About Dave Kearns follow me on Twitter IdM Journal Wired Windows Dave Kearns' Fusion newsletters on:
|
Monday, May 18, 2009
The Diamond FrameworkPaul Trevithick has done us all a great service: he's provided a matrix of terms from the major authentication/identity systems making up what's loosely called "user-centric" identity and equated the varying terms (each identified with a letter) to facilitate conversations about the varying protocols, systems and technologies. A wonderful effort coming, as it does, on the opening day of the spring Internet Identity Workshop.Would that, in this best of all possible worlds, the various evangelists for these systems could adopt Paul's terminology. Labels: Oauth, openid, SAML, user centric, VRM Tuesday, September 16, 2008
Identity-centricPam Dingle has a bit of a rant today about the term "user-centric." Well, not about the term itself but about people's desire (e.g., the entire Burton Group) to get away from it."Sure, there are a few blind worshippers of the cult of user-centric out there, but I firmly believe that common sense has to win out in deployment scenarios, and that various technologies should and will be used where applicable to solve problems. " I think it's about more than just a term, more than just a feel-good quality, Pam. The "User-centric" term was coined, initially, to try to differentiate internet-based individual identity protocols from those used within the enterprise. But it's really all identity, and there doesn't need to be a distinction. That's why I wrote, last month, "Why there's no 'user-centric' or 'enterprise-centric' identity," where I said: "Enterprise-centric identity management, we postulated, is really all about tying together all the activities and attributes of a single entity into a readily accessible (and reportable and auditable) form; while user-centric identity is about keeping various parts of your online life totally separated so that they aren't accessible and no report can be drawn. Labels: Burton Group, digital identity, enterprise, identity, Laws of Identity, persona, roles, user centric Tuesday, September 09, 2008
Virtual Loyalty cardsWhat is possibly the first leveraging of information card technology was announced today by aptly named "fun communications": the virtual loyalty card.WebCard Loyalty offers customers, dealers and the issuers of customer loyalty cards true added value. For the customers, the virtual loyalty card means that different user names and passwords are now a thing of the past. The technology is based upon the open standard for information cards that is available for almost all operating systems and browsers. Also, for example, information cards are implemented in the Windows CardSpace™ technology. CardSpace provides a reliable and secure authentication and authorization mechanism (User-Centric Identity Management), which due to its Client technology is immune to phishing attacks. The login process is significantly simplified. Dealers benefit from this as well: It raises the entry barrier, increases the utilization volume, as well as enhancing the data quality. Not only this, but the virtual loyalty card provides both dealers and identity providers with an instrument for targeted marketing measures (bonus point programs, discounts on partner sites, partner advertising, coupon promotions) that enable them to build up long-term customer and partner loyalty. The customer identification and improved customer profiles open up interesting and profitable business models within the partner network. Privacy, security - and targeted marketing! It's the holy grail, isn't it? Labels: cardspace, digitalME, user centric Wednesday, August 13, 2008
Cringe-inducing conversation UPDATEIn a story in Ars Technica Six Apart's Anil Dash is quoted as saying "...democratized identity management systems like Six Apart's own OpenID..."What the heck is that??? Do all the 'citizens' get to vote on your identity, or on their own identity, or ??????? And who in their right mind could call OpenID an "identity management system"? It's, at best, an authentication system or, even better, a signon system. But there's little management of the identities involved. And what's with the proprietorial phrase "Six Apart's own OpenID"? It's possible (but not bloody likely) that Ars Technica got it wrong. Still, I'm waiting for Six Apart to issue a correction/clarification. UPDATE: Anil is saying that Ars Technica got it wrong. That what he said was "decentralized" identity management. I'd still quibble about OpenID being called an ID Mgmt System, but at least that other wierdness appears to be cleared up. Labels: movable type, openid, six apart, user centric Sunday, August 10, 2008
"We have met the enemy..."OpenID's leading lights appear to be down on the technology, it seems. After last week's note about Dick Hardt's seemingly wistful look at OpenID ("...one wonders if the identity opportunities of OpenID have passed.") comes today's note from Scott Kveton (chair of the OpenID Foundation board). Reacting to a Randy Stross' New York Times piece highly critical of OpenID, Kveton says: "The OpenID community has identified two key issues it needs to address in 2008 that Randy mentioned in his column; security and usability."If usability is bad (and the discussions on the OpenID email discussion lists support that notion), and security is a problem - what, exactly, does it have going for it? Is it, perhaps, time for the leading lights to move on to a user-centered technology which does show promise of being an identity provider that is very usable and also quite secure? As Mr. McGuire might have said to Ben in The Graduate: Mr. McGuire: I just want to say one word to you - just one word. Or, as Eddie said to Saffie: Just put me through to Zermatt! Labels: cardspace, digital identity, Microsoft, open source, openid, SSO, user centric Friday, March 28, 2008
Cardspace context UPDATEGood post today ("No User Context Decisions in your Enterprise?") from Pam Dingle summarizing her panel at Brainshare (which I'm now sorry I missed). Cardspace and other user-centric ID schemes have a definite place in the enterprise, if only for the context-switching that Pamela outlines.UPDATE: A video of the session ( with Pam Dingle, Patrick Harding, Kim Cameron and Dale Olds) has now been posted at the Bandit Project site. We'll be exploring this same topic at the European Identity Conference when I host a panel of Dale olds (Bandit Project), Johannes Ernst (OpenID) and Robin Wilton (Liberty Alliance) called "Putting Context in Identity: User-Centric Context." It's an area that will heat up in the near future... Labels: cardspace, context, EIC, enterprise, openid, user centric Thursday, January 03, 2008
Promulgating the social graphJulian Sanchez, over at Techdirt gets it while many in the identity community - and even more who are involved in social networking - don't.Exactly! The point about relationship data is that there is a relationship. And a relationship, like a contract, has two sides (well, it could have more - but that's kinky). Both sides need to be involved in the decision to distribute the relationship data. Both sides need to agree. Unless, of course, the whole "friendship" is one way. But imaginary relationships are best had with imaginary friends... Labels: social networks, user centric Saturday, December 15, 2007
The end of 'user-centric' identity?In light of the last "tools" posting it's interesting to note that either Digital ID World's Eric Norlin recently posted their predictions for 2008 at CSO online and included this one:"User-centric’ identity protocols will stop calling themselves ‘user-centric’: This is an adoption story. ‘User-centric’ protocols will gain some actual adoption in 2008 (yes, I'm implying that they haven't yet gotten any ‘real’ adoption). In so doing, the ‘folks in the know’ in that movement will *stop* prefacing everything they say with the words ‘user-centric,’ as they realize that their protocols may have been designed with that laudable goal in mind, but the terminology is just getting in the way. Instead of describing an ideal, they'll begin describing what they *do.*"It is about time we stopped debating philosophy and started talking implementation, isn't it? Labels: DIDW, user centric Thursday, December 13, 2007
Tools are just tools, you knowI've always been impressed by Pamela Dingle's ability to cut through the rhetoric and get to the heart of a problem. She's done it again.Patrick Harding, Nishant Kaushik, Johannes Ernst and Matt Flynn recently participated in an impassioned (if not actually heated) discussion of User-Centric identity in the enterprise. Pamela chimed in with her usual level-headed approach. Then, after the guys debated philosophy, Pamela - once again - reminded them that using the tools of so-called "user centric" identity (CardSpace and OpenID, for example) doesn't require buying into any sort of philosophy of data control. They're simply tools. As she put it: "If you try to tell me that using a tool such as the Identity Metasystem to accomplish something other than a user-centric philosophy is wrong, I will also laugh at you." As I said last spring, "I’m addressing the enterprise market, which needs to pay attention to CardSpace right now." CardSpace and the identity metasystem - whether all Microsoft or using open source tools - can be a very useful tool in the enterprise, especially in an enterprise which uses a lot of home-grown applications and services. Not only for authentication (and the simplified signon possibilities), but also for authorization, role management and fine-grained entitlement control. Tools are just tools. Use the tool that does what you want at the price you're willing to pay and let others worry about the philosophical implications. Labels: user centric
© 2003-2006 The Virtual Quill, All Rights Reserved
Home
|
|