Claims based Identities

I’ve been too buried in my other work lately to come up for air. 
However, we are now getting close to a product release, and I am
anxious to begin to experiment with the new Microsoft SDK and Kim’s
work.

I really like this terminology about “claims based identity” since that
is all identity is, IMHO!  This fits completely with the Axioms
that I have (slowly) been working on, and it supports that – “Identity
only exists in language.”  (On a side note, it hit me this weekend
that all words represent an “occurring” … not a “thing”.  It is
how something occurs to me that I name … although we often do not
think of it this way.)

Anyhow … I like the “claims based identity” since this is a nice
“two-way” model … I can make claims about my identity, and others can
make claims about my identity.  In both cases, it is up to the
recipient of the claim to do what ever verification that they feel is
appropriate.

Another important apsect of this is that a “claim” is in no way “true”
… it is merely a claim.  This relates to the topics of
reputation, etc. which are not something that a “person has”, but
instead are something that a “person is given”.  I am given a
reputation by others … they are the ones that say that I am a
particular way.  My actions merely occur in a particular way to
others …

Anyhow … I’m following things on a background thread and am about to
reprioritize.  I want to get the new identity code working within
our GoBinder product.  Our new version – GoBinder 2006 – is
going to hit the market this fall.

Kim … thanks for the great work!  I’m looking forward to leveraging your work!

Location as an identity claim.

Once you get your head around expressing identities as
sets of claims, you can easily imagine expressing a user’s location as
one of those claims. In the identity metasystem, the relying party
could indicate in its policy that it requires several sets of identity claims
one indicating who the user is, and another indicating where the user
is. The claims might come from different authorities (e.g. an
enterprise and a trusted location provider). These would be implemented
as two Security Token Services (claims transformers). Both sets of
claims, taken together, would identify the user from the point of view
of the relying party.

[Kim Cameron’s Identity Weblog]

Entering a dark age of innovation?

My friend Dave Cline sent me this link to a New Scientist article titled Entering a dark age of innovation.
As I have been following this space of accelerating change for some
time now, I have to say that I am not in agreement with much of the
analysis presented by Jonathan Huebner. The best comment that I
saw was by Ray Kurzweil who stated:

But artificial intelligence expert Ray Kurzweil – who formulated the
aforementioned law – thinks Huebner has got it all wrong. “He uses an arbitrary
list of about 7000 events that have no basis as a measure of innovation. If one
uses arbitrary measures, the results will not be meaningful.”

I believe that it goes even beyond this … his measurements using
population make a gross assumption about segmentations in
population. He seems to feel that raw numbers on global
population growth should somehow be mirrored by innovation. This,
IMHO, confuses the genetic basis of equality in human design, with the
environment and community within which to create what would be
recognized as “modern innovation”. With so much third world
population growth, I do not believe that you can expect to see a
proportional amount of “modern” innovation.

I am constantly reminded by this when I watch Link TV and see programs like this one about Peanuts … and the fact that in this country a simple peanut sheller can make a huge difference in their life. Likewise in this program, River of Sand,
I was amazing to be reminded of the daily life of these people … and
is Huebner trying to say that they are expected to create their
proportional amount of measureable innovation??

I believe that what we are seeing is more of what is called the “great
divide” … the “haves and have nots” … the continuing division of
those who are leveraging the tools of the modern world, and those who
have little immediate requirement or ability to access them.

As I was reminded this last weekend, all people are “created equal,
that they are endowed by their Creator with certain unalienable Rights,
that among these are Life, Liberty and the Pursuit of Happiness.” For a
huge portion of the worlds population this has nothing to do with
modern innovation.

What? I own my identity? You’re kidding …

I’m way behind on reading and posting, and now I’m playing
catch-up. I have been so busy with my new “full time” job, along
with working on three different start-ups. Oh yeah … and with a
family. 🙂

So this post caught my eye, just because Jim Kobielus would say
something so outrageous in my opinion. Anyone who has readm my
First Axiom or Second Axiom will immediately know that there is no
way that I could ever agree with this kind of statement:

Each person is the only legitimate owner of their
identity, all manifestations of that identity, and all associated
identity attributes.

What? Are you kidding? What a self-centered perspective of the world! Your identity is completely given
to you. It was created and attributed to you by someone else, or
some other organization. There is always someone else who knows
this information about you, since they are the one(s) who gave it to
you! Our identity is an aggregation of perspectives of us, given
to us by the communities that we belong to. We can een have
different and conflicting identity attributes at the same time …
because we can be members of different communities simultaneously and
each of them can offer differing perspectives.

I believe that one of the biggest hurdles that is impacting the
successful creation and deployment of Identity Management Solutions is
this complete misunderstanding of the origins of our identity. I
can understand the “feel good” nature of a comment like this, but as I
disassemble the statement it all collapses around one core point …
that a “person is the only legitimate owner of their identity.”
If my identity is given to me by some community, how I can I be the
owner of it? I am the recipient of it … I have a community
pointing their finger at me saying that it is true and accurate … I
even have to refer anyone asking for verification back to that
community to have it proven.

It might be true that I would like
to have as much control as possible, but there are other people who
already know this information. In fact, there is a whole load of
identity information that I give away simply by being available for
public observation. Any of the other attributes are all ones that
I get from elsewhere … I am told what my identity is by someone else
… and that person or community is the owner of that observation.

I’ll even go further … since I’ve been wanting to write about this:
No person has a reputation as
an absolute. All reputation is generated as an observation by
another. All reputation is relative to some other person or
community. A reputation is something that is said about you …
you don’t have it.

Anyhow … Jim … we disagree on this note. I get that you might
like this, or want it, as you feel that this would give you some level
of security … but you don’t own any of your identity.

Who owns the attributes?. Jim Kobielus has jumped fearlessly into the fray of trying to define the normative principles of identity,
by synthesizing the proposals of some others in this space. It’s a well
thought out piece, with some excellent ideas and only one major flaw.
Unfortunately, that flaw comes at the very top of the stack when Jim
states:

Each person is the only legitimate owner of their
identity, all manifestations of that identity, and all associated
identity attributes.

But read the rest of Kobielus’ note for some interesting ideas. [The Virtual Quill]

i-Top and the Future of the Common Toy

Today
I bought an i-Top at Toys ‘R Us for $4.98 plus tax. Several of
the engineers that I work with had shown them to me. When I first
saw them, I was immediately
impressed … using a moving surface of a top, along with a strip of
light emitting diodes (LEDs) to turn the top into a digital
scoreboard. This week I was at the O’Reilly Emerging Technology
Conference in San Diego, and I saw a similar concept … on a cell
phone and on a pager. That’s what had me buy the i-Top. All
of these products are doing similar things … using some sort of
accelerometer to detect motion and then pulse the LEDs on and off at
the correct rate to make LED numbers, words, and images that seem to
float in the air. Or on the surface of a top.

There
are three really cool aspects of these toys … first, it is a
demonstration of the rapidly declining size and costs of the next
generation of sensors. Second, it is the presence of computing
power in the smallest of objects. Third … it is cheap.
The chips in this little top, for example, are able to detect both
time, and rotation … tracking each rotation of the top to know
exactly where and when to blink a particular LED to represent a
particular pixel in a letter or number. At the O’Reilly
conference it hit me that there are numerous places that these displays
will probably show up before long. I’m thinking about how to
capitalize on this stuff.


First, I started to think about how to create a version of this for
bicycle wheels. Imagine if your bicycle had patterns and messages
being displayed to others while you pedal down the street. Of
course for this to work, you would also have to have a way to track
“up” or “down” so that the messages were always readable and not upside
down. The next idea that hit me while writing this post is to put
these on car hubcaps. We already see the “spinners” that people
are putting on their cars, and the neon tubes underneath the car
body. It is only a matter of time before we’ll start to see these
new forms of art … these new expressions of emotion or message … on
a wide range of the surfaces around us.

In all, I am left impressed. At the innovation that can turn the
simplest of toys … a top … into so much more. In to a new
generation of toys that demonstrate just how inexpensive and powerful
our capabilities are growing. Go buy am i-Top … they are a fun
toy … and can make you think.

[P.S. You can right-click the images and select View Image to see a
bigger version of each image.  Maybe next time I’ll make them
links …]

The real game of bin Laden

There are few people that can really understand the breadth of the
campaign that al Qaeda and Osama bin Laden are waging against the
United States of America.  This CNN article, about bin Laden’s newest message,
is a good indicator of what we are up against.  We are living in a
day and age where he is using extremely powerful patterns of attack …
not against us as individuals or our armies … but against our economy
and overall will as a nation.

Every time that I hear people minimize the value of being in Iraq, or
even our efforts in Afghanistan, I can’t believe that they realize who
we are up against.  We are living in an age where a group of
people felt that it was “appropriate” to issue “a warning” to our
country by flying jetliners filled with human beings, into skyscrapers
filles with human beings … killing thousands of them.  I have no
idea what people are thinking … a warning??  This was flat out
murder.  It was a blatant attack, and one that occurred on our
lands.

The amazing thing to me is that few of the American people seem to see
the long-term economic impact that the attacks on the World Trade
Center has caused.  There are the occasional news blurbs on the
victims being paid for their losses.  There are also the issues
that we see from time to time about the American airlines and their
negotiations with government and unions.  But few people are
really aware that the attacks of 9/11 caused differences in our
country, our freedoms, and our economy that will never be
corrected.  My children will never experience the world that I
grew up with … not that I expected that the world would not be
different … however I have to admit that I did not think they would
grow up in a world where the attacks of 9/11 would be diminished so
quickly in the press and the minds of the average American.  We
are now living in a new age where there are going to be more of these
acts of brutality … unless someone takes aggressive moves toput a stop to it.

Our way of life is under attack … I am not a person who feels that
falling back into a defensive position is how to deal with these
attacks.  We are going to see more of them … until we choose to
destroy the source of them.  If we don’t destroy it … it will
destroy us.  For those of us who believe that “destroy” is too
harsh a word … then consider the possibility that the consequences
for behavior that generates attacks like 9/11 have to become too severe
for the behavior to continue.

What the BLEEP do we know!?

On Friday night, my wife and I went to see a movie that was recommended by a friend. What the BLEEP do we know!?
is an amazing film that is like no other. Do not expect passive
entertainment, or the typical story lines. This is a film that
explores the reaches of science into quantum mechanics, and it’s
effects on our perception of reality. It begins to explore our
ability to “cause” in the universe, and how we shape our own reality by
our own behaviors.

The movie is receiving mixed reviews … and that is a good indicator
of controversy! Anyhow … I would recommend this movie to anyone
… and be prepared to think … not just watch!

Long Now, and some good points to ponder …

I really like some of the posts on kuro5hin … and this is a good
one.  I have been following the work of Long Now for a while now,
and believe that they are pursuing some very interesting goals. 
I’d love to assist in the work they are doing to create the clock …

Although the name of “The Church of the Long Now” might sound strange,
this post really touches on some very good thoughts.  Seldom in
our daily lives do we stop to think about the universe, and who we are
within it …

The Church of the Long Now.
July 02004 I believe that the folks over at the Long Now project are
onto something, although they don’t seem to quite realize it. They
point out that civilization has a “pathologically short attention span”
and are addressing this problem by building a 10,000 year clock that
“ticks once a year, bongs once a century, and the cuckoo comes out
every millennium”. They have a charming way of prepending a zero onto
the date (so that 2004, for example, becomes 02004) to emphasize this
point of view. Their goal is an admirable one – to focus humanity’s
attention on timescales that extend beyond a single life, but they
don’t seem to have thought very deeply about the underlying philosophy.
I propose that the Long Now has profound implications for our species –
implications that range from the mundane to the practical to the
spiritual. What better way to organize and direct such implications
than to form a new religion? All rational thinkers, hear me: Welcome to
the Church of the Long Now. [kuro5hin.org]

When cameras are everywhere …
This is an amazing article, with a link to a web site that shows just how advanced criminals are becoming … and how they are leveraging technology.

The concept is simple as described below … what is wild is that they are using some fairly simple technologies to accomplish this. Just the other night I saw an episode of Law & Order where a high school student took pictures of other students in the gym locker room … with her cell phone … and then sent them to other people. I hadn’t even thought about the portability of these “wireless cameras”. This all makes me think about where we are heading when miniature cameras can be carried and left just about anywhere. And people are thinking that we can protect privacy?

ATM Skimmers with Wireless Cameras, Pickups. Automated Teller Machine customers now robbed wirelessly without knowledge: The University of Texas at Austin police have a compelling page that shows how a skimmer (which scans ATM cards before they’re inserted into the ATM) and a wireless camera in an innocuous position nearby can steal a card and the PIN. The skimmer reads the magnetic stripe; the camera can see the PIN being entered. The thieves park nearby and retrieve the information wirelessly. This is reminiscent of last month’s story of a wireless Israeli post office money heist. It may be just me, but after years of being warned about shoulder surfers in the 1980s and 1990s, I often cover my hand when entering a PIN on a phone or ATM. I guess my paranoia pays off. Also, I only go to one bank’s ATM machines, which are uniform. I think I’d notice a weird add-on…. [Wi-Fi Networking News]

Freenet still alive and kicking …
When I first read Ian’s papers about Freenet (quite a long time back) a group of us immediately set up nodes for testing and experimentation. It was very crude back then, and several months ago I even stumbled on one of my old NetWare servers that still had the directory structure and files. It was good to see this update and to see that Freenet is still making great progress. I just downloaded it to see about getting it up and going again. It appears to have come a log ways …

Freenet Project More Stable, In Need [Slashdot]

There is one standard … until there is the next one!
I enjoy talking with Phil … he gets it. All of the people who argue about “which standard” to adopt, completely miss the point that they are only going to evolve and move forward. Pick something and go with it … and be prepared to embrace change … prepare to adopt the next standard when it arrives. I didn’t see them mention Atom!

Enjoy the Politics of Difference. John Gotze talked to Mr. Safe recently. The conversation is about whether to use RSS 2.0 or RSS 1.0 since they’re both part of the Danish Government’s Reference Profile (which I had a hand in creating). John’s advice to Mr. Safe was to publish both formats. Here’s the most important part of the conversation: [Windley’s Enterprise Computing Weblog]