Tuesday Jan 06, 2009

The Role of Digital Identity in Open Government

An Open Government Workshop to be held at MIT on January 15th,  will address the role of Digital Identity as a key enabler for effective interaction between citizens and government leaders. 

This workshop is being organized by Dazza Greenwood of Civics.com on behalf of the MIT eCitizen Architecture Program, the MIT Media Lab SmartCities Group and the eCitizen Foundation.

The Digital Identity part of the workshop is being directed by Bruce Bakis of Mitre Corporation, Team Leader of the Safeguarding Digital Identity research project for the Institute for Information Infrastructure Protection.  In an invitation to Identity Management community, Bruce stated:
"Several goals in the Obama-Biden technology agenda articulated at change.gov fit right into our Digital Identity wheelhouse. Two of these really hit our sweet spot: Create a Transparent and Connected Democracy, and Lower Health Care Costs by Investing in Electronic Information Technology Systems.

"So, here’s what we’re doing: holding several virtual events and one “real” one to compile and present to the Obama-Biden administration a prioritized list of issues, problems and questions.  During the “real” event we will hold three interrelated discussions:
  • The use of Digital Identity as a key enabler (for the other two agenda items and so much more)
  • How to Create a Transparent and Connected Democracy that’s open, effective, privacy preserving and secure;
  • How to Lower Health Care Costs by Investing in Electronic Information Technology Systems."
You can register here for participation in the January 15th event.  You can participate in formulation of the dialogue that will occur at the main event by using this online forum to submit and rank questions to be addressed during the event.

Technorati Tags: , , ,

Wednesday Dec 17, 2008

Identity Deserves our Best

In his NetworkWorld Identity column today, Dave Kearns quotes Ping Identity CEO Andre Durand speaking about the Golden Guardian comic strip. I particularly like Andre's comments about "life, energy and passion":

"I believe we're at an important juncture in our industry, one that will require everyone do their part. If we fail, we could become like so many other industries where life, energy and passion have left, and all that is left is apathy. Identity is so important, it deserves our best.
Yes, Identity is important.  It does deserve our best.  This industry impacts so many facets of our professional and personal lives.  The threats to privacy and security are real.  But the benefits for successful Identity management implementation are also real.  It is a great time to be involved.

Thanks, Andre, for your profound words.  Thanks, Dave, for sharing these thoughts with us.

Technorati Tags: , , ,

Monday Dec 15, 2008

Identity, Context, Preference and Persona

While exploring how Identity is an enabler for personalization of products and services, I recently pondered on the relationship between four interesting words: Identity, Context, Preference and Persona.  Dictionary definitions of the three words include:
  • Identity: "condition or character as to who a person or what a thing is."
  • Context: "the set of circumstances or facts that surround a particular event, situation, etc."
  • Preference: "that which is preferred; choice."
In other words, I might say about myself:
  • Identity is who I am
  • Context is what I am doing at a particular time
  • Preference is what I choose to think or do
I propose that the fourth word, Persona, is at the intersection of the first three concepts.  The dictionary defintion:
  • Persona: "the mask or façade presented to satisfy the demands of the situation or the environment and not representing the inner personality of the individual; the public personality."
In other words, a Persona is a personality I choose to project in a particular circumstance.

Graphically, we may diagram the relationship as shown below:

Persona is not just a partial projection of one's identity.  It must take into account the context in which a person exists at the moment, and the preferences the person makes relative to that particular situation. Personalization of a product or service must be synchonized with the persona of a person at any relevant point in time - his or her current persona.

For example:
  1. My interest in photography is one of several attributes of my personal Identity.
  2. Last Saturday, my presence in a camera store less than two weeks before Christmas was my context at a particular time.
  3. My preference at that time was to find a replacement camera bag.
My current persona was essentially: 1)photography buff, 2)in a camera store, 3)with desire to buy a camera bag.

At that point, to present me with information about dairy farms in Idaho would clearly not be synchronized with my current persona, even though Idaho cows are a legitimate interest of mine.

As good fortune would have it, a very helpful sales person was very synchronized with my persona.  He showed me a great camera bag that would fit my needs, and knowing that Santa was coming soon, let me drool over a really cool, image-stabilized Nikon zoom lens.

Please let me know what you think about this concept.  I plan to share more thoughts in coming days.

Technorati Tags: , , , , ,

Wednesday Nov 12, 2008

Integrated Identity Infrastructure

This morning, my Sun Microsystems colleague Rakesh Radhakrishnan published a blog post that proposed an "Integrated Identity Infrastructure acting as the Common Service Building Block" that provides foundation Identity services for multiple areas in the communications and media markets, including the flowing use case areas:
I am intrigued with this concept of an Integrated Identity Infrastructure enabling a wide ranging set of business and consumer functions.  I look forward to more good discussion in this area.

Technorati Tags: , , ,

Tuesday Nov 11, 2008

OpenSSO Enterprise - Download it Now

Today is the official release date of Sun's OpenSSO Enterprise product, the 8.0 version of the product set formerly known as the "Access Manager/Federation Manager", which was publicly announced on September 30th.


So, what's new in this release?
  • The Fedlet - a lightweight way for service providers to quickly federate with a SAML 2.0 identity provider
  • Multi-Protocol Hub - allows companies that are members of a circle of trust to speak different federation protocols
  • Identity Services - invoke AAA services using your IDE of choice or any programming language (e.g. Java, .NET, PHP, Ruby, etc.)
  • Express Builds - deploy next-generation features from the OpenSSO community with the same support and indemnification provided with commercial releases
  • Ease of Use - new task-based UI for common federation-related operations
  • Ease of Install - just drop the WAR file into your servlet-container of choice, hit it with a browser and, in the simplest case, supply admin passwords
  • Much more, including: centralized server configuration (no more AMConfig.properties text file), centralized agent configuration (no more AMAgent.properties text files).
Give it a whirl - download it here today!

Technorati Tags: , , , ,

Wednesday Oct 15, 2008

LinkedIn Identity

This morning, my colleague Hubert Le Van Gong drew my attention to the Liberty Alliance group on LinkedIn. It is great to see an expanding number of Identity Management groups available on LinkedIn.  I currently belong to these LinkedIn groups which are focused on Identity Management or Information Security topics:

Technorati Tags: , , , ,

Wednesday Oct 01, 2008

OpenSSO Enterprise

Yesterday, September 30, 2008, Sun Microsystems officially unveiled OpenSSO Enterprise, Sun's "Next-Generation Access Management, Federation and Secure Web Services Solution."

Over three years ago, way back on July 13, 2005, just two months after I wrote my first post on this blog, Sun announced at the Burton Group Catalyst Conference "plans to open source its web site authentication and web single sign-on (SSO) technologies through the Open Source Web Single Sign-On (OpenSSO) project."  I gave the announcement only one sentence of coverage: "Open SSO will provide source code for basic identity services including Authentication, Single-domain SSO, and Web and J2EE agents."

Yesterday's announcement was, in a way, a celebration of that early foray into the world of open source.  What began as a virtual toe-dip led to complete immersion in open source waters.  OpenSSO Enterprise is a result of putting Sun putting its entire access and federation management code base into the open source domain, providing a transparent and progressive forum for collaborative development.  The innovations apparent in this newly released product owe much to the many external contributors to the OpenSSO project.

It is exciting to see the fruits of Sun's open source strategy unfold.

Technorati Tags: , , , ,

Thursday Sep 18, 2008

Super-scale Required for Digital Media Distribution

It has been intriguing for me to read over the past several months about the accelerating demand for digital media distribution and download.  In a crazy world where an YouTube video of yours truly going down a zip line Park City has been viewed over 2,750 times, it seems that online viewers have an insatiable appetite for content.  Yet videos of zip lines are but a drop in the proverbial ocean of digital media.  Just imagine when we really kick it in gear and demand that the industry provide both the ability to stream high defintion video to any device of our choice at any time we want, as well supporting our desire to generate and distribute high definition content ourselves.

This week, in an article entitled, "Deloitte Launches Initiative to Streamline Digital Media Distribution," David Rips, lead architect of the Deloitte Digital Media Framework and director in Deloitte Consulting LLP's Media and Entertainment practice, addressed the net effect of this appetite:
"... the technical scale and complexity required to deliver this demand far outstrips the capabilities and capacity of today's digital media companies and infrastructure."
The Deloitte Digital Media Framework proposes to establish a new digital media value chain that will enable the delivery of content from multiple creators, on multiple devices, through multiple carriers.
"The technology infrastructure needed to meet increasingly sophisticated media demands will dwarf anything we've seen before,"said Phil Asmundson, Deloitte LLP vice chairman and national managing partner of Technology, Media and Telecommunications.

It will be really interesting to see how this unfolds.

In the mean time, take another look at my zip line video. It had twice as many views today as it had the last time I checked. It will be interesting to see if the number doubles again.

Technorati Tags: ,

BearingPoint and the Marines

Washington Technology reported this week "BearingPoint to assist Marines with identity management". I confirmed today that BearingPoint is using the Sun Identity Management suite as the basis for this significant project. Congratulations to our friends from BearingPoint on this significant win!

Technorati Tags: , , , ,

Wednesday Sep 17, 2008

Happy Thoughts about You

Much has been said about user-centric, or user-controlled Identity allowing individuals to choose which subset of personal Identity attributes use in facilitating online interactions. Maybe this could be called "self personalization" because an individual is in control and actively choosing specific steps to follow.

But at the recent Digital Identity World conference, I had a minor epiphany. As a speaker addressed the subject of role management, it struck me that much of enterprise Identity management is also about personalization - granting people the specific rights and credentials to enable them to do their work. These assignments could be made automatically or with human intervention. This could well be termed "assigned personalization."

I supposed that efforts like Amazon's to deliver purchase recommendations based on past activities would be a form of "calculated personalization."

In all three cases, the objective is similar - how can the online application experience be more closely aligned with who a person is and what the are doing at a particular time?

Personally (pun intended), I think this personalization stuff is fascinating.  Those are happy thoughts.

Technorati Tags: , ,

Saturday Sep 13, 2008

Managing My Identity on chi.mp

I recently received an alpha test invitation from chi.mp to try out their new service: "The dashboard for your digital life," which offers "The simple way to manage your online life, on a domain of your very own." 

So, I established my own domain, "markdixon.mp," populated my profile with links to the social networking sites I frequent (Facebook, Twitter, etc.), my blogs and websites, and the instant messaging services I use.  This site allows me to provide some measure of integration among the different facets of my Internet presence, and gives me quite a bit of flexibility in exposing which details of my Identity I believe to be appropriate.

By coincidence, I met Tony Haile, the chi.mp Chief Strategy Officer, at Digital ID World earlier this week.  He has interesting perspectives to share in the DIDW session, "How Social Web will change Identity Management."  It appears that Tony and the DIDW crew are making an important contribution to this change by offering steps forward in Identity integration and personal control.

Please take a look at my chi.mp profile and let me know what you think.  I'll keep you updated as this experiment proceeds.

Technorati Tags: , , , , ,

Tuesday Sep 02, 2008

Identity Paramount for Mobility

As the mobile Internet arrives, Identity becomes paramount, points out Andrew Jaquity, Security Program Manager, Yankee Group, in a compelling article in last Friday's RCR Wireless News. A few of his statements impressed me:

"As the mobile Internet becomes a reality, it will pull identity issues along with it. Users will take their identities (user names and passwords, personal attributes, location) with them on their phones. Vendors can significantly ease user pain by working together."

"Mobile operators should add identity management features to give users more control. "

"Security-software vendors should ally themselves with trusted parties, rather than compete with them."

Technorati Tags: , , ,

Saturday Aug 30, 2008

Radhakrishnan and Chandramouli - Identity and Policy

I am pleased to announce the publication of Identity & Policy: A Common Platform for a Pervasive Policy Paradigm, by Sun colleague Rakesh Radhakrishnan and Dr. Ramaswamy Chandramouli, published by Futuretext.

"The objective of this book is to explore the strategic significance, market requirements and all the potential possibilities of leveraging Standards based Identity and Policy Systems for an Enterprise IT environment (& Enterprise Architecture) and Telecom environment to provide a pragmatic view for the future in network convergence based on NGN and converged services based on Service Oriented Architecture."

Congratulations Rakesh and Ramaswamy on extending our education in these critical Identity Management concepts.

Technorati Tags: , , ,

Tuesday Aug 26, 2008

Validation - Overcoming Identity Fraud

In his recent Network World article, Dave Kearns challenged the Identity Management industry to give special focus to validation in the process of issuing authentication credentials or creating user accounts:
" ... validation - ensuring that the account that gets created accurately reflects the true identity of the entity that it's created for. This step can overcome much of the identity fraud (what the popular press calls “identity theft”) that is prevalent today."
Much of the ongoing controversy swirling around OpenID gets down to this basic issue. If OpenID credentials (or any credentials for that matter) can be issued to a person without verifying their true identity, the potential specter of fraud looms large.

However, as Dave also points out, users are slow to accept any methods that require extra effort:
" ... users, as most of us know, are more reluctant to change than a baseball player on a hitting streak. Getting the changes implemented is going to be a slow slog ... "
Short of government mandated and enforced identification processes that include fingerprinting and retina scans, I'm not sure how bullet-proof validation will occur, but perhaps we will develop methods with acceptable levels of risk that improve over what we have now. A Google search on "identity validation" yields a wide variety of disparate efforts in this area. The Wikipedia article on "Identity Score" highlights methods for "tagging and verifying the legitimacy of an individual’s public identity." Many smart people are addressing the subject, but there is much more work to be done.

Technorati Tags: , , , ,

Monday Aug 25, 2008

Eve Maler live at Gnomedex

Please join me in watching the XMLGrrl herself, Eve Maler, speak at last week's Gnomedex 8.0 conference, as presented on Chris Pirillo Live. Eve articulately addressed the topic "The Care and Feeding of Online Relationships," covering timely issues related to humans' online relationships with networked applications.
Technorati Tags: , , , ,

Discovering Identity was founded on blogs.sun.com in May 2005 as a means of documenting my exploration of the field of Identity and Access Management. In February, 2010, I switched to hosting the blog at DiscoveringIdentity.com. In March 2012, I began posting Oracle-related information in both places.

Thanks for stopping by.

Please connect with me in cyberspace at LinkedIn or Twitter.

The views expressed on this blog are my own and do not necessarily reflect the views of my employer, Oracle Corporation, or any other person or organization.


« July 2016