Introduction to theIdentity Community

by Kaliya Hamlin @identitywoman

O p e n I d e n t i t y f o r O p e n G o v e r n m e n tA WORKING GROUP OF IDENTITY COMMONS

IIW-East INTERNET IDENTITY WORKSHOP

September 9th, 2010

Who is IIW?

Heidi Nobantu SaulIIW-East Production

Co-Facilitation

Phil Windley

Kaliya Young Hamlin

Doc Searls

Co-FoundersCo-Producers

2003

2004

2006

IIW 1

IIW 2

IIW 3

2005IOS 1

IOS 2

2007

DIDW

DIDW

DIDW

DIDW

DIDW

IOS 3IIW 4

IIW5

IOS 4RSA

Burton Group

RSA Burton Group

Data Sharing Workshop

OSIS Interop 1

OSIS Interop 2

5 yrs of Face to Face Meetings

2009

2010

DIDW

DIDW

DIDW

RSABurton Group

RSA

Burton Group

RSABurton Group

IIW 6

IIW 7

IIW 8

IIW 9IIW 10

IIW 11

2008

Data Sharing Workshop

Data Sharing Summit

OSIS Interop 3

OSIS Interop 4

OSIS Interop5

IIW-EastIIW-Europe

5 yrs of Face to Face Meetings

Peers and Relationships

Unconference Format

Container to ConnectVarious Efforts

Hailstorm SAMLv1 & 2

BTOracleSUN

XRIXDI

Passport

Microsoft

FireFly

Liberty Alliance

Kantara Intiative

Planetwork Link Tank

Identity Commons (1)

Identity Gang

Identity Commons (2)

OpenIDv2

OpenID Foundation

Open Identity Exchange

Information Card

Foundation

IMIIdentity Metasystem

Interoperability

Information Card

Standard

VENN OF IDENTITY

HigginsProject

Lots of Companies

Project to be annouced at

IIW

IBM

Project to be annouced at

IIW

Pamela Project

TIM

EInternet Identity Workshop

Loose Affiliations of People

Current Organizations

Organizations (no longer)

Company

Proprietary Service (no longer)

Protocol standardized at OASIS

Protocol standardized at OASIS

earlier version (no longer)

Independent Open Protocol

Independent Open Protocol

(no longer)

Paper:Shared Understanding

Event

Project with Code

Evolution of Identity Community

Mission statements:• Identity Commons: Support, facilitate, and promote the creation of an open identity layer

for the Internet, one that maximizes control, convenience, and privacy for the individual while encouraging the development of healthy, interoperable communities.

• Information Card Foundation: Promote, protect, and enable the development of an open, trusted, interoperable, royalty-free identity layer for the Internet that maximizes control over personal information by individuals

• OpenID Foundation: To foster and promote the development of, public access to, and adoption of OpenID as a framework for user-centric identity on the Internet; and To acquire, create, hold, and manage intellectual property related to OpenID and provide equal access to such intellectual property to the OpenID community and public at no charge.

• Kantara Intiative: Foster identity community harmonization, interoperability, innovation, and broad adoption through the development of open identity specifications, operational frameworks, education programs, deployment and usage best practices for privacy-respecting, secure access to online services

• Open Identity Exchange: Collecting aggregating, and distributing information regarding the identity-related services industry to businesses and other stakeholders in that industry in order to improve conditions in that industry by fostering innovation, market transparency, and identity-related product and service interoperability; Providing a neutral, open market registration system for participants in the identity-related services industry;

• Data Portability Project: Data portability enables a borderless experience, where people can move easily between network services, reusing data they provide while controlling their privacy and respecting the privacy of others. Our Mission is to help people to use and protect the data they create on networked services, and to advocate for compliance with the values of DataPortability.

One of the main community organizations linking various

efforts is Identity Commons.

Identity Commons

Open ID

FoundationInformation

Card

Foundation

XDI.ORG

Data

Portability

Project

Internet Identity

Workshop

Project

VRM

Higgins

Project

Pamela

Project

OSIS

Open Source

Identity System

ID-Legal

Identity

Schemas Identity

Gang

Kids

Online

Photo

Group

IDMedia

Review

OIX

Nick's

Legacy

PDX

Group that who's home is at Identity

Commons

Independant

Nonprofit

Organization

Project at

another organization

EVENT

Key

Broad Base of Participation BIG COMPANY SPONSORSMSFTPingIDSUNFacebookGoogleYahooCiscoPlaxoCommerce NetAdobeBTNovellFacebookAOLPing IdentityPaypal / eBay

NONPROFIT SPONSORSISOCKantara/Liberty AllianceInfo Card FoundationOASIS IDTrustMozillaHiggins ProjectBandit ProjectPlanetworkInternet Society

CORPORATE PARTICIPANTSPaypal Booz Allen Hamilton AppleBurton GroupHewlett PackaredInternational Business MachinesIntuitLexisNexisNippon Telegraph and Telephone CorporationNokia Siemens NetworksNRIOracleOrangeRackspaceRadiant LogicSony EricssonThe MITRE CorporationTucows IncVeriSign, Inc.Vodafone Group R &DAlcatel-LucentAcxiom Identity SolutionsAcxiom ResearchEquifaxLinkedInAmazon

SMALL COMPANYSPONSORSFuGen SolutionsOUNORel-IDPokenVidoopChimpAuthentrusSxipClaimID

IETFW3COASIS

SMALL COMPANY PATICIPANTSÅngströDigg, Inc.PrivoExpensifyFamilySearch.orgFreshBooksGigyaGluuJanrainKynetxNetMesh Inc.ProtivitiSocialtextTriCipher, Inc.Trusted-IDWave SystemsSix Apart

NONPROFIT PARTICIPANTSCenter for Democracy and TechnologyDataPortability ProjectIdM Network NetherlandsOCLCOpen Forum FoundationWorld Economic Forum

UNIVERSITY PARTICIPANTSGoldsmiths, University of LondonNewcastle UniversityStanford University

GOVERNMENT PARTICIPANTSOffice of the Chief Informaiton Office, Province of British Columbia

and more...

Lots of Open Standards

XRI/XDI

SAML

InformationCards

What do we Share?

Shared History

Shared Vision

Shared Context

Shared Language

Shared Understanding

Shared Technology Development

Shared History

THE Directory Wars of the 90s

SHARED EXPERIENCE in past wars

SHARED EXPERIENCE in past wars

vs

Passport & Hailstorm

SHARED VISION for people’s identity on the scale of the web.

Freedom and

Autonomy for People

Open Standardsare Essential

No One Dominant Player

There will be a Big Bang

With all new technologies there is a point at which new things start happening that the creators of the technology did not envision this is a

big bang in identity.

Shared Context

IDENTITY GANG! formed in 2004

CONTEXT For Shared Vision

CONTEXT For Shared Vision

Early on the Identity Gang list was a critical forum for community collaboration it is still active here & many of the protocol efforts & foundations that have emerged have their own lists.

http://lists.idcommons.net/lists/info/community

CONTEXT For Shared Vision

The Identity Gang was probably one of the first technical communities to have a very active community blog life that complemented our mailing list conversations. Doc Searls played a critical role in getting almost all community members to blog in the early days of the community 2004-2005.

There are several aggregated blogs you can go to get a sense of activity in the community.The Classic - www.planetidentity.org/A newer one under development - http://seriouslyidentity.com/

s

CONTEXT For Shared Vision

Wiki forums were critical for sharing ideas and common language like the Lexicon

Real Time Web Tools

CONTEXT For Shared Vision

SEARCH

These are newer mediums for collaboration and information sharing using #hashtags etc. to connect work.

Shared Language

SHARED LANGUAGE developed in Shared Context

Identity Gang LEXICON (driven by Paul Trevithick)in August 2005

1.Agent2.Claim3.Claimant4.Digital Identity5.Digital Identity Provider 6.Digital Subject

6. Entity7. Identity Attribute8. Identity Context9. Party10. Persona11. Relying Party

http://wiki.idcommons.net/Lexicon

Scott David’s chair of the ID-Legal group at Identity Commons and council to several of the organizations in this space is working with the American Bar Association to develop a meta lexicon across 35+ lexicons in related fields.

“We have included 37 glossaries of terms and have over 1700 different definitions!  Most of the definitions are more security related than identity related, but they may prove useful to have them all together.”

SHARED LANGUAGE developed in Shared Context

Shared Understanding

SHARED UNDERSTANDINGusing shared language

Laws of Identity

Kim Cameron in May 2005

http://www.identityblog.com/stories/2004/12/09/thelaws.html

Laws of Identity

1.User Control and Consent

2.Minimal Disclosure for a Constrained Use

3.Justifiable Parties

4.Directed Identity

5.Pluralism of Operators and Technologies

6.Human Integration

7.Consistent Experience Across Contexts

Kim Cameron in May 2005

SHARED UNDERSTANDINGusing shared language

A Bill of Rights for Users of the Social Web September 4, 2007Authored by Joseph Smarr, Marc Canter, Robert Scoble, and Michael Arrington

Preamble:There are already many who support the ideas laid out in this Bill of Rights, but we are actively seeking to grow the roster of those publicly backing the principles and approaches it outlines. That said, this Bill of Rights is not a document “carved in stone” (or written on paper). It is a blog post, and it is intended to spur conversation and debate, which will naturally lead to tweaks of the language. So, let’s get the dialogue going and get as many of the major stakeholders on board as we can!

A Bill of Rights for Users of the Social WebWe publicly assert that all users of the social web are entitled to certain fundamental rights, specifically:

• Ownership of their own personal information, including:◦ their own profile data◦ the list of people they are connected to◦ the activity stream of content they create;

• Control of whether and how such personal information is shared with others; and• Freedom to grant persistent access to their personal information to trusted external sites.

Sites supporting these rights shall:• Allow their users to syndicate their own profile data, their friends list, and the data that’s shared

with them via the service, using a persistent URL or API token and open data formats;• Allow their users to syndicate their own stream of activity outside the site;• Allow their users to link from their profile pages to external identifiers in a public way; and• Allow their users to discover who else they know is also on their site, using the same external

identifiers made available for lookup within the service.

SHARED UNDERSTANDINGusing shared language

Properties of Identity OECD Paper At a Crossroads: "Personhood" and the Digital Identity in the Information Society

SHARED UNDERSTANDINGusing shared language

http://bit.ly/OECDdigitalpersonnood

Properties of Identity 1.Identity is social.2.Identity is subjective.3.Identity is valuable.4.Identity is referential. 5.Identity is composite.

6.Identity is consequential. 7.Identity is dynamic.8.Identity is contextual. 9.Identity is equivocal.

OECD Paper At a Crossroads: "Personhood" and the Digital Identity in the Information Society

The Properties of Identity were articulated by Bob Blakley, Jeff Broberg, Anthony Nadalin, Dale Olds, Mary Ruddy, Mary Rundle, and Paul Trevithick.

SHARED UNDERSTANDINGusing shared language

Shared TechnologyDevelopment

Identifiers ClaimsSingle String Pairs

SHARED UNDERSTANDING

Identifiers link things together and enable correlation.

They can be endpoints on the internet.

A claim is by one party about another or itself.

It does not have to be linked to an identifier.

Proving you are over 18 for example and not giving your real name.

the Evolution of the VENN

Eve’s diagram 1.0 and 2.0

OpenID v1+

Lightweight Identity LID+

XRI / i-names+

sxip

}v2

Evolution of OpenID

Evolution of SAML

This diagram is from a presentation by Eve Maler given at IIW

Information Cards

SHARED INDUSTRY LANDSCAPE

the Evolution of Discovery

XRDS --> XRD-Simple --> XRD (within XRI spec)

Evolution of Discovery

Hammer Stack Today

Protocol Family Tree

OpenID

Foundation

XNS

XDI XRI

XNS.org

XDI.ORG

OpenID

v1

LID

i-names

XRI

sxip

OpenIDv2

YADIS

XRD

XRD Simple

OpenID

v Next

Web Finger

XRDS

Current Organizations

Organizations (no longer)

Event

Independent Open Protocol

Independent Open Protocol

(no longer)

Protocol standardized at OASIS

Protocol standardized at OASIS

earlier version (no longer)

Internet

Identity

Workshop

#1 Oct 2005

Collaboration

OSIS Interop

3rd InteropSpring 2007

RSA Conference

European Identity Conference

Emerging Ideas

User Data Banks & Exchanges

APPLICATIONS

EXCHANGE

REFINEMENT

STORAGE

ID + ENCRYPTION

DATA + META DATA

SOURCES

$

Stack for User Data Banks - Marc Davis

Personal Data Store Ecology

Open Standards based Personal Data Stores with people groups and businesses as first class objects on network.

Will include full portability and a range of services.

Project VRM - 4th Parties

http://bit.ly/VRM4thParty

Challenges and Opportunities

How do all these technical protocols

solve real problems?

Organizations

How do we apply these technologies in different realms?

Government

Businesses

Social Sites

Ultimately it must work for “regular” people

Usability?Different Contexts

What are the emerging legal

frameworks to protect & empower end-users?

How does identity work between them?

TECHNOLOGY

LEGAL

SOCIAL BUSINESS?

Where are we going?

Open Identity for Open Government

covered in the next presentation by Mary Ruddy

www.internetidentityworkshop.com

www.idcommons.net

Kaliya Young Hamlin@identitywomankaliya@mac.com

www.identitywoman.net

O p e n I d e n t i t y f o r O p e n G o v e r n m e n tA WORKING GROUP OF IDENTITY COMMONS

IIW-East INTERNET IDENTITY WORKSHOP