Help Phil outline Digital Identity 2nd Edition
Digital Identity 2nd Edition / Non-Person Entities
Thursday 2G
Convener: Phill Windley
Notes-taker(s): Susan Carevic
Tags for the session - technology discussed/ideas considered:
Identity, Publishing, Topics
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
Some History: Began with Steve Gillmore: Podcast on Identity – after that call, decided to do an identity workshop. Book written in 2004. Mostly focused on Enterprise Digital Identity.
Will the book be written for a different audience: Yes,
Goals:
- Place where people get an introduction to digital identity as we talk about it here. A holistic approach. Shouldn’t be a how-to book. Give people an idea of how identity fits into a larger picture.
- Audience: Org leaders, Product Managers, Engineers/Business side, Not for individual who is worried about their identity. Marketing
- How should gap be bridged between corporate and humanistic space: Expand to include product managers and developers.. What do customer’s expect
- Should it be for policy wonks? Should be useful information to them as background information.
- There are cross-cutting areas that speak to a wide audience.
- How much should the book go into the human rights side of things?
Would be great to have a book that explains how advanced concepts of these technologies work so that decisions can be made. How should we think about the involvement of the user culturally? Think of identity –in the plural. Not necessarily in the interest of the person to link them.
By defining what the problem is, product managers will come up with different solutions. Identity potential readers, and build a matrix of what would interest them. Then they could be guided on what chapters.
Underpinning of book needs to be the policies, principles, identity proofing.. that ties everything together. Why do I care? Should come out in the book. Start with principles of Fair practices.
Topics:
- Trust Frameworks\Federations: nobody understands what trust frameworks mean – call it something different.
- Architectural models
- Protocols: different roles within OAuth, needed to understand the framework. Protocol vocabulary. Diagrams of each
- Reputation: identity in the context of the sharing economy\linking to trust.
- Set of things that a service provider would expect to conduct business.
- Authentication Strength of token
- Set of information
- Anil’s framework!!
- Difference between payload and protocols – why does anyone care?
- Mediation to put in place to have less parts – what makes integration easier, what are the architectural components. Common underlying themes – how do current technologies measure up or handle them.
- Authorization/Access Control: slightly deeper then with first book.
- Also about keeping track of products, not just customers.
- Relationship/convergence of payments
- Decentralized/rootless directories and ledgers (Blockchain as example)
- Defining “attribute overreach” (-- why should my refrigerator control my garage opener.)
- Shaming – should a device be able to shame someone (publicly) – won’t necessarily know who the information has been shared with – shouldn’t this be addressed in design?
- Real world identities – identities are complex.. what makes up an identity. Sovereign source of identity vs. government identity – connects all of these pieces: societal aspect: human questions being addressed. How should technical people think about this, principles we want to espouse. How should companies be relating to their customers.
- How do company interactions with customers impact the company:
- Brands issue identities about their customers: consumer isn’t involved in the issuance of the identity: Brands: stitch identities together to sell more. Don’t listen to what kind of a relationship that sets up.
- Revenue extraction
- 360 view: relationship maintenance
- Most not very “bright” with the math/algebra. Short focused.
- Brands issue identities about their customers: consumer isn’t involved in the issuance of the identity: Brands: stitch identities together to sell more. Don’t listen to what kind of a relationship that sets up.
- How do company interactions with customers impact the company: