Category Archives: Digital Identity Management

AC2005 … SAP Reception

Posted on by
Reply

Last night was the AC2005 Tech Night reception up at SAP Labs in Palo
Alto, CA.  It was a great gathering with an amazing set of
demonstrations.  A lot of fun.  Some of the things that I
really enjoyed were:

  • Digital Identity – I got to meet Kaliya Hamlin – Identity Woman – in person.  She was at an Identity Commons booth, and I also spent time talking with Ajay Madhok – founder and CEO of AmSoft Systems – and saw his demonstration of using iNames with cell phones … some cool stuff.
  • New Space Technologies – I met Michael Mealing of Masten Space Systems
    They are working on re-useable low-cost launch vehicles for taking
    smaller payloads (one cubic meter) into space.  They are looking
    to do a first launch in 2007 … so not too far away.  It was fun
    to see that this type of thinking – and work towards making it a
    reality! – is becoming so commonplace today.
  • OpenCroquet – there was a great demo of the OpenCroquet system … something that I am going to go and check out more.
  • IMSmarter – these guys have a very cool couple of products with their IMSmarter and pbwiki
    products … both are consumer extensions of existing technologies with
    cool spins.  The IMSmarter application is unique is that they are
    leveraging the power of Internet “proxies” to insert themselves in the
    stream of communications to add enhanced services.
  • TroyWorks – Troy Gardner was there showing off some of his TroyWorks
    visual interfaces that were very cool.  I have some ideas that I
    am discussing with him … I really like what he is doing.
  • Tactical Iraqi – this was an amazing example of how learning tools are evolving.  Tactical Iraqi is a combination of traditional learning and gaming to rapidly teach Arabic to people.

The conference is starting … I’m looking forward to being blown away …

Accelerating Change 2005

Posted on by
Reply

I’ll be going to my friends conference – Accelerating Change 2005
– again this year.  John Smart
has again put together a great
line-up of speakers and it looks like it’s going to be drinking from a
fire hose … I’ll be working to blog the event as best as
possible.  The Acceleration Studies Foundation
is John’s contribution to the world, and to
exploring the rapidly evolving world that we live in.

If you read through the Conference Schedule
you can get a good idea of the caliber of speakers.  If you want
to listen to last years conference for examples, go visit
ITConversations and browse through the Accelerating Change 2004 Archives.

I missed last years conference, and have to admit that some of these
ITConversations from last year just blow me away … I can’t wait for
next week.

Google Maps, cellular phones, and the adventure continues

Posted on by
Reply

After reading Nat Friedmans post below, I had to start experimenting
with Google Maps.  This is too fun.  I’ve had several calls
with friends now, when their were driving someplace.  I quickly
ask them where they are, and start to zoom on Google maps … tracking
their travels as they are driving.  Too much.

As Nat describes his conversation, I have now had numerous like
it.  I called my friend Joe while on his vacation driving up the
coast of Oregon.  Once he told me he was at a drive through coffee
shop in Florence, OR I narrowed him down to this area.  As they drove north they told me they were crossing 35th street right here!

I talked with him about the golf course coming up on the left … it
was funny to hear his comments about the scenery and the various
buildings etc. that I could ask him about.  Funny … I can almost
see this as the next step for Google.  I joked with Phil Windley
and our CTO Roundtable group last week … it’s almost like my friend
Joe was getting live access to personal Google Maps … and I was
getting a virtual tour at the same time.

I’m thinking about my first Google Maps hack … I’ve got some ideas and can’t wait to play with it.

Living in the future. #

….

Later in the drive, we called Joe on the speakerphone and he gave us an aerial tour of the region using Google’s satellite maps. It went like this:

Joe: There’s a golf course on your right.
Us: Cool.
Joe: Huh, what’s that strange building coming up on your left?
Us: It’s a Marriott.
Joe: Oh. Cool.

[nat friedman]

Claims based Identities

Posted on by
Reply

I’ve been too buried in my other work lately to come up for air. 
However, we are now getting close to a product release, and I am
anxious to begin to experiment with the new Microsoft SDK and Kim’s
work.

I really like this terminology about “claims based identity” since that
is all identity is, IMHO!  This fits completely with the Axioms
that I have (slowly) been working on, and it supports that – “Identity
only exists in language.”  (On a side note, it hit me this weekend
that all words represent an “occurring” … not a “thing”.  It is
how something occurs to me that I name … although we often do not
think of it this way.)

Anyhow … I like the “claims based identity” since this is a nice
“two-way” model … I can make claims about my identity, and others can
make claims about my identity.  In both cases, it is up to the
recipient of the claim to do what ever verification that they feel is
appropriate.

Another important apsect of this is that a “claim” is in no way “true”
… it is merely a claim.  This relates to the topics of
reputation, etc. which are not something that a “person has”, but
instead are something that a “person is given”.  I am given a
reputation by others … they are the ones that say that I am a
particular way.  My actions merely occur in a particular way to
others …

Anyhow … I’m following things on a background thread and am about to
reprioritize.  I want to get the new identity code working within
our GoBinder product.  Our new version – GoBinder 2006 – is
going to hit the market this fall.

Kim … thanks for the great work!  I’m looking forward to leveraging your work!

Location as an identity claim.

Once you get your head around expressing identities as
sets of claims, you can easily imagine expressing a user’s location as
one of those claims. In the identity metasystem, the relying party
could indicate in its policy that it requires several sets of identity claims
one indicating who the user is, and another indicating where the user
is. The claims might come from different authorities (e.g. an
enterprise and a trusted location provider). These would be implemented
as two Security Token Services (claims transformers). Both sets of
claims, taken together, would identify the user from the point of view
of the relying party.

[Kim Cameron’s Identity Weblog]

Entering a dark age of innovation?

Posted on by
Reply

My friend Dave Cline sent me this link to a New Scientist article titled Entering a dark age of innovation.
As I have been following this space of accelerating change for some
time now, I have to say that I am not in agreement with much of the
analysis presented by Jonathan Huebner. The best comment that I
saw was by Ray Kurzweil who stated:

But artificial intelligence expert Ray Kurzweil – who formulated the
aforementioned law – thinks Huebner has got it all wrong. “He uses an arbitrary
list of about 7000 events that have no basis as a measure of innovation. If one
uses arbitrary measures, the results will not be meaningful.”

I believe that it goes even beyond this … his measurements using
population make a gross assumption about segmentations in
population. He seems to feel that raw numbers on global
population growth should somehow be mirrored by innovation. This,
IMHO, confuses the genetic basis of equality in human design, with the
environment and community within which to create what would be
recognized as “modern innovation”. With so much third world
population growth, I do not believe that you can expect to see a
proportional amount of “modern” innovation.

I am constantly reminded by this when I watch Link TV and see programs like this one about Peanuts … and the fact that in this country a simple peanut sheller can make a huge difference in their life. Likewise in this program, River of Sand,
I was amazing to be reminded of the daily life of these people … and
is Huebner trying to say that they are expected to create their
proportional amount of measureable innovation??

I believe that what we are seeing is more of what is called the “great
divide” … the “haves and have nots” … the continuing division of
those who are leveraging the tools of the modern world, and those who
have little immediate requirement or ability to access them.

As I was reminded this last weekend, all people are “created equal,
that they are endowed by their Creator with certain unalienable Rights,
that among these are Life, Liberty and the Pursuit of Happiness.” For a
huge portion of the worlds population this has nothing to do with
modern innovation.

Firepoll … get cash with the right identity!

Posted on by
Reply

Some friends of mine have created a very cool new start-up called
Firepoll.  It’s like combining Instant Messaging with Surveys
… and you get paid for it!  Well … if you have the right
identity.

What they created is a small IM-like service that you install on your
machine.  You then register with their server, and they ask you a
lot of identity/profile information.  All of this is stored at
their server.  Companies interested in doing market research can
then visit the Firepoll web site and subscribe to do “Instant
Surveys”.  Through a web page they select all of the attributes of
the target market that they are interested in surveying, and in
real-time they can see how many of “those” people are currently
on-line.  They can then design their survey through their browser,
and select which “rewards” they are offering for completed surveys.

Lastly, they indicate how many survey results they want and when they
post the survey it is sent – instantly – to all of the on-line
community members who match the profile that was defined.  As soon
as enough people have replied, the survey is closed.

As a user of Firepoll, I have it running on my machine all of the
time.  When a survey is created, where I match the demographic
profile requested, I get a small pop-up message on my machine. 
When I click the message my browser is launched directly to the survey,
and the first question is “Which reward do you want?”  I can get
things like MP3 music, $1 to my PayPal account, discount coupons,
etc.  I then proceed to answer the survey questions, and then post
my results.  I get an e-mail with my reward notification in
minutes.  The entire process is a clean and simple experience.

To me, this is a facinating solution for a number of reasons …
combining many facets of the Internet into one powerful solution that
really leverages the power of distributed networks.  On top of
that, I can leverage my identity – or the one that I define and create
– to actually generate money.

It’s a cool product … I’d love to hear feedback from others on what they think of it!

What? I own my identity? You’re kidding …

Posted on by
Reply

I’m way behind on reading and posting, and now I’m playing
catch-up. I have been so busy with my new “full time” job, along
with working on three different start-ups. Oh yeah … and with a
family. 🙂

So this post caught my eye, just because Jim Kobielus would say
something so outrageous in my opinion. Anyone who has readm my
First Axiom or Second Axiom will immediately know that there is no
way that I could ever agree with this kind of statement:

Each person is the only legitimate owner of their
identity, all manifestations of that identity, and all associated
identity attributes.

What? Are you kidding? What a self-centered perspective of the world! Your identity is completely given
to you. It was created and attributed to you by someone else, or
some other organization. There is always someone else who knows
this information about you, since they are the one(s) who gave it to
you! Our identity is an aggregation of perspectives of us, given
to us by the communities that we belong to. We can een have
different and conflicting identity attributes at the same time …
because we can be members of different communities simultaneously and
each of them can offer differing perspectives.

I believe that one of the biggest hurdles that is impacting the
successful creation and deployment of Identity Management Solutions is
this complete misunderstanding of the origins of our identity. I
can understand the “feel good” nature of a comment like this, but as I
disassemble the statement it all collapses around one core point …
that a “person is the only legitimate owner of their identity.”
If my identity is given to me by some community, how I can I be the
owner of it? I am the recipient of it … I have a community
pointing their finger at me saying that it is true and accurate … I
even have to refer anyone asking for verification back to that
community to have it proven.

It might be true that I would like
to have as much control as possible, but there are other people who
already know this information. In fact, there is a whole load of
identity information that I give away simply by being available for
public observation. Any of the other attributes are all ones that
I get from elsewhere … I am told what my identity is by someone else
… and that person or community is the owner of that observation.

I’ll even go further … since I’ve been wanting to write about this:
No person has a reputation as
an absolute. All reputation is generated as an observation by
another. All reputation is relative to some other person or
community. A reputation is something that is said about you …
you don’t have it.

Anyhow … Jim … we disagree on this note. I get that you might
like this, or want it, as you feel that this would give you some level
of security … but you don’t own any of your identity.

Who owns the attributes?. Jim Kobielus has jumped fearlessly into the fray of trying to define the normative principles of identity,
by synthesizing the proposals of some others in this space. It’s a well
thought out piece, with some excellent ideas and only one major flaw.
Unfortunately, that flaw comes at the very top of the stack when Jim
states:

Each person is the only legitimate owner of their
identity, all manifestations of that identity, and all associated
identity attributes.

But read the rest of Kobielus’ note for some interesting ideas. [The Virtual Quill]

A good anti-phishing solution

Posted on by
Reply

I really liked the idea behind this solution being developed by Bank of America for anti-phishing
It’s really the simplicity that I like.  In short, it allows a
bank of America customer to customize the web page for their on-line
services … with a picture of image of their choice.  So now,
when a customer goes to log into the Bank of America site, they can
verify that the image is the one that they picked!

I know that there is still the general phishing scam that can be sent
out indicating that “Oh yeah … we had big problems with your server,
and your image can not be shown!” … or “Uh … we lost your image,
please log in and set your image again!” … but this is a very good
start.

The idea of customizing the page … to maybe even allow the customer
to choose among different types of customization … will allow users
to easily notice the differences in the web site, and then identify
potential phishing scams.

Simple … and a good start.

Anti-Spam and what to do today

Posted on by
Reply

It seems that anti-spam is, of course, all about verified
identity.  I really liked this article, and it got me looking into
what I can do on my mail servers today.  I realized that there are
things I can do when I read this quote:

Reports indicate that as much as 50 percent of sending domains are
authenticating their outbound e-mail using SIDF and signatures.

Wow … am I behind the times!  I went to Google and did some searching.  I found a great blog talking about SIDF where there are the following links describing where to read more and what to do.

The first link is the Microsoft SenderID page that has a lot of information.  It also has a link to this SenderID Overview Presentation that gives a great overview of the concepts and how it works.  The last link is to the Microsoft Sender ID SPF Record Wizard … which will assist in creating the actual DNS records that you have to configure.

All of this is oriented towards telling the world that your mail server
is the legitimate source of mail for your domains.  Time to add
more identity information about my mail server into DNS … I’m
creating my SPF Records right now …

E-mail authentication. Then what?. Sendmail CEO Dave Anderson explains why we’re approaching the end of e-mail as we know it. [CNET News.com]

Why using Identity is losing Identity

Posted on by
Reply

There are many things that computerized digital identity management
systems are going to be able to do … and many things they will
not. When I read this article about Amazon, I again thought about those who
believe that “I can control my identity” … I am not a strong believer
of this. Per my Second Axiom I believe that identity is given
to us by communities that we belong to. In addition, per this
article, I believe that the more that we use our identity, the more that we contribute to losing control of it!

What this article refers to is how Amazon is not only collecting information about its customers, but also the friends and family
of their customers. It appears that if I am an Amazon customer
and choose to have Amazon send a gift to someone, Amazon will begin to aggregate
information about them also! This also means that if my friends
or family choose to give me a gift via Amazon … people who I have
shared my identity information with … Amazon is beginning to
aggregate my identity! What is interesting is the depth of information
that Amazon is able to gather about me, or the friends and family of
its customers. It’s almost a form of “consensual phishing”!
Amazon simply asks its customers “Please provide us with a lot of
details about your friends and family!” … and we go ahead and enter
addresses, birthday information, etc. We sell out the identity of our own friends and family!

While I was at Novell working on digitalMe, I used to give a
variety of presentations where I would talk about the grocery store
cards that are given away to customers. I would ask the audience
how many people use these cards, and then follow up with a series of
questions:

What phase of the moon do you buy the most groceries? The grocery store knows. What foods do you buy the most during a full moon? They know that also. What month do you use the most toilet paper? Yep … they know that. What do you feed your family? Of course they know that. When did you have your first child? They know when the first diapers and baby food are purchased. How quickly are your children growing? Diapers come in easily tracked sizes. What color wrappers are you mostly likely to purchase? Ever thought about that? What shelf do you purchase the most from? Hmmm … think about that one!  What in-store advertising do you respond to?  Did you even consciously notice it?

People get the idea very quickly … the amount of information being
harvested about you is huge. If we take this in the Amazon
direction, there are all of the same questions that I could ask about
our behavior … what you are likely to click, what kinds of referrals convince you to purchase, etc.

The more that any of us interact with the world around us, we leave
behind a trail of identity information that not only identifies our
behaviors, it begins the process of spreading our identity over a
larger landscape … more and more places where we have little control
over it.

Amazon Knows Who You Are.
Many companies have systems for tracking customer habits, but Amazon
has collected info longer and used it more proactively. It now has
technology that tracks data on those you buy gifts for, and it reserves
the right to sell it all. [Wired News]