My
ignorance on the subject of identity grows daily. It appears to be an
exponential growth. I’m sure none of this is unknown to you, but for those,
like myself, who had not pondered the question, here is a simple view.
There
is an area of digital identity that is also growing exponentially.
This is an
area that has been grappled with by a number of people. The writing of a user
name and password on the Internet is an exercise that requires a considerable
amount of reflection. The creation of a digital identity opens the creator to
instant contact with the entire world at the push of a button. The barrage of
connections can begin to overwhelm. The new user has no idea by who, when, how
or why the connections are being made; hence, the staggering amount of attempted
and often successful frauds that are undertaken on the Internet.
Although
it may be fun to create an amusing or novel user-name and attempt to create the
completely indecipherable password, those efforts seem to be in vain when one
continues to be bombarded with ‘stuff’.
There
are a number of people attempting to create a safe and secure Internet and in
particular Identity.
Kim
Cameron is the Chief Architect of Identity at Microsoft and creator of the laws
of Identity, which are as follows:
1-
User Control and Consent
Technical
identity systems must only reveal information identifying a user with the
user’s consent.
2- Minimal
Disclosure for a Constrained Use
The
solution which discloses the least amount of identifying information
and best limits its use is the most stable long term solution.
3- Justifiable
Parties
Digital
identity systems must be designed so the disclosure of identifying information
is limited to parties having a necessary and justifiable place in a
given identity relationship.
4- Directed Identity
A
universal identity system must support both “omni-directional”
identifiers for use by public entities and “unidirectional”
identifiers for use by private entities, thus facilitating
discovery while preventing unnecessary release of correlation
handles.
5- Pluralism of
Operators and Technologies:
A
universal identity system must channel and enable the inter-working
of multiple identity technologies run by multiple identity providers.
6- Human Integration:
The
universal identity metasystem must define the human user to be a
component of the distributed system integrated through unambiguous
human-machine communication mechanisms offering protection against identity attacks.
7- Consistent Experience Across Contexts
The
unifying identity metasystem must guarantee its users a simple, consistent
experience while enabling separation of contexts through multiple operators and
technologies.
One
critical question is of course who provides
the identity. When establishing a user name one is asked to write the proposed
name in a box which will then reveal whether or not that name is unique and
available to be used; therefore, even although we appear to be choosing the
identity, we are in effect being offered various options and the provider of
names is to a great extent in control of the writing. There is already a
schematic of this exercise:
There
is so much more on the subject ‘out there’ and I will continue to plough
through it. Plough is not really the right word. Perhaps drudge, or navigate,
grind, or even schlepp. In the meantime here is a talk by Kim Cameron on the
matter of conflicting visions of cloud identity:
No comments:
Post a Comment