptics (or, Using the Social Web for Social Change)Lauren Bacon
Hype, hype, and more hype: To many, the whole Web 2.0 revolution feels like one big bandwagon with little relationship to real-world concerns. And let’s face it: A Twitter account and a Facebook page will not change the world all by themselves. But let’s talk about what’s at the heart of the social web, and where its potential for real change lies. Web 2.0 has been around for a while now, and we’ve learned some important lessons about what works. In this presentation, I share five effective strategies for facilitating social change movements online, and encourage you to identify your own top priorities for using the social web to further your organizational mission.
This is the final presentation I did in Madrid in April 2010. It's about doing.
Basically it contains an argument against distilling rich conversations down into simple, light messages; that you can bring people into the richer story simply by getting them to do one, simple thing.
Similar to Us our Organizations and the Evolving Web v2 (20)
This is a presentation from the MyData Online 2020 Conference that covers the history and evolution of digital identity from the first computers in World War 2 to Enterprise Identity and Access Management and emerging new Self-Sovereign Identity Technology.
Thinking ahead GDPR and CCPA are coming and people are freaking out about how their data is being used. What are the new tools for a Personal Data Ecosystem.
This is the keynote presentation that I gave at MyData 2018. It explains the connection between identity and personal data. Some of my story of how I began working on identity 15 years ago. The Domains of Identity, My master's report is explained and then core components of Self-Sovereign Identity is explained. I conclude sharing some thoughts on how we work together to build alignment.
The Domains of Identity presentation covers the 16 domains of Identity outlined in Kaliya's Masters Report written for the Master of Science in Identity Management and Security program. It is available https://www.identitywoman.net/domains-of-identity
This is a deck that highlights the origins of my Identity Ecosystem Mapping efforts. It shares snapshots of the prototype map in Kumu and outlines the functionality possible for Version 2.0 using the Knowledge Ecology Interface system developed by SOSACorp.
This is a deck that for describing Self-Sovereign Identity. It was presented at InDITA. It covers Distributed Ledgers (Blockchains), Verifiable Claims, Decentralized Identifiers.
This talk articulates 1) what is a blockchain 2) why it is interesting 3) talks through use-cases grounded in real world projects. 4) Highlights questions government leaders should ask before deciding to use a blockchain.
Self-Sovereign Identity technology has enormous potential to empower individuals and address privacy challenges globally. It uses shared ledgers (blockchain) to give individuals the power to create and manage their own identifiers, collect verified claims and interact with others on the network on their terms. This lighting talk by one of the pioneers working on this new emerging layer of the internet for 15 years will give a high level picture of how it works covering the core standards and technologies along with outlining some potential use-cases.
Identity can seem deceptively simple. We know who we are. Sometimes we have to convince others of that fact and confirm other characteristics: our age, our qualifications, or our right to access some services or tools. This happens every day over the Internet, but in ways that are disorganized, redundant, and risky. The lack of reliable, universal standards puts our private information at risk of public dissemination, fraud or worse.
The pioneers developing the internet didn’t define nuanced standards for identity -- most everything was just username and passwords. Over the past 20 years we have seen a range of standards that solve some identity challenges, including SAML, LDAP, OpenID Connect, OAuth, SCIM, Information Cards, and FIDO. None of them have comprehensively addressed the challenge of identity at internet scale.
A new set of standards is emerging that creates an infrastructure for self-sovereign identity that can scale. This talk looks forward to help you think ahead and prepare for this new infrastructure. We will walk through standards that together create a new identity infrastructure that leverages the blockchain. This isn’t about what you can implement tomorrow to solve your employee identity challenges or manage customer accounts. It will instead prepare you for the coming changes and help you play a role in shaping them.
This is a talk I was asked to give at the What is Universe? at the University of Oregon, (on their Portland Campus). I cover this history of the Internet Identity Workshop and talk about its core nature as a torus / bowl a feminine form and how this has resulted in the innovation of Self-Sovereign Identity
This presentation was presented as the pre-opening talk at Identity North 2016 in Toronto. It covers the big question - What is Identity? Key Concepts and Terms. Contextualizing Identity for Enterprise, Government and in the Commons.
This is the presentation I gave at the Grace Hopper Celebration for Women in Computing October 2015. It covers three main ethical market models that could support the emergence of a Personal Data Ecosystem centered on individuals and their personal clouds. The three models are Vendor Relationship Management, Infomediaries, and Data Aggregators. It highlights the need for Accountability Frameworks (also called Trust Frameworks) combinations of code and law/policy. This is contextualized in an overall Landscape picture where two other modes of governance also co-exist - Peer Governance and Identifier Governance.
Kaliya and Bob gave this talk as the closing keynote for the Cloud Identity Summit on July 19th, 2012 in Vail Colorado. It discusses a range of issues and options for identity in society. It postulates that social justice or fairness must be an underlying design feature of any system. It encourages people to get involved with the NSTIC process and the current steering committee being formed.
1. us, our organizations &
the evolving social web
NTEN, Webinar June 30, 2010
Kaliya Hamlin, Identity Woman
“saving the world with user-centric identity”
www.identitywoman.net
@identitywoman
Sunday, August 1, 2010
2. Outline for Talk
Context
* My Organizations - IIW, She’s Geeky, Planetwork, & tool use
* The ASN Vision - civil society & the distributed social web
* The User-Centric Identity Vision
The User-Centric Identity Results
* OpenID
* Information Cards
* OAuth
* Discovery
* Connect
Looking Ahead
* Trust Frameworks
* Vendor (Organization) Relationship Management
* Personal Data Banks
* National Strategy for Trusted Identities in Cyberspace
Sunday, August 1, 2010
3. Confession Time
I struggle with constituent identity management.
IIWX INTERNE T IDENTIT Y
WORKSHOP May 17-19 2010
Sunday, August 1, 2010
4. Successes on Social Web
Twitter Lists for events Eventbrite lists of attendees
Sunday, August 1, 2010
5. The Trouble with Facebook
• rooted in networked individualism not built for groups and
communities
• it is like being in a room with everyone you ever met all the
time
• the company has violated the social contract with users &
communities several times
• Making the pages people follow public without warning
• Making the “friends” people have public without warning
• It is pushing people to share more information then they
realize to monetize
• Against the Terms of Service to not use one’s real name and
have multiple personas
Sunday, August 1, 2010
6. One of the 10 most influential people in the industry told me last week, over email, that I had to get in
line. They demanded that I apologize to Zuck now that he held his “we can do better” press conference,
and that I had to turn my Facebook page back on.
Walking around the D conference I felt like Serpico. It feels like I crossed the Blue Line, where technology
There are a lot of folks
executives don’t get into big public fights that are bad for business.
who are getting rich selling Facebook shares on SecondMarket today,
and there are many more people–including friends of mine–who have a
large percentage of their net worth in Facebook shares.
The sad part about the situation is that the person who sent me the email demands has massive influence
over the industry, the people I work with. He could buy and sell me many times over. In short, this power
broker could make my life and career in technology miserable.
In fact, he could probably get me fired… and he let me know that in so many words.
He insisted that Facebook is the future of the internet, and remembering the
“Mark Cuban” rule I volleyed back that if Facebook’s closed ecosystem–that is pissing in the pool of
internet users–is the future I don’t want any part of it. He wouldn’t have to get me fired–I would retire
before seeing Facebook become the internet.
We built the internet on open standards and carring for users.
Zuckerberg and Facebook are trying to reverse open standards, is
stealing every startup idea to put into his closed ecosystem and
screwing our collective users. He’s screwing all businesses by screwing
over the entire userbase.
http://calacanis.com/2010/06/04/steve-jobs-mark-zuckerberg-and-serpico/
Sunday, August 1, 2010
7. I advocated for people to:
★ understand your community use-cases/narratives
★ focus on the usability of tools
★ consider using open source software
★ think about adopting user-centric identity tools
★ consider network formation across organizations
Sunday, August 1, 2010
8. Augmented Social Network:
Building Identity and Trust into the Next Generation Internet
Presented in June 2004 at the Planetwork conference
Published in August 2004 in First Monday asn.planetwork.net
Sunday, August 1, 2010
9. The ASN had three main objectives.
1. To create an Internet-wide system that enables
more efficient and effective knowledge sharing
between people across institutional, geographic,
and social boundaries.
2. To establish a form of persistent online identity
that supports the public commons and the values of
civil society.
3. To enhance the ability of citizens to form
relationships and self-organize around shared
interests in communities of practice in order to
better engage in the process of democratic
governance.
Sunday, August 1, 2010
10. The four main elements of the ASN are:
1.Enabling individuals online to maintain a
persistent identity as they move between different
Internet communities, and to have personal control
over that identity.
2.Interoperability Between Online Communities
3.Brokered Relationships.
4.Matching technologies need to be broad and
robust enough to include the full range of political
discussion about issues of public interest.
Sunday, August 1, 2010
18. There will be a
Big Bang
With all new technologies there is a point at which new things start
happening that the creators of the technology did not envision:
this is the Big Bang in identity.
Sunday, August 1, 2010
19. Big Co.
Web 1.0 Web 2.0
Sunday, August 1, 2010
22. The issue at hand is fundamentally about FREEDOM:
* the freedom to choose who hosts your identity online
(with the freedom to set up and host your own),
* the freedom to choose your persona – how you present
yourself, what your
* gender is,
* your age,
* your race,
* your sex,
* where you are in the world.
A prime example of WHY these freedoms are vital is the
story of James Chartrand – you can read for yourself her
story of being a “him” online as a single mother seeking
work as a copy editor. Having a male identity was the
way she succeeded.
Sunday, August 1, 2010
24. 1.User Control and Consent
2.Minimal Disclosure for a Constrained Use
3.Justifiable Parties
4.Directed Identity
5.Pluralism of Operators and Technologies
6.Human Integration
7.Consistent Experience Across Contexts
Sunday, August 1, 2010
25. Key Terms
Identifiers Claims
Single String Pairs
A claim is by one party about
Identifiers link things together another or itself.
and enable correlation.
It does not have to be linked to
They can be endpoints on the an identifier.
internet.
Proving you are over 18 for
example and not giving your
real name.
Sunday, August 1, 2010
31. OAuth
The user belongs to two different sites.
Sunday, August 1, 2010
32. How can the user move photos from photo site to the
social network site without giving away the password
for the photo site to the social network site?
Sunday, August 1, 2010
33. The user asked if they want to share - then
redirected to the site to give their permission
Sunday, August 1, 2010
34. The photo site gives the social network site a token
to the social network that gives it access to their account.
Sunday, August 1, 2010
35. A data tunnel is created between the user’s
accounts on both sites
Sunday, August 1, 2010
36. A user posts photos and they can flow from
one to the other - and they didn’t give away their password.
Sunday, August 1, 2010
41. OStatus isn't a new protocol; it
applies some great protocols in a natural
and reasonable way to make distributed
social networking possible.
• Activity Streams encode social events in
standard Atom or RSS feeds.
• PubSubHubbub pushes those feeds in
realtime to subscribers across the Web.
• Salmon notifies people of responses to
their status updates.
• Webfinger makes it easy to find people
across social sites.
Sunday, August 1, 2010
43. Users take actions on your site
Users come to your site to
consume your unique content.
They take actions like
commenting, reviewing, making
purchases, rating, and more.
Users share with friends, who
discover your site
With Facebook Connect, users can
easily share your content and their
actions with their friends on
Facebook. As these friends
discover your content, they click
back to your site, engaging with
your content and completing the
viral loop.
Social features increase
engagement
Creating deeper, more social
integrations keeps users engaged
with your site longer, and more
likely to take actions they share
with their friends. (For example —
don't just show users what's most
popular on your site, but what's
most popular with their friends on
your site.)
Sunday, August 1, 2010
44. OpenID Connect
(under consideration)
The response is a JSON object which contains some (or all) of the
following reserved keys:
• user_id - e.g. "https://graph.facebook.com/24400320"
• asserted_user - true if the access token presented was issued by
this user, false if it is for a different user
• profile_urls - an array of URLs that belong to the user
• display_name - e.g. "David Recordon"
• given_name - e.g. "David"
• family_name - e.g. "Recordon"
• email - e.g. "recordond@gmail.com"
• picture - e.g. "http://graph.facebook.com/davidrecordon/picture"
The server is free to add additional data to this response (such as
Portable Contacts) so long as they do not change the reserved OpenID
Connect keys.
Sunday, August 1, 2010
45. Organizations Responsibility to their Constituents
• Help them understand how linkable their actions are
on the web
• using the same e-mail address in multiple contexts
means those context are linked
• sharing information on facebook means “all your
friends” can see it
• support people understanding how to create/manage
persona’s - like a twitter handle
• support trusted forums/spaces where you know the
people there belong
Sunday, August 1, 2010
48. Open Identity Exchange
Policy Repository Levels of
for Auditors Levels of Assurance Protection
Trust Frameworks Identity Providers Relying Parties
ICAM
John Google
Relying Party
Steensen
OCLC PayPal
Other
Relying Party
Auditor
PBS Kids Equifax
Other
Auditor Yahoo!
XAuth
Sunday, August 1, 2010
49. National Strategy for Trusted Identities in Cyberspace
Identity Ecology
Diverse providers of identities and attributes
Transactions online are more trustable
Government working with industry for open
standards
Sunday, August 1, 2010
51. EmanciPay is a relationship management and voluntary payment
framework in which buyers and sellers can present to each other
the requirements and options by which they are willing to engage,
or are already engaging. These include:
■ choices concerning payment (though not payment itself)
■ preferences
■ policies
EmanciPay makes use the r-button (two red "magnets") to signal
the presence of willingness-to-engage on either or both the buy
and sell sides
ListenLog, or Listen Log is a form of Media Logging. It is required
for EmanciPay to work. EmanciPay is a new business model for
otherwise free media goods -- one that sharply reduces the
frictions involved in paying for media. By increasing the number
of people who pay for free media, PayChoice also helps
stigmatize non-payment for those goods.
Sunday, August 1, 2010
52. What does
Organization
Relationship
Management
look like?
join in at projectvrm.org
Sunday, August 1, 2010
53. Coming soon!
Personal Data Banks
Sunday, August 1, 2010
56. Personal Data Stores
/ User Data Banks
$
APPLICATIONS
EXCHANGE
REFINEMENT
STORAGE
ID + ENCRYPTION
DATA + META DATA
SOURCES
Invention Arts Stack for User Data Banks
Sunday, August 1, 2010
57. Context Engines
for
Purpose Driven Apps
Kynetx.com
Sunday, August 1, 2010
59. We are still missing a
Vision for Communities and Groups across contexts
Sunday, August 1, 2010
60. There are still a lot of questions:
TECHNOLOGY
SOCIAL ? BUSINESS
LEGAL
Sunday, August 1, 2010
61. Internet Identity Workshops
East Coast #1 - September 9-10, Washington, DC
Europe #1 - October 10-11, London, UK
#11 - November 9-11, Mountain View, CA
www.internetidentityworkshop.com
Sunday, August 1, 2010