Difference between revisions of "IIW 29 Proposed Topics"

From IIW
Jump to: navigation, search
 
(10 intermediate revisions by the same user not shown)
Line 12: Line 12:
 
* Implementation of open source verifiable credentials manager
 
* Implementation of open source verifiable credentials manager
 
* Digital identity for refugees
 
* Digital identity for refugees
 
+
* FastFed demo
 +
* "Identity federation in R&E Strong AuthN"
 +
* Federated Identity in Higher Education and Research
 +
* Privacy, social networks, trade-offs
 +
* Self-Sovereign Identity
 +
* DIDs, DID Resolution, DID Registration
 +
* "Real-time fraud/abuse/security systems in identity.
 +
* What is an identity professional? How do we become one? What about an identity ""citizen""?" verifiable credentials
 +
* "Blockchain and Identity Governance Trust Assurance/Audit"
 +
* PKI Operations
 +
* "1- where does the actual data/content reside? 2- how does revocation truly delete data ala DRM?"
 +
* Personal Identity, Spirituality, Abundance and Scarcity Mindset, and its influence on IT/peer-to-peer and IT/peer-to-peer's influence on it.
 +
* interoperability
 +
* Happy to present discussions as it relates to Clarity / Blockstack's smart contracts, etc.
 +
* Interoperability within SSI, use cases and adoption
 +
* Personal Agents and Storage "Hubs"
 +
* DID
 +
* Hyperledger Aries, biometrics
 +
* It's my first time coming, and I'll start by listening and contributing to others' discussions.
 +
* Decentralized Identity
 +
* Workday's Credentialing Platform
 +
* Privacy / anonymity for vulnerable populations
 +
* 100% Password Free Authentication
 +
* Federated provisioning & authorization
 +
* First time attending so I'm planning to participate but not present or lead.
 +
* OpenID RISC & CAEP
 +
* They will come out of rebooting so not set yet
 +
* OpenID Logout, OpenID Federation, OpenID Certification, Verified Claims
 +
* Portable Identity, IDV, Biometrics
 +
*proposed additions/changes/interpretations to DIF and w3c specs around verifiable credentials, DIDs, and ID Hubs.
 +
* PICOs
 +
* SSI and supply chain applications
 +
* Object and Organizational Identifiers
 +
* What's next for Token Binding?
 +
* Decentralized Identity
 +
* Mobile live computation exchange under the model of object-capability security and why identity is at best a third-order concern.
 +
* CAEP, WebAuthn
 +
* I am rather new to the digital identity space (~ 3 weeks) and looked at the space in a very broad fashion so far. I am interested in discussions on SSI in corporate context and how behavior based identity can fit together with SSI (e.g.user entity behavior analytics (UEBA)).
 +
* None! Looking forward to hearing more from everyone.
 +
* CAEP, Adaptive Authentication, strong MFA
 +
* HTTP request signing; resource access authorization
 +
* "EKYC and UX  EKYC in undeveloped countries"
 +
* DID authentication, VC claim formats and presentation protocols.
 +
* Kiva Protocol, blockchain + biometric id + credit bureau
 +
* Deepfakes and the need for standards to better understand content sources
 +
* retrofitting OIDC authentication to existing web applications
 +
* Interoperability within Aries
 +
* Equifax and Identity AMAA
 +
* "Can we explain identity and credentials without using the same words for different things?  (can we agree on a diagram, or maybe a skit?)
 +
Process of discovering truth (continued)"
 +
* I'm still new and will be in learning mode.
 +
* An OpenID Connect profile for consumer healthcare.
 +
* Creating an ""Identity CoOp"""
 +
* Sovrin, SSI, Telecommunication, Call Center, Customer Service
 +
* trust level frameworks,
 +
* BYOCC (Build your own connectionless challenge),
 +
* callback URL's for connectinless,
 +
* Schema ID reppos"
 +
* Use case of SSI in rental management
 +
* Decentralized Identity
 +
* "Lean Startup Principles for SSI Autonomous Lending (powered by SSI)"
 +
* Trust Framework, OpenID Connect, 5G
 +
* Women in Identity!
  
  
Line 28: Line 90:
 
* Verifiable credentials in production governance models and revenue models for digital identity
 
* Verifiable credentials in production governance models and revenue models for digital identity
 
*DIDs, FIDO, WebAuthn, authentication,
 
*DIDs, FIDO, WebAuthn, authentication,
 +
* CAEP, FastFed, Oauth.xyz
 +
* "user-centric / deventralized beyond the hype OIDC"
 +
* Decentralized Identity, Oauth OpenIDConnect
 +
* "OAuth/OIDC International Perspectives Perspectives on Commercial Service Providers and Identity Management"
 +
* Current efforts, the state of the art, trade-offs, usability.
 +
*Current initiatives, SSI
 +
* I want to learn more about the legal/regulatory framework we would need to build to accomodate new forms of digital credentials and create a digital identity ecosystem
 +
*CAEP
 +
*eKYC and
 +
*"How people are currently building real-time fraud/abuse/security systems in identity.
 +
* Updates/status on OIDC and secevent specs.
 +
* Update on state of decentralized identity and responses to regulatory pressures." enterprise adoption of VCs
 +
* Advances in SSI and Verifiable Credentials
 +
* "1- where does the actual data/content reside? 2- how does revocation truly delete data ala DRM?"
 +
* Verifiable Credentials
 +
* next steps on interoperability
 +
* DIDs, wallets, DKMS, messaging
 +
* Maturity of SSI products for use by individuals and corporations.
 +
* How to accelerate adoption of SSI, backups/restore, DKMS, DID Documents, Liability, ZKP's
 +
* Bringing decentralized identity to market.
 +
* SSI and credential verification. Portability. How does this fit in from an organizational view.
 +
* Hyperledger Aries, biometrics
 +
* I'm interested in decentralized identity, trade-offs between financial inclusion and financial regulation, moving past state-based identity into global and self-sovereign ones, and interoperability of identity technologies.
 +
* Latest on CAEP, Consent Receipts, and digital identity
 +
* FIDO, Biometrics, Continuous Authentication, Practical Utility of Assurance Levels, BYOID / Self-Sovereign ID, emergent protocols, identity futures
 +
* Oauth.xyz
 +
* Self-sovereign identity, decentralized identities, hyper ledger.
 +
* Trends in online identity and biometrics
 +
* More on decentralized architecture and the need of decentralized identity
 +
* OIDC, OAuth2.0, Implicit flow, token delegation
 +
* Self-Sovereign Identity, Identity use cases
 +
* Latest updates from community on Decentralized Identity. Standards, implementations, real-world use-cases.
 +
* Industry adoption of newer user-centric innovations, are regulations for privacy and user consent impacting.
 +
* Decentralized Identity
 +
* XDI
 +
* SSI and privacy
 +
* Evolution of VC and SSI
 +
* Hyperledger Aries, rich schemas
 +
* Intersection of supply chain identifications and VC/DID
 +
* Me2B
 +
* What's next for Token Binding?
 +
* The interactions between capability and identity.
 +
* Standards for sharing data from your digital identity
 +
* SSI in general, current state. Behavior based identity attributes (UEBA). Currently, driving forces in identity space.
 +
* Understanding more about the work going on and various applications being used
 +
* "Blockchain Relationships; Using various scopes; Encryption/Decryption; The latest best practices for identifying who you are"
 +
* Decentralized identity.
 +
* "1. Identity Management at Scale - Problems encountered and learnings - FIDO - Conceptual overview - Business value quantification"
 +
* all about SSI
 +
* Justin Richer's XYZ project
 +
* All things DID
 +
* identity and AI, identity for devices and verified identity
 +
* Advances in banking security, Distributed identity
 +
* Other community efforts and progress as it relates to work in decentralized identity
 +
* Decentralized identity
 +
* "hands-on workshop building something with verifiable credentials or self-sovereign identity
 +
* crypto and climate change: what proof-of-work options do least harm to the planet?"
 +
* learning about use cases in the enterprise.
 +
* The verified_person_data claim and its profile for the US based on NIST SP 800-63-3 (Digitial Identity Guidelines)
 +
* Wallet, credentials, DIDs, IOT, and the Identity of Things
 +
* How we can use SSI to improve our use case and help solve some of the technical challenges we may face.
 +
* what the community is working on, and how the space has developed since last IIW
 +
* Interoperability and end user adoption
 +
* Decentralized Identity
 +
* Privacy, Security, Digital literacy (recognize and piece the information bubble)
 +
* Integration between DIDs and OpenID Connect, implementations of agents and hubs, demos of working solutions
 +
* Listen to the smart and bright minds of IIW participants.
 +
* Networking
 +
* ssi, blockchain-oriented initiatives, cool new demos
  
  
Line 41: Line 172:
 
*Where are we seeing adoption? Where is it important to see adoption? How do we measure economic costs saved? How can we move identity out of the difficult-to-sell IT security labeling?
 
*Where are we seeing adoption? Where is it important to see adoption? How do we measure economic costs saved? How can we move identity out of the difficult-to-sell IT security labeling?
 
*What is the incentive for users to use user-centric identity. Do people really want it? especially in the developed world where majority of the people are oblivious to privacy
 
*What is the incentive for users to use user-centric identity. Do people really want it? especially in the developed world where majority of the people are oblivious to privacy
 +
* How about assurance?
 +
* Privacy Preservation and Consent in the face of GDPR
 +
* How do we accelerate adoption of open approaches before people are suckered into giving up even more of their identity to surveillance-oriented implementations?
 +
* Biometrics
 +
* What is the roadmap to getting mass adoption? What are the blockers? How to we address inefficiency breeding job security?
 +
* How POCs are going
 +
* continued discussion on rubrics
 +
* Tying SSI credentials to digital wallets with robust device and cloud protection, along with backup/restore.
 +
* Liability, adoption, SSI standards
 +
* What kinds of platforms do we really need?
 +
* Scaling to an Enterprise. Dealing with Legacy. Talking about impacts on B2E, B2B, and B2C.
 +
* How can we view everything from an identity perspective and get away frmo the B2E, B2B, and B2C lingo?
 +
* how can we use technology / identity for underrepresented groups in ways that are accessible to them?
 +
* How do we get decentralized identity to the marginalised people. Those who dont have specced up phones.
 +
* What constitutes a basic profile - what should be store where.
 +
* Continued adoption and improved interoperability
 +
* Interoperability, open solutions versus proprietary, self-sovereign vs government issued digital IDs
 +
* user experience
 +
* Organizational Identity
 +
* ethical and transparent use of personal data by technology vendors
 +
* Why the obsession with identity when capability is far more useful and versatile?
 +
* "How can users remain in control?
 +
* How can users securely share their data?
 +
* How can a users identity be portable and usable anywhere?"
 +
* How can behavior based identity attributes fit to the vision of SSI. E.g. currently behavior profiles are created by companies (such as amazon recommendations). Can these profiles move from the control of the company back to the user and be part of their identity?
 +
* How to form decentralized networks of identity verification that remain anonymous and unbiased.
 +
* UMA, Is the user aware of the choices they are making and it's implications, How organizations treat different identities (social, employee, contractor)
 +
* How do we move beyond bearer tokens, given the death of TLS Token Binding?
 +
* What are the best practices for identifying people who don't own the devices they interact with? What can be done to ensure that their data is handled responsibly?
 +
* What has worked and what has not? Where is this going? What is still needed??
 +
* Doing emergency revoke on user sessions due to lost or stolen mobile devices
 +
* End-to-end open standards. Data Standards.
 +
* What use cases are being adopted
 +
* Whats with all the BC BS?
 +
* onboarding, meta wallets, IAM
 +
* How to we get the general public to understand and adopt SSI
 +
* Managing user consent, providing data storage and sharing as a public utility, integrating DIDs with legacy centralized technology
 +
* The practicality and human behavior that will dictate what user's will adopt.

Latest revision as of 14:24, 24 September 2019

Register here for IIW 29: https://iiw29.eventbrite.com

What topics are you planning to present about or lead a discussion about at this IIW?

  • "OpenID Connect for Identity Assurance
  • OAuth Security"
  • Multilateral federation and privacy
  • KERI Key Event Receipt Infrastructure for DKMI. Distributed Consensus. SeedQuest. Didery
  • Personal identity management solutions; factors that influence people's adoption of personally identifiable information.
  • Exploring the Intersection of Digital Presence and Human Nature/Politics. Digital Aikido - the art of maintaining balance in the midst of influential human/digital forces.
  • "- SSI Accreditation - SSI Project with Maryland"
  • Creating of an anonymous, unique and global identity.
  • Implementation of open source verifiable credentials manager
  • Digital identity for refugees
  • FastFed demo
  • "Identity federation in R&E Strong AuthN"
  • Federated Identity in Higher Education and Research
  • Privacy, social networks, trade-offs
  • Self-Sovereign Identity
  • DIDs, DID Resolution, DID Registration
  • "Real-time fraud/abuse/security systems in identity.
  • What is an identity professional? How do we become one? What about an identity ""citizen""?" verifiable credentials
  • "Blockchain and Identity Governance Trust Assurance/Audit"
  • PKI Operations
  • "1- where does the actual data/content reside? 2- how does revocation truly delete data ala DRM?"
  • Personal Identity, Spirituality, Abundance and Scarcity Mindset, and its influence on IT/peer-to-peer and IT/peer-to-peer's influence on it.
  • interoperability
  • Happy to present discussions as it relates to Clarity / Blockstack's smart contracts, etc.
  • Interoperability within SSI, use cases and adoption
  • Personal Agents and Storage "Hubs"
  • DID
  • Hyperledger Aries, biometrics
  • It's my first time coming, and I'll start by listening and contributing to others' discussions.
  • Decentralized Identity
  • Workday's Credentialing Platform
  • Privacy / anonymity for vulnerable populations
  • 100% Password Free Authentication
  • Federated provisioning & authorization
  • First time attending so I'm planning to participate but not present or lead.
  • OpenID RISC & CAEP
  • They will come out of rebooting so not set yet
  • OpenID Logout, OpenID Federation, OpenID Certification, Verified Claims
  • Portable Identity, IDV, Biometrics
  • proposed additions/changes/interpretations to DIF and w3c specs around verifiable credentials, DIDs, and ID Hubs.
  • PICOs
  • SSI and supply chain applications
  • Object and Organizational Identifiers
  • What's next for Token Binding?
  • Decentralized Identity
  • Mobile live computation exchange under the model of object-capability security and why identity is at best a third-order concern.
  • CAEP, WebAuthn
  • I am rather new to the digital identity space (~ 3 weeks) and looked at the space in a very broad fashion so far. I am interested in discussions on SSI in corporate context and how behavior based identity can fit together with SSI (e.g.user entity behavior analytics (UEBA)).
  • None! Looking forward to hearing more from everyone.
  • CAEP, Adaptive Authentication, strong MFA
  • HTTP request signing; resource access authorization
  • "EKYC and UX EKYC in undeveloped countries"
  • DID authentication, VC claim formats and presentation protocols.
  • Kiva Protocol, blockchain + biometric id + credit bureau
  • Deepfakes and the need for standards to better understand content sources
  • retrofitting OIDC authentication to existing web applications
  • Interoperability within Aries
  • Equifax and Identity AMAA
  • "Can we explain identity and credentials without using the same words for different things? (can we agree on a diagram, or maybe a skit?)

Process of discovering truth (continued)"

  • I'm still new and will be in learning mode.
  • An OpenID Connect profile for consumer healthcare.
  • Creating an ""Identity CoOp"""
  • Sovrin, SSI, Telecommunication, Call Center, Customer Service
  • trust level frameworks,
  • BYOCC (Build your own connectionless challenge),
  • callback URL's for connectinless,
  • Schema ID reppos"
  • Use case of SSI in rental management
  • Decentralized Identity
  • "Lean Startup Principles for SSI Autonomous Lending (powered by SSI)"
  • Trust Framework, OpenID Connect, 5G
  • Women in Identity!


What are you hoping to learn about or hear a presentation about at IIW?

  • OpenID Connect, current status of SSID normalization / standardization efforts, trust models in SSID.
  • Future of decentralized identity network; next generation PIMS services
  • How the community's effort in design spec and standards may be best able to consider the digital citizen and vice versa.
  • Risk Based authentication Account Recovery Continuous Authentication FIDO1&2
  • "Blockchain-based Identity, Biometrics, Identity Verification for Internet Payments, Identity Verification for Internet Payment,
  • Cryptographic Credentials, IoT & Data Liberation & Portability"
  • Pairwise / P2P Communications, Off-ledger activities
  • Verifiable claims, rebooting web of trust, user-centric identity in the distributed social network, digital contracts in the modern identity ecosystem
  • Self-sovereign identity"-
  • Digital Wallets - Organizational Wallets"
  • Verifiable credentials in production governance models and revenue models for digital identity
  • DIDs, FIDO, WebAuthn, authentication,
  • CAEP, FastFed, Oauth.xyz
  • "user-centric / deventralized beyond the hype OIDC"
  • Decentralized Identity, Oauth OpenIDConnect
  • "OAuth/OIDC International Perspectives Perspectives on Commercial Service Providers and Identity Management"
  • Current efforts, the state of the art, trade-offs, usability.
  • Current initiatives, SSI
  • I want to learn more about the legal/regulatory framework we would need to build to accomodate new forms of digital credentials and create a digital identity ecosystem
  • CAEP
  • eKYC and
  • "How people are currently building real-time fraud/abuse/security systems in identity.
  • Updates/status on OIDC and secevent specs.
  • Update on state of decentralized identity and responses to regulatory pressures." enterprise adoption of VCs
  • Advances in SSI and Verifiable Credentials
  • "1- where does the actual data/content reside? 2- how does revocation truly delete data ala DRM?"
  • Verifiable Credentials
  • next steps on interoperability
  • DIDs, wallets, DKMS, messaging
  • Maturity of SSI products for use by individuals and corporations.
  • How to accelerate adoption of SSI, backups/restore, DKMS, DID Documents, Liability, ZKP's
  • Bringing decentralized identity to market.
  • SSI and credential verification. Portability. How does this fit in from an organizational view.
  • Hyperledger Aries, biometrics
  • I'm interested in decentralized identity, trade-offs between financial inclusion and financial regulation, moving past state-based identity into global and self-sovereign ones, and interoperability of identity technologies.
  • Latest on CAEP, Consent Receipts, and digital identity
  • FIDO, Biometrics, Continuous Authentication, Practical Utility of Assurance Levels, BYOID / Self-Sovereign ID, emergent protocols, identity futures
  • Oauth.xyz
  • Self-sovereign identity, decentralized identities, hyper ledger.
  • Trends in online identity and biometrics
  • More on decentralized architecture and the need of decentralized identity
  • OIDC, OAuth2.0, Implicit flow, token delegation
  • Self-Sovereign Identity, Identity use cases
  • Latest updates from community on Decentralized Identity. Standards, implementations, real-world use-cases.
  • Industry adoption of newer user-centric innovations, are regulations for privacy and user consent impacting.
  • Decentralized Identity
  • XDI
  • SSI and privacy
  • Evolution of VC and SSI
  • Hyperledger Aries, rich schemas
  • Intersection of supply chain identifications and VC/DID
  • Me2B
  • What's next for Token Binding?
  • The interactions between capability and identity.
  • Standards for sharing data from your digital identity
  • SSI in general, current state. Behavior based identity attributes (UEBA). Currently, driving forces in identity space.
  • Understanding more about the work going on and various applications being used
  • "Blockchain Relationships; Using various scopes; Encryption/Decryption; The latest best practices for identifying who you are"
  • Decentralized identity.
  • "1. Identity Management at Scale - Problems encountered and learnings - FIDO - Conceptual overview - Business value quantification"
  • all about SSI
  • Justin Richer's XYZ project
  • All things DID
  • identity and AI, identity for devices and verified identity
  • Advances in banking security, Distributed identity
  • Other community efforts and progress as it relates to work in decentralized identity
  • Decentralized identity
  • "hands-on workshop building something with verifiable credentials or self-sovereign identity
  • crypto and climate change: what proof-of-work options do least harm to the planet?"
  • learning about use cases in the enterprise.
  • The verified_person_data claim and its profile for the US based on NIST SP 800-63-3 (Digitial Identity Guidelines)
  • Wallet, credentials, DIDs, IOT, and the Identity of Things
  • How we can use SSI to improve our use case and help solve some of the technical challenges we may face.
  • what the community is working on, and how the space has developed since last IIW
  • Interoperability and end user adoption
  • Decentralized Identity
  • Privacy, Security, Digital literacy (recognize and piece the information bubble)
  • Integration between DIDs and OpenID Connect, implementations of agents and hubs, demos of working solutions
  • Listen to the smart and bright minds of IIW participants.
  • Networking
  • ssi, blockchain-oriented initiatives, cool new demos


What are the critical questions about user-centric identity and data you hope to discuss with peers at IIW?

  • How can we better bring language and understanding to the user level so we have coherent and confident digital citizens.
  • What are some unique ways to reduce the trackable "digital exhaust" that is made available to data brokers / trackers?
  • "How can user-centric identity best co-exist with distributed autonomous agents?
  • What kind of distributed social network features are needed to support the envisioned modern identity ecosystem?
  • Where do current and emerging identity standards fit in with user-centric digital ownership, digital asset transfer, and bi-directional digital contracts?"
  • How to adopt low-tech people/organization to use SSI.
  • Anonymity, privacy, decentralization, identity uniqueness, Sybil protection, selling identity issue and etc.
  • Where are we seeing adoption? Where is it important to see adoption? How do we measure economic costs saved? How can we move identity out of the difficult-to-sell IT security labeling?
  • What is the incentive for users to use user-centric identity. Do people really want it? especially in the developed world where majority of the people are oblivious to privacy
  • How about assurance?
  • Privacy Preservation and Consent in the face of GDPR
  • How do we accelerate adoption of open approaches before people are suckered into giving up even more of their identity to surveillance-oriented implementations?
  • Biometrics
  • What is the roadmap to getting mass adoption? What are the blockers? How to we address inefficiency breeding job security?
  • How POCs are going
  • continued discussion on rubrics
  • Tying SSI credentials to digital wallets with robust device and cloud protection, along with backup/restore.
  • Liability, adoption, SSI standards
  • What kinds of platforms do we really need?
  • Scaling to an Enterprise. Dealing with Legacy. Talking about impacts on B2E, B2B, and B2C.
  • How can we view everything from an identity perspective and get away frmo the B2E, B2B, and B2C lingo?
  • how can we use technology / identity for underrepresented groups in ways that are accessible to them?
  • How do we get decentralized identity to the marginalised people. Those who dont have specced up phones.
  • What constitutes a basic profile - what should be store where.
  • Continued adoption and improved interoperability
  • Interoperability, open solutions versus proprietary, self-sovereign vs government issued digital IDs
  • user experience
  • Organizational Identity
  • ethical and transparent use of personal data by technology vendors
  • Why the obsession with identity when capability is far more useful and versatile?
  • "How can users remain in control?
  • How can users securely share their data?
  • How can a users identity be portable and usable anywhere?"
  • How can behavior based identity attributes fit to the vision of SSI. E.g. currently behavior profiles are created by companies (such as amazon recommendations). Can these profiles move from the control of the company back to the user and be part of their identity?
  • How to form decentralized networks of identity verification that remain anonymous and unbiased.
  • UMA, Is the user aware of the choices they are making and it's implications, How organizations treat different identities (social, employee, contractor)
  • How do we move beyond bearer tokens, given the death of TLS Token Binding?
  • What are the best practices for identifying people who don't own the devices they interact with? What can be done to ensure that their data is handled responsibly?
  • What has worked and what has not? Where is this going? What is still needed??
  • Doing emergency revoke on user sessions due to lost or stolen mobile devices
  • End-to-end open standards. Data Standards.
  • What use cases are being adopted
  • Whats with all the BC BS?
  • onboarding, meta wallets, IAM
  • How to we get the general public to understand and adopt SSI
  • Managing user consent, providing data storage and sharing as a public utility, integrating DIDs with legacy centralized technology
  • The practicality and human behavior that will dictate what user's will adopt.