I was just responding to a friend's question about using biometrics, and I realized that one good way of looking at certain class of identifiers is as negative authenticators...
In a separate blog entry ( http://blog.onghome.com/2003/12/problems-with-biometrics.htm ), I pontificate on why biometrics should not be used as authenticators.
At...
Access Agents
Access agents, which are a form of personal directories, are required to solve multiple problems in digital identity. Access agents should perform the user-centric, end-point management of user-id/password pairs, personal private keys, OTP (on-time pas...
The Turing Event
A few (10~15) years from now, I will get a phone call from my friend's assistant requesting that since we have not touch bases in a while, that we should meet up over dinner. I think it's a good idea, pull out my PDA/calendar, and start working a meeti...
At the Core of Authentication
Authentication is the process of an entity proving it's identity to a system, typically to get access to certain resources managed by the system.The industry typically talks about authentication in terms of: o what you know o ...
Anonymity – A Binary Switch?
There's been a slew of postings on the topic of anonymity, so I thought I'd jott down a few of my thoughts too... and collect the links here.Key Points:Norlin’s Maxim: Your personal data is shifting from private to public. What becomes public stays p...
OpenSSO Available
Noted. I was browsing through Pat Patterson's blog and noticed his posting on the release of OpenSSO. OpenSSO source code, released on August 17, 2006, is now available at https://opensso.dev.java.net/public/use/.The cost of deploying backend-based SSO...
Recent Articles of Interest
Noted. Haven't had much time to write my own thoughts ... so here are a few of the more interesting articles I've read over the last few months:The identity silo paradox. Eric Norlin points out the reality that the organizations that have the large ide...
Much Ado About Nothing?
Been busy. Six months without a post ... thought I'd better either shut the blog down, or start posting again. I decided in favor of the latter. And it just so happens that there is interesting stuff to post about..."51% oppose NSA database" was USA To...
What Must Happen
The future of digital identity is set in the context of the evolution of digital systems. This article might be a bit off topic (in that it is not specifically about digital identity), but I think it's important for us to consider the bigger context of...
If a Tree Falls …
Johannes' post on Phil Windley puts his finger on why defining "Digital Identity" is hard asserts that an identity is more than a set of claims.If there is an entity, and there are no claims made about it, does it still have an identity?If a tree falls...
Identity or Persona?
I recently posted to the idworkshop list some thoughts on the terms Identity vs Persona. But I've just noticed a strong bias expressed by two bloggers whose opinions I respect: Timothy Grayson and Dave Kearns.Both have been very clear in their statemen...
Stupid Users?!
Valerie Steeves has just posted an article about he observations at the World Summit on the Information Society meeting on cybersecurity. She expressed concern about how a certain European delegate said, "It’s the stupid users. If we could just get t...
