« Digital ID World, Trusted Computing, Foundation of Identity | Main | The Hottest Spot North Of Havana »
Wednesday
Oct152003

Digital ID World, Digital Identity Primer

DateWednesday, October 15, 2003 at 2:53PM

Phil Windley


Phil's useful talk focused on explaining the emerging standards for identity infrastructure, using examples like booking a flight and concurrently renting a car online, or setting up an ecommerce site online that also has a credit card processing facility. The identity standards that will enable these kinds of arms length transactions involving customers and one or more companies are XML signatures, XML encryption, SAML and SPML.

The final standard Phil discussed is XACML, which is more suited for internal use, and really more of a programming language. Phil discussed how organizational policies are communicated from top down, usually beginning with a Word document that can either get discarded or not translated to code and operations that are uniformly deployed to a company's servers. "Policies are a nice exercise that keep CIOs fully employed." XACML strives to solve this problem. The translation need only be done once, and enables uniform updates in a streamlined manner.

"Federation" involves single sign-on between/across organizations (e.g., book a flight, rent a car), and encompasses issues beyond just the technological standards: policies, legal issues, etc. Sun was right: "The network is the computer." Some examples of the different kinds of efforts in this area include Liberty Alliance and Microsoft Passport (now built into .NET, and, in Phil's estimation, Microsoft's effort to dominate this area the way it has dominated the OS and business apps).

At this point, Cory Doctorow raised what may be the question of the conference: are these emerging standards all latent SCOs? Nobody is making representations about not suing over incorporation and re-use of the intellectual property involved in these standards. It makes sense to deal with these issues on the front end, rather than building infrastructure out of ideas that might be proprietary, or in any event claimed as proprietary further down the road. Cory: "We didn't build infrastructure out of GIFs [referring to the Unisys flap]; we're talking about building infrastructures out of XACML."

[...]

Phil's concluding thought: Security is something that happens when you have a good digital identity management strategy, but is not the focus.

CommentPost a Comment

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.