Thoughts on Digital Identity …
I read the following article and immediately visited the new DigitalIDWorld web site … it’s a very good start. I read a number of their posts, and had the following thoughts that I forwarded to Andre …

—–
This is a very powerful conversation, and I like the way that you have started to examine identity. I would really enjoy exploring this entire space with you as I have done some extensive thinking about digital identity over the last several years.

For some background, I was the original architect of digitalme at Novell several years ago. This project was the result of my research into directories and presence/instant messaging and how they relate to, and can be used in, digital identity management. Since leaving Novell I have continued my research and development of digital identity and identity management applications.

One of the core issues that I came across in my original research was that identity was always related to communities or organizations. Your “tiers” also indicate that you are on the same track. You are moving down some of the same paths that we explored when creating digitalme … that there are many different forms of identity. I want to offer some of my current frameworks and “axioms” for an extended conversation to explore this further.

  • Consider the possibility that no one has any inherent identity. Identity is not something that we have, it is something that we are given by others … usually communities or organizations. If you were to examine the Latin roots of the word “identity” you would find that it comes from “similar to” or “same as”. In our modern world we have failed to distinguish this subtle aspect of our own language. If we view a part of our identity as something that we are “similar to”, then we can see that we are not “6 feet tall”, but instead we are “similar to something that a bunch of us call 6 feet tall”. In my opinion, this is one of the most important distinctions in exploring identity because it then begs the questions “Then how did I get to be 6 feet tall?” and “Who is this ‘bunch of us’ that are saying I’m 6 feet tall?”
  • Consider the possibility that all of our identity is given to us by the various communities that we are a member of … including our families. Attributes of identity are all forms of language and measurement of an individual … comparisons to concepts that are known to a community. Again, some group of people made the choice that a “foot” was the term used to name the length of a physical piece of material. That same group also gave the name “six” to a specific count of elements, and when combining the two and looking at you they said that you are “six feet”. If we were to leave the context of this community and travel to a foreign land we might find that they do not have a “foot” and so that identity of yours doesn’t even exist to them. This then opens up the conversation about context of identity.
  • Consider the possibility that you have no identity outside the context of a community. Every attribute of your identity only exists within the context of the community that gave it to you. It might exist in another community, however only if that community has a relationship with the community that gave you that identity. For example, in the United States you have a Social Security Number, and it only exists in the context of the US. Since my bank has a relationship with the US, and they have also been given a Federal Tax ID number, these attributes of identity exist for us both in the context of the US and in our business relationship. Likewise, since many communities have adopted the common identity measurement of height using feet, my height is valid in the context of numerous communities around the world.
  • Consider the possibility that you started to accumulate identity the moment that you were conceived, and will continue to accumulate identity after you have died! Again, if we agree that identity is given to you by the communities that you interact with, then that interaction began upon conception, and people will continue to give you identity in their conversations about you after you die. If we go back to when you were born the community of your family gave you what we think is the first piece of identity that you get … your name! In most cases though, the delivering doctor or nurse might have already started to give you identity before your name by defining the medical and physical attributes about you before handing you to your parents! In addition, after you die, there are all of the documents and certificates that are generated that people will assign to you … adding to your identity. If they then start to clean out your house, they might find things that you left behind that continue to be added to your identity!
  • Consider the possibility that real identity management will become a reality when we can create applications which will accumulate your entire lifetime of identity, managing the relationships with the communities that gave identity to me. These applications will automate the process of requesting and granting identity, keeping identity information in sync, and allowing for historical searching of identity. (What were my last three addresses for this credit app?)

I believe that there is an abstraction of identity that we have created that allows us to view your three tiers as one and the same. This is really an exploration of the fundamentals of the human experience, and an ontological study. If we step back and truly examine what it is to be human, and a part of various communities, then a solid model for digital identity management begins to emerge. What’s funny is that the process of identity creation and granting has been going on since humans existed and they are all around us. Most people just don’t see them because they have become so commonplace.

These are the areas that I have been researching and developing solutions. I currently have my third generation of an application that begins to define the high-level “protocol” of identity transactions, and then the accumulation and management of that information.

I look forward to discussing these subjects further with you!

Scott C. Lemon
http://www.HumanXtensions.com
http://the.Inevitable.Org/anism

RFC: Sponsored Feature Section on Digital Identity. I have a proposal for the site, that I’d like your comments and thoughts on. Jabber.com founder Andre Durand and ISPCON founder Phil Becker recently started a new website called DigitalIDWorld.com. K5er Adam Theo is also working with them, and thought that the subject of digital identity would be something other K5ers might have some interest in, and perhaps we could arrange some kind of syndication agreement. I talked to Andre and Phil a few times, and below is what we came up with. We all think it has a lot of potential, but as always, you make the final call as to what’s good for K5. So read on for the idea, and let us know what you think of it. [kuro5hin.org]

More support for DSML and LDAP Directories …
As we started to renew our efforts on digital identity, we quickly embraced the DSML standard as an xML solution for representing directory information. These tools appear to be a very endorsement of the DSML standard and can assist Java developers in writing more and more directory enabled applications.

Open-source DSML tools. Gerv
Markham has released DSML Tools,
a suite of open-source Java
utilities for handling Directory Services Markup
Language (DSML) data. [xmlhack]

It’s all about replication … genetics is a good example!
When looking at the classic argument about centralized control and storage vs. distributed approaches, it’s easy to fall into the “trap” about the supposed benefits of the centralized approach. People will often talk about the “single copy” and “only one play to go for access”. They will also talk about “having to manage all of those copies” as though this is an issue.

What is interesting is that there are many lessons around us that show the disadvantages of centralized approaches … from the former Soviet Union to stories about the companies that centralized all of there computer data in the World Trade Center … backing it up to the other tower.

In looking at this situation I often reflect on the biological evolved systems all around us … and I have to say that one of the most sophisticated of these indicates that replication and copies is a valuable implementation … the Human Body!

Where does your body store the “blueprint” for the body? In one centralized place? No … it stores this in the genetic material in every single cell. Storing a copy of this critical information in every cell in the body could be looked at as inefficient, wasteful, and potentially dangerous. Another way to look at this is that it offers the most effective way to empower any cell to become anything that contributes to the whole. It prevents the cells from having to reference some “central authority” to determine their purpose.

To me … synchronization and replication are the way to go … and some folks at MIT seem to agree that the net is mirroring this direction.

MIT Technology Review: Super Sync. Instead of ubiquitous connectivity to centralized databanks, we are instead building an infrastructure that’s optimized for data replication. The same information is getting copied to dozens, hundreds or even thousands of places throughout the world… [Tomalak’s Realm]

Why our 80211.net project can rule!
I spoke with Stewart at one of the Telecosm conferences, and we talked about the subject of viable business models. At that point I suggested that both Metricom and Mobilestar were on interesting paths that I could not see sustainable. Both of these organizations have run into extreme trouble. In my opinion Metricom went off track with it’s proprietary solution, and Mobilestar was never going to be able to finance the deployment of an “owned” infrastructure.

My team and I have developed a much different business model … and we are looking to deploy the first tests around the time of the Olympics here in Utah. Keep watching http://www.80211.net

Stewart Alsop: “Wireless rocks! Wireless stinks!”  [Scripting News]

Amazing vision! An Identity Management solution that is well thought out …
This is a very cool find … it appears that Mr. McCandless was working on the same ideas at the same time as our team at Novell! When we were working on digitalme we realized that identity was something that had to be collected in a “Personal Directory” (e.g. Novell’s Personal Directory – Leading Edge Downloads #138) to be an effective solution. Although Novell has not done anything with this since, we now have a new project that will demo in January. We will be releasing our “FreeID” agent as a tool for automating the collection, distribution, and coordination of identity information.

I’ll have to get in touch with Mr. McCandless to see what he thinks!

Private Personal Agents vs. Microsoft’s Passport [Slashdot]

Nice Jabber IM Programmers Overview …
Jabber is a open source solution for Presence and Instant Messaging. I am still a big fan of Jabber … I believe that it is still looking for some big visibility, and I’m thinking that it will get this through a killer-app that will support Jabber. Here is a good start for developers to write support for Jabber into their code.

Jens Alfke: Jabber Client Developer’s Cheat Sheet. [Scripting News]

Down at Comdex … creating the future …
I’m down in Las Vegas … spent the whole day, and will be here all day tomorrow as well. It’s been a fun day so far. The registration was light, there was security present at the doors, and the number of people on the floor was light.

I’m walking the floor with a good friend, John Pugh, who I haven’t seen in quite a while. I’s a blast to get a chance to brainstorm with him … spew ideas at him … and catch up on things.

It’s been a fun show, and as usual I spent my time looking through all of the little booths that are here representing the various Pacific Rim countries – Korea, Thailand, Tiawan, etc. I have to say that the Korea booths were filled with some cool stuff … a lot of wireless, new funky computer cases, and some other cool products. I barely made it half way through the Tiawan section, and so we are going to pick up there tomorrow morning.

I spent some time at the Xybernaut booth … I’ll be working closely with them as we move forward with HumanXtensions. Here at the show, most of the folks are oriented towards WinCE, Palm, and the new PocketPC 2002 … but Xybernaut and few others are seeing the future … full blown PCs with full power operating systems.

I found a large number of interesting technologies and products … I found the LCD panels that I wanted for one application … and I’m searching for the others tomorrow. I found some cool peripherals, and several interesting security peripherals. There are large numbers of “Internet Appliances”, or appliance developer kits …

I’ll be writing all about this in the upcoming month or so … there is a lot going on in the market place!

The continuing evolution of Instant Messaging … as people learn …
This is a good article that outlines the continuation of the learning process about Instant Messaging. One of the things that I learned while working in this area of research is that there is considerable confusion about exactly what we are talking about when we say “Instant Messaging”.

While working on the digitalme project at Novell, I had created a foundation framework for identity, community, and communications. Within this framework I quickly realized that it is not about “instant messaging”, but instead we are seeing a number of human behaviors and interactions collapsed. There is being, community, identity, and communications … and all of these are collapsed in our current conversations about “instant messaging.”

Being … that is who we are … who we are being. We then create relationships … which generates and creates community. Community then can give us identity … indicating who we are being repeatedly in that community. We then can indicate who we are being at any point in time (presence), and allow for various forms of communications at any particular time.

So what we really have is a way to organize the communities that we are a part of, and the members of the communities that we communicate with. We can then “see” their status and who they are “being” at that moment (presence)… and then we can choose the way that we (and they) wish to communicate. The aspects of building our “buddy list” and the indication of “presence” are some of the most critical components, but tend to be lost in these articles.

The next wave of instant messaging. Who needs e-mail, or even the phone? New tech plans to take IM far beyond the simple text message. [CNET Tech News]

Distributed, replicated file and data storage …
This is a project that resembles the work of the Freenet organization … only this has the backing of Microsoft! They are creating a distributed set of shared storage as a solution for fault tolerant data protection. A group of people form a “replica ring” of sorts … and begin to store files on each others file systems. There is encryption and meta-directory capabilities which make this a very likely future.

MIT Technology Review: Fault-Tolerant File Storage. That earth-shaking experience got Theimer, then an operating systems researcher at Xerox PARC, thinking about how to make computer file storage systems radically more fault tolerant. His work has helped to lead to Farsite, a fail-safe storage technology being created at Microsoft. [Tomalak’s Realm]

The SyncML.org group is slowly making some progress …
I just downloaded the SyncML developer kit to take a look and see what they have created. I am a huge advocate of synchronization solutions, since they appear to be a mirror of biological evolution. I am still waiting for the ultimate sync solution so that my addressbook, cell phone, and Palm all contained the same data … but it’s not here yet …

SyncML 20010306 (Default). The official Synchronization Markup Language toolkit. [freshmeat.net]