The Second Axiom of Identity

This is my second Axiom of Identity, which builds upon the
first. I swear that if you grok these, you’ll see the model that
I am creating that allows for the creation of powerful identity
management solutions. I believe that it is important to remember
that we are living in a world with so much identity around us, that we
fail to realize where it all came from. On to Axiom #2:

I posit that identity does not exist outside the context of a community.

Once again, it is easy to fall into the trap of believing that I have
inherent identity, and that it is mine. However The First Axiom
of Identity builds the foundation that all of my identity is given to
me by others. If this is the case, then that identity can only
exist, and be understood, by the community that gave me that identity, or other communities that are related.

The root of the Second Axiom is that identity is built upon language and
communications. Since attributes of identity are descriptive in
nature, they are dependant upon accurate and consistent definitions of
those attributes. It is often difficult to see this clearly since
much of what we are looking at with identity was learned when we were
children. Some of our attributes are so commonly understood
within our communities, that we fail to see them distinctly.

For example, we all know what height, weight, age, hair color, and shoe
size are. What we forget is that there are still communities on
earth that would not understand our measurements of these attributes
… let alone the name of the attribute! We can assume that
almost any culture on earth has the concept
of weight, and has some word they assign to it. We can not assume
that they measure their concept of weight in a unit of measurement that
we would understand. I happen to be well versed in ‘pounds’ since
I was raised in the United States. In the UK someone might
actually still give me their weight in ‘stone‘.

Although there is considerable efforts in global standards, these
standards are only beginning to scratch the surface of a common
language for identity attributes, and a common set of metrics for these
attributes. Until the standards grow to encompass all of identity
(yeah … and when will that be?) we have to understand that identity
attributes must be related to a community, and the standard by which it
is measured.

So where does this fit in the software realm? It simply means
that as we create a ‘schema’ for identity, we have to keep track of the
‘context’ of that information. Two core pieces of information
that we have to track when creating an identity management solution
include “Who is the definitive source of that identity attribute?”, and
“Who is the authority on the metrics of that identity attribute?”
These might be different, or the same, communities. Using the
example of weight, the definitive source of the information could be my
home scale, a doctor, or a hospital that I visited. The metric of ‘pounds’
in the United States, however, is governed by the National Institute of Standards and Technology.
Again, the importance of this is when a person or company wants my
identity, they also will want to ensure they trust the definitive
source, and the metrics that I provide. (I am sure that the new Virgin Galactic
space flights are not going to trust my home scale as a definitive
source of my weight!) Another example of this is that your bank,
when you apply for a car loan, still wants to check with the definitive
source of your employment information. And they are going to want
to hear your salary in units of measurement that they know!

Some new issues arise as we dig deeper into this model. First, we
have to be ready to resolve conflicts in naming of identity
attributes. Second, we have to be ready to provide translations
between units of measurement. Third, we have to have mechanisms
to verify identity information with the definitive sources.

All of these are subjects that I’ll touch on in other Axioms …

Motorola buys MeshNetworks, it’s time to take notice!

As a Wireless ISP, it is important to stay on top of the various
wireless standards, and technology trends.  “Mesh Networking” has
been a growing innovation for quite some time now, and things are only
going to heat up more.

Last week, we saw some of the larger companies getting more interested in mesh networking when Motorola bought MeshNetworks.  When we start to see the acquisitions like this occurring, the market is warming up and becoming more mature.

What is mesh networking, and why would a WISP care?  Mesh, also
related to Mobile Ad-hoc Networking (MANET), allows each wireless node
to not only send and receive data, but to “repeat” data for other
nodes.  What this means is that each node in a mesh network
becomes a repeater capable of extending the range of your wireless
network.

It is important to understand that mesh networking is not the “end-all”
replacement for more traditional “hub and spoke” designs, however it is
able to complement these designs in areas where you have a higher
density of users.  Consider using mesh solutions in suburban
enclaves, where you would only have to get your wireless backhaul to
the edge of the neighborhood … and then use mesh to cover the homes
within the neighborhood.

Mesh and MANET are still being evolved to address some of the core
issues.  Static mesh networks are more prevalent than mobile
MANETs since the routing between mobile nodes becomes much more complex.

To discuss Mesh or MANET networking, come join the conversations in our MANET and Mesh Networking Forum!  There is already a link to some tutorials posted there …

Finding Identity … Directory Limitations …

When I first read this summary, I was thinking along a completely
diffferent path.  This article has some good points, however as
usual it seems to focus on the people who are using identity
information outside of the control or involvement of the end-user.

As a side note, this reminded me to document some of the current
limitations in directory technologies that I believe are continuing to
hinder directory-based identity solutions.  Two of these
limitations are:

  • Directories lack temporal versioning of attribute information and
    values.  If you consider identity of a person over time, there are
    numerous attributes that will change and evolve with that person as
    they grow and proceed through life.  So height, weight, income,
    home address, employer … all of these are attributes that change at
    various rates.  A directory must have the ability to record the
    changes allowing a persons identity to be viewed as of any date/time in
    history.  An example of where this becomes powerful is for when we
    are asked for our three previous jobs, or prior addresses.
  • Directories also lack attribute aliasing.  We all have
    identity attributes that are given different names in different
    communities … but they all point to the same identity
    attribute.  This could be as simple as the attribute name in
    different languages, to completely different words or references that
    point to the same attribute:  Salary vs. Annual Income

Anyhow … I still do like using directories … they just have to evolve forward to contain some additional capabilities.

Identity: Find it before federating it.
These Avanade consultants say identity federation has merit, but it’s
not a panacea for fixing problems with identity complexity. [Computerworld Software News]

Linux Kernel Backdoors

I found this a very interesting read – An Introduction to Linux Kernel Backdoors.
It shows some of the details that can be gleaned from reading through
the source of the Linux Kernel, and some ways that extensions could be
developed for a wide range of uses … good and bad.

I keep thinking that once more and more “un-Linux-educated” people
begin to use the operating system, they are going to fall prey to the
same types fo scams as Windows users. We already see the huge
number of people sucked into “Phishing” scams. I believe we will
see just as many people falling for entering their root passwords, etc.
on their Linux desktops.

Maybe not … but it will be interesting to see …

The First Axiom of Identity

In the beginning, there was … well … what was there? This is
the first of several posts that I am going to write, that outline some
of my thinking and research into digital identity. So to get
things going:

I posit that we humans do not have any inherent identity.

What? Are you kidding? Of course I have identity!
Well … like what? Age? Height? Salary? Credit
Information? The key is to recognize that none of these are
inherent to you … they are all given to you by outside
entities. All of them.

If we carefully examine the definition of “identity” we’ll see that the roots of the word is from Latin:

Etymology: Middle French identité, from Late Latin identitat-,
identitas,
probably from Latin identidem repeatedly, contraction of
idem et idem, literally, same and same
1 a : sameness of
essential or generic character in different instances b : sameness
in all that constitutes the objective reality of a thing

Consider the possibility that “identity” is really a community saying
that we are “the same as something else”. Our height is the same
as something we call “six feet”. Our age is the same as something
we call “40 years”. Our salary is the same as something we call
“$150,000”. Identity becomes a completely relative thing.
Relative to a community that we belong to. And identity is completely based on language.

To reinforce this, consider that all of your individual pieces of
identity – all of your attributes – only exist within the context of
the community that gave you the attribute. If you have a US
Social Security number, it means nothing in the jungles of New
Zealand. If you weigh 150 pounds., then it only means something
in a community that understands what a pound is. And my credit
history, or work history? Again, these are only valid in a
community context that understands what these are, and that knows the entities
that gave them to me. This is actually the basis for the “Second Axiom of Identity”.

What is so important about this First Axiom? It is that we
gather identity about ourselves throughout our lives. Our
“identity” actually starts before we are born, since our parents and doctors begin
the process of describing us and creating the “same as” stories.
(e.g. he kicked alot, was our second, etc.) On top of that, our
identity continues to grow even after we die. Our death
certificate, the details of our funeral, and the results of our
will. We might even get into a Hall of Fame, or gain other such
tributes after death. We accumulate identity from before we are
born, throughout our lives, and even after we die. And there are
a lot of people and companies that want that accumulated
information. What is interesting is that there is no software
solution for a person to easily accumulate their identity.

Most efforts in digital identity management have taken the tack of
controlling the dissemination of our identity … but few have had a
focus on how to accumulate our identity. When I was working on
the digitalMe project at Novell, I realized that core to digital
identity management is our own ability to accumulate our identity
information as it is given to us. Only when we have accumulated
it, can we choose who to share it with. Only when we accept that
we have no inherent identity can we build the systems to accumulate it
from scratch.

Kim’s Law’s of Identity …

I like the direction that Kim is taking with his “Law’s of Identity”.
I had started a list a while ago of my “Axioms of Identity” … I’m
going to dig them up and elaborate on them. They actually will
dovetail nicely with what Kim is creating.

With his first law, Kim covers “The Owner Decides …”
which is common sense to those in the space. There are, however,
some complexities to this scenario. I agree with it, but there
are deep assumptions that we operate on top of … many of which I
would suggest are false. We just don’t see it in everyday life.

I believe that if we look deeper into what “identity” is, and where it
comes from, we are able to build much more powerful models to develop
software around. If we operate from an incomplete model, we’ll
always end up dealing with inconsistancies … and these are the
indications of the incomplete model. The most important thing is
to study and understand the language that we use … all identity comes
from communication. I love language and words …

I’ll see if I can post my “First Axiom of Identity” tonight … I’ve
got a couple of things going on, but the kids are almost in bed.
😉

Also … I like “The Owner Chooses” better than “The Owner Decides” …
purely from an empowerment perspective. If we look at the roots of the word “decide”
we’ll see that it really means “to cut off” … to take a path by
“cutting off” all others. To go in a direction after “killing
off” all alternatives.

Choice is defined as “to select freely and after consideration” … a much more empowering perspective … IMHO. I know … some will say nit-picking,
however I believe in the power that language has over us … and feel
that we often limit ourselves using less powerful words. If you
want to hear others in science talk about this … go see the movie “What the BLEEP do we know!?”

P.S. I look forward to talking more with Dave Kearns about Identity and Persona.
It seems to me that Persona is the “social facade” that we create …
the story that we have about ourselves. To me, Identity is more
the “sameness in all that constitutes the objective reality of a
thing”. More on this in my Axioms …

Reverend Ted and his post on Open Source

Wow … Ted is blogging and he didn’t even tell me!

I just read a post by Ted Haeger at Novell titled “When Innovation Runs Out” … it’s an interesting post.  There was one thing that hit me while reading it …

In his post, he quotes someone stating “Our objective is to produce an alternative, not a substitute.”
and I really like this.  It is important to see that even as an
“alternative” it is not necessarily a “replacement”.  The people
who believe that Linux and Open Source is somehow going to be the “rip
and replace” solution for Windows are fooling themselves.  I have
worked on large network and system migrations, and these are not small
undertakings.  Instead, IMHO, I believe that we are going to see
Linux and Open Source join existing networks, and begin to expand in
their adoption and use.

It
seems a common thought that users will “transition”, or “switch” from one solution
to another.  However it seems that this is seldom what
occurs.  It is a tough to get users to completely give up what
they had, and embrace *only* the new.  Instead, users will adopt a
new “abstraction” that provides them with more value … and the old
stuff and new stuff seem to move forward together.

Examples of this are that even though we embrace MP3, we still seem to
have a lot of CDs around.  Likewise, no matter how hard I work at
it … I still have some Windows machines around … and even a Novell server or two.

I believe that we are going to see more and more solutions built on top
of  powerful abstraction technologies … and the old stuff is
still going to be there for a long time.

Getting back into the conversation …

It’s funny how some conversations come and go. I am getting back
into the Digital Identity conversation since the universe is obviously
prodding me to do so.

I was talking with Phil Windley last month at his CTO round-table and he was preparing to go to Digital ID World.
He invited me to go, however I just didn’t find a way to fit it
in. He mentioned that Craig Burton was going to be there … man
o’ man … what a hard choice to make … what a conference to
miss. I truly enjoy talking with both Phil and Craig about
identity.

Well … post conference, I have been hearing bits and pieces. I started to look at Craig’s blog, and he indicated that Kim Cameron started to blog about identity. Reading his blog, I found Dick Hardt’s blog, and his company Sxip.
Sxip seems to be doing some very cool stuff … and along the same
lines as what we were exploring with digitalMe at Novell.

I downloaded the various whitepapers about Sxip … and I’ll be posting some of my thoughts on what they are doing …

I enjoy getting back into the conversation …

FreeID.Org … My thoughts on Digital Identity

I am returning to one of my topics of interest … Digital Identity.

Digital Identity is a subject of much discussion these days. It seems like
every company on the Internet is interested in digital identity, your identity,
collecting your identity, profiling your identity, or protecting your identity.
What is “Digital Identity”?

History
FreeID.Org was created by Scott C. Lemon to fully explore a new model of “digital identity”. Scott was the
original researcher and architect of Novell’s digitalMe initiative working for Mike Sheridan.
During his research he found a tight coupling between identity and community,
communications and collaboration. Soon after the announcement of digitalMe,
Novell executives chose to alter the path of the project and Scott took his
research outside. During the ensuing year he evolved his framework for
digital identity into whole new dimensions, and FreeID was born.

FreeID … identity can not be held by any one entity!
With
a small group of developers, FreeID has been taking
form. We actually slacked of for quite a while, but I
have a new interest in Digital Identity as I have found numerous
companies that are beginning to see the light. FreeID is a
directory-based solution to gather your entire lifetime of identity
information, and to distribute this information in an automated fashion
… including keeping this information up to date with the various
organizations that a person is related to.

The coming FreeID application is one which works around a set of distinctions
of digital identity that form a framework of individual interaction, and
interactions with organizations and communities. This application will be
released for free to anyone that would like to experiment with digital identity
in a whole new model … so stay tuned and check back!