workshop personalization

Is that a UPN or an email address?->

Workshop AAP, 31 maart 2009Leon P. Kuunders @minbzk.nl

q.o.t.d.

"Besides the noble art of gettingthings done, there is the nobleart of leaving things undone.The wisdom of life consists in

the elimination of non essentials."- Lin Yutang

workshop topic

AuthNAuthZ

Personalization

1) religion is not a subject2) “celebrate the differences”

3) fail and learn

Personalization with the exchange of the least possible

identity related information.

(is this user-centric identity management?)

definitions

Authentication: “The act of proving who you are, and ”

Authorization: “the act of getting what you need, ”

Personalization: “the way you want it.”

Persona: mask

Identity: formed by context

Attributive use of descriptions: context information

Referential use of descriptions: definiteness on the persona. 1) 2)

things done

Een SAML front-end voor DigID test tussen Buza en rijksoverheid.nl

things done

Een OpenID + Ax test tussen BZK en FaSam.

show hands

OpenID/OauthSAMLv2

Infocards/CardspaceXACML/PIP, PEP, PAP, PDP

Attribute/Claims Based Access Control

Identity Stores (You)Network (Maurice)Wisdom (everyone)

semantics anyone?

EpistemologyOntology

backup

everything is a file

user centric

• Van den Hoven first suggested that Keith Donellan (1966) distinguished between referential use of descriptions and attributive use of descriptions.

• Huits-Manders suggests that better privacy protection can be achieved by using this difference. Both types represent identity-relevant information.

(Searl: 'de re'/'de dicto' and 'rev'/'att' have primary v. secondary aspects as real distinctions)

From 1) + 2) the question follows: how does this difference influence Identity & Access Management?

Derived principle (1): an authoritative IdP does not send referential descriptions.

Derived principle (2): an authoritative IdP can relay questions on referential descriptions.

Authentication (AuthN)

user-id/ww

token voor de gebruiker/ token van de gebruiker

(“They can read minds nowadays, you know that? Only numbers so far, because that's all they could test on mice.”)

token voor de gebruiker/ token van de gebruiker

(the mind-read mice!, cloning!)

Consume

Provide

Authorization (AuthZ)

getting what you need versus offering what you have?

Line of thought: in a network everything of value is a controlled endpoint.

Access is granted based upon proof

Proof can be anything that is agreed upon.

Trust is irrelevant. Resistance is not.

Personalisation

Is this 'Context Delivery Architecure'?

Attributes? Who you are, what you

do, with whom, where and when, and with what... anything else?

TweakUI? What You Need Is

What You get. (WYNIWYG 2.0)

This is not a webpage.

Diagram (via Jeroen, Anoigo)

but first

success

workshop personalization

referential descriptions

derived principle

pastoken voor

authoritative idp

possible identity related

identityrelevant information

things doneeen saml

context delivery architecure

Technology

siebel personalization administration guidesiebel...

interface personalization

the new customer intimacy: personalization dominates as...

personalization imperative

a framework for personalization: susan dumais microsoft...

information search, integration and personalization:...

image personalization

personalization

oa personalization

personalization specht

personalization cheat sheet -...

marketing personalization

1st international workshop on adaptation, personalization...

#7 - personalization

modelling personalization

ch7 personalization

1st international workshop on adaptation, personalization...

orchestrate, organize, and operationalize - accenture ·...

personalization catalog

fit strategic planning trends workshop recap › myfit ›...