Identity and Privacy in Security

As I reread my post on the problems with RFID passports (http://blog.onghome.com/2005/04/sanity-around-rfid-passports.htm), it occurred to me that there is a more fundamental observation that needs to be made here...

When designing security systems based on strong authentication and identities, privacy is an important dimension to consider. The US State Department thought we could have better security by introducing strong(er) digital identities in passport via RFID tags. They forgot (or didn't realize) that without privacy considerations, the strong identity could be used, perhaps lethally, against the identity owner.

This reinforces my belief in the importance of privacy (and the works of individuals like Stefan Brands) to ensure the digital identity systems we build are actually usable.

Identity and Privacy in Security

As I reread my post on the problems with RFID passports (http://blog.onghome.com/2005/04/sanity-around-rfid-passports.htm), it occurred to me that there is a more fundamental observation that needs to be made here...

When designing security systems based on strong authentication and identities, privacy is an important dimension to consider. The US State Department thought we could have better security by introducing strong(er) digital identities in passport via RFID tags. They forgot (or didn't realize) that without privacy considerations, the strong identity could be used, perhaps lethally, against the identity owner.

This reinforces my belief in the importance of privacy (and the works of individuals like Stefan Brands) to ensure the digital identity systems we build are actually usable.

InfoCard is Not the Identity Metasystem

Noted. Just been catching up on the chatter on InfoCard.

Most notable is the point that Johannes Ernst, Doc Searls and Dave Kearns are making that Microsoft's InfoCard is not the identity metasystem. At best, it is a component of the metasystem.

o Johannes Ernst, More on the relationship between InfoCard and the Identity Metasystem.
o Doc Searls, Distinguishing between the Identity Metasystem and InfoCard.
o Dave Kearns, Identity metamagic.
o Johannes Ernst, What might an "Identity Meta-System" be?.
o Doc Searls, Some questions about the Identity Metasystem.

See Also
o P.T. Ong, More on InfoCards.

InfoCard is Not the Identity Metasystem

Noted. Just been catching up on the chatter on InfoCard.

Most notable is the point that Johannes Ernst, Doc Searls and Dave Kearns are making that Microsoft's InfoCard is not the identity metasystem. At best, it is a component of the metasystem.

o Johannes Ernst, More on the relationship between InfoCard and the Identity Metasystem.
o Doc Searls, Distinguishing between the Identity Metasystem and InfoCard.
o Dave Kearns, Identity metamagic.
o Johannes Ernst, What might an "Identity Meta-System" be?.
o Doc Searls, Some questions about the Identity Metasystem.

See Also
o P.T. Ong, More on InfoCards.

Long-Lived Software

Been busy with work. Still am... but I did have some time to do some reading and thinking about the nature of systems we build.

To date, most of the software we build do not last very long. Heck, most movies have longer lifespans than most software. The people at the Long Now (www.longnow.com) suggest that we should think about the long term impact of the systems and constructs that we create. The net is here to stay, and because the shorter-term thinking of the builders of parts of the net (e.g. IP address spaces), we are stuck with significant limitations.

Dan Bricklin has written about long-term engineering as it applies to software (http://www.bricklin.com/200yearsoftware.htm, http://www.planetpdf.com/forumarchive/6.03.200YearSoftware.pdf). Bricklin emphasizes fact that the structure and culture of a typical prepackaged software company is not attuned to the needs of societal infrastructure software. He proposes that software engineers should learn from civil engineering.

As we embark on designing what could be the future of a permanent fixture in cyberspace -- the identity infrastructure -- we should be cognizant of the long-term impact of our actions and designs.

Long-Lived Software

Been busy with work. Still am... but I did have some time to do some reading and thinking about the nature of systems we build.

To date, most of the software we build do not last very long. Heck, most movies have longer lifespans than most software. The people at the Long Now (www.longnow.com) suggest that we should think about the long term impact of the systems and constructs that we create. The net is here to stay, and because the shorter-term thinking of the builders of parts of the net (e.g. IP address spaces), we are stuck with significant limitations.

Dan Bricklin has written about long-term engineering as it applies to software (http://www.bricklin.com/200yearsoftware.htm, http://www.planetpdf.com/forumarchive/6.03.200YearSoftware.pdf). Bricklin emphasizes fact that the structure and culture of a typical prepackaged software company is not attuned to the needs of societal infrastructure software. He proposes that software engineers should learn from civil engineering.

As we embark on designing what could be the future of a permanent fixture in cyberspace -- the identity infrastructure -- we should be cognizant of the long-term impact of our actions and designs.

One Level of Indirection

A claim I heard a while ago is that every problem in computer science can be solved by adding a level of indirection.

Upon a closer reading of Stephen DownesAuthentication and Identification, I realized he gets into a bit of a spot with his approach, and has to redefine what most of us would accept as authentication to self-identification...
It is common at this juncture to confuse an identity claim with authentication. For example, the presentation of a bank card (a token) to a bank machine, combined with an assertion (the keying of a PIN), is often taken to constitute a type of authentication. However, it is not; it is nothing more than the claim to be a certain person.
Many of us would rather refer to the above process as the authentication of the account holder’s identity to the bank machine with a bank card (what you have) and the PIN (what you know), as opposed to self-identification of the account holder to the bank machine.

Because Downes does not separate an entity from its identity (or identities), authenticating an identity is equivalent to self-identification of an entity. So, to Downes, if you authenticate an identity (or self-identify, in his terminology), you lose any control and privacy—hence the need to (somewhat awkwardly) differentiate self-identification from authentication. The point I made in an earlier post (Strong Identities Can Be Anonymous) is that an entity does not have to be bound to its identity. This level of indirection allows for anonymous identities, and addresses most of the privacy and control concerns Downes raises in his article.

Update (November 12, 2007)
Joe Long tells me it was Jim Grey who said that any programming problem can be solved by adding one level of indirection and that any performance problem can be solved by removing one level of indirection. (I should do some research on this.)

One Level of Indirection

A claim I heard a while ago is that every problem in computer science can be solved by adding a level of indirection.

Upon a closer reading of Stephen DownesAuthentication and Identification, I realized he gets into a bit of a spot with his approach, and has to redefine what most of us would accept as authentication to self-identification...
It is common at this juncture to confuse an identity claim with authentication. For example, the presentation of a bank card (a token) to a bank machine, combined with an assertion (the keying of a PIN), is often taken to constitute a type of authentication. However, it is not; it is nothing more than the claim to be a certain person.
Many of us would rather refer to the above process as the authentication of the account holder’s identity to the bank machine with a bank card (what you have) and the PIN (what you know), as opposed to self-identification of the account holder to the bank machine.

Because Downes does not separate an entity from its identity (or identities), authenticating an identity is equivalent to self-identification of an entity. So, to Downes, if you authenticate an identity (or self-identify, in his terminology), you lose any control and privacy—hence the need to (somewhat awkwardly) differentiate self-identification from authentication. The point I made in an earlier post (Strong Identities Can Be Anonymous) is that an entity does not have to be bound to its identity. This level of indirection allows for anonymous identities, and addresses most of the privacy and control concerns Downes raises in his article.

Update (November 12, 2007)
Joe Long tells me it was Jim Grey who said that any programming problem can be solved by adding one level of indirection and that any performance problem can be solved by removing one level of indirection. (I should do some research on this.)

The Life and Limb Problem

I had earlier written about the three problems with using biometrics as authenticators:
  • The Technology Problem
  • The Social Acceptability Problem
  • The Clonability Problem
I'm adding one more:
  • The Life and Limb Problem
This problem with biometrics became clear to me with a report by Jonathan Kent, Malaysia car thieves steal finger, on the BBC News. The problem with some (not all) biometric metrics is that we are measuring some aspect of a body part that is not (painlessly) detachable from the rest of the body. When identity theft is to be commited on systems with biometric locks, physical violence is a very real and possibly easiest option for the criminals.

The Life and Limb Problem

I had earlier written about the three problems with using biometrics as authenticators:
  • The Technology Problem
  • The Social Acceptability Problem
  • The Clonability Problem
I'm adding one more:
  • The Life and Limb Problem
This problem with biometrics became clear to me with a report by Jonathan Kent, Malaysia car thieves steal finger, on the BBC News. The problem with some (not all) biometric metrics is that we are measuring some aspect of a body part that is not (painlessly) detachable from the rest of the body. When identity theft is to be commited on systems with biometric locks, physical violence is a very real and possibly easiest option for the criminals.

Why I’m Passionate About Digital Identity

I drafted this piece a while ago in response to Johannes Ernst’s post Where have all the visionaries gone?. Initially, I thought it was a bit over-the-top for this blog; but upon reflection, touchy-feely might be just what we need...

The future I see is a world of real choices. Every possible “thing” can be connected to every other “thing”. Things organize to help us live more simply, if we choose. Or we can choose to observe the full complexities of a fully wireless, connected world that we can barely imaging today. Just like the forest – we can see it as an elegant entity, or a very complex ecosystem.

But yet we maintain a level of privacy greater than most of us know today. (None of these blunt identity devices like RFID’s in passports.)

The descendants of AI agents (that we used to tinker with in grad schools) help us to manage just about every aspect of our lives from our calendars, to our groceries, to our health, to our social lives... if we choose. And these are our agents, if we choose – or perhaps Google might provide them to us in exchange for being able to study our habits – and again, it is our choice.

Things that are potentially criminal cannot be carried out with anonymous identity, so crime is low. Things that are harmless to others can be carried out with full anonymity. (Yes, I realize the interesting debates, as always, will be around what should be criminal.)

My ideal future fuses the utopia of security, privacy, and choice. As a society, the trade-offs we make between security and freedom are real ones, not Hobson’s choices; and as individuals, we have the freedom to choose which society we want to live in.

The required work week is tending towards zero (because machines keep improving productivity), but we soldier on because we have hopes that go beyond survival and our current state of existence.

(And, oh yes, no hunger, wars, plagues.)

But, today, we don’t yet have the constructs to support this connected world. Our identity systems today are grossly inadequate. And identity systems need to be at the core of this future world. So, we think, we design, we build, we write. Hopefully, some of the efforts of our digital identity community ends up in the foundation of that future society. I fully expect so. Call me a dreamer.

Why I’m Passionate About Digital Identity

I drafted this piece a while ago in response to Johannes Ernst’s post Where have all the visionaries gone?. Initially, I thought it was a bit over-the-top for this blog; but upon reflection, touchy-feely might be just what we need...

The future I see is a world of real choices. Every possible “thing” can be connected to every other “thing”. Things organize to help us live more simply, if we choose. Or we can choose to observe the full complexities of a fully wireless, connected world that we can barely imaging today. Just like the forest – we can see it as an elegant entity, or a very complex ecosystem.

But yet we maintain a level of privacy greater than most of us know today. (None of these blunt identity devices like RFID’s in passports.)

The descendants of AI agents (that we used to tinker with in grad schools) help us to manage just about every aspect of our lives from our calendars, to our groceries, to our health, to our social lives... if we choose. And these are our agents, if we choose – or perhaps Google might provide them to us in exchange for being able to study our habits – and again, it is our choice.

Things that are potentially criminal cannot be carried out with anonymous identity, so crime is low. Things that are harmless to others can be carried out with full anonymity. (Yes, I realize the interesting debates, as always, will be around what should be criminal.)

My ideal future fuses the utopia of security, privacy, and choice. As a society, the trade-offs we make between security and freedom are real ones, not Hobson’s choices; and as individuals, we have the freedom to choose which society we want to live in.

The required work week is tending towards zero (because machines keep improving productivity), but we soldier on because we have hopes that go beyond survival and our current state of existence.

(And, oh yes, no hunger, wars, plagues.)

But, today, we don’t yet have the constructs to support this connected world. Our identity systems today are grossly inadequate. And identity systems need to be at the core of this future world. So, we think, we design, we build, we write. Hopefully, some of the efforts of our digital identity community ends up in the foundation of that future society. I fully expect so. Call me a dreamer.

DIDW 2005 Links

Noted. There are a number of people who have written events at Digital Identity World 2005 last week. I thought it would be useful to collect them in one place:
Phil BeckerChange Waves and the Digital ID World 2005 Conference
http://www.digitalidworld.com/print.php?sid=272
Don BowenMy famous friend, Pat!
http://blogs.sun.com/roller/page/wizidm/20050513/#my_famous_friend_pat
Kim CameronJamie on the Asphalt metaphor
http://www.identityblog.com/2005/05/17.html#a230
Chris CeppiDIDW Notes
http://ceppi.blogs.com/arbitrage/2005/05/didw_notes.html
Johannes ErnstWhat is Microsoft InfoCard?
http://netmesh.info/jernst/Digital_Identity/what-is-msft-infocard.html
Dan FarberMicrosoft's enlightened identity metasystem
http://blogs.zdnet.com/BTL/?p=1377
Dan FarberDigital identity with a capital 'I'
http://blogs.zdnet.com/BTL/?p=1363
Dan FarberConverging federation standards?
http://blogs.zdnet.com/BTL/?p=1371
Steve GillmorSomething in the Air
http://blogs.zdnet.com/Gillmor/index.php?p=95
Timothy GraysonFare thee well DIDW
http://timothygrayson.com/blog/archives/000664.html
Kaliya HamlinIdentity Commons and Persistent Digital Identity
http://identitywoman.kaliyasblogs.net/archives/2005/05/identity_common.htm
Kaliya HamlinDoc's Possy - Identity Gang On Stage
http://identitywoman.kaliyasblogs.net/archives/2005/05/docs_possy_iden.htm
Kaliya HamlinMicrosoft's Presentation @ DIDW
http://identitywoman.kaliyasblogs.net/archives/2005/05/microsofts_pres.htm
Kaliya HamlinDick on Identity 2.0
http://identitywoman.kaliyasblogs.net/archives/2005/05/dick_on_identit.htm
Kaliya HamlinIdentity Gang Meeting - links and last 1/2 summary
http://identitywoman.kaliyasblogs.net/archives/2005/05/identity_gang_m.htm
Chris JablonskiJamie Lewis on the future of identity management
http://blogs.zdnet.com/BTL/?p=1370
Scott MaceDIDW 2005: Kim Cameron's 7 laws of identity
http://scottsrawnotes.blogspot.com/2005/05/didw-2005-kim-camerons-7-laws-of.html
Drummond ReedKey talks at DIDW 2005
http://www.equalsdrummond.name/index.php?p=32
Tom SandersMicrosoft calls for online identity overhaul
http://www.vnunet.com/news/1162956
Doc SearlsDIDW retrospectives
http://garage.docsearls.com/node/596 (MORE LINKS HERE!)
Silicon Valley SleuthMicrosoft: your new best friend for online identities
http://www.siliconvalleysleuth.com/2005/05/microsoft_your_.html
James van KesselClosing Session - Summing It Up, Doc Searls (Linux Journal)
http://spaces.msn.com/members/wandering-mind/Blog/cns!1pqEVRpKSYYbjvBgwmt75xIg!132.entry
Mark WahlDigital ID World 2005, day 1
http://www.ldap.com/1/commentary/wahl/20050511_01.shtml
Mark WahlDigital ID World 2005, day 2
http://www.ldap.com/1/commentary/wahl/20050512_01.shtml
There is also a collection of the presentations at http://conference.digitalidworld.com/2005/attendees/downloads.php.

DIDW 2005 Links

Noted. There are a number of people who have written events at Digital Identity World 2005 last week. I thought it would be useful to collect them in one place:
Phil BeckerChange Waves and the Digital ID World 2005 Conference
http://www.digitalidworld.com/print.php?sid=272
Don BowenMy famous friend, Pat!
http://blogs.sun.com/roller/page/wizidm/20050513/#my_famous_friend_pat
Kim CameronJamie on the Asphalt metaphor
http://www.identityblog.com/2005/05/17.html#a230
Chris CeppiDIDW Notes
http://ceppi.blogs.com/arbitrage/2005/05/didw_notes.html
Johannes ErnstWhat is Microsoft InfoCard?
http://netmesh.info/jernst/Digital_Identity/what-is-msft-infocard.html
Dan FarberMicrosoft's enlightened identity metasystem
http://blogs.zdnet.com/BTL/?p=1377
Dan FarberDigital identity with a capital 'I'
http://blogs.zdnet.com/BTL/?p=1363
Dan FarberConverging federation standards?
http://blogs.zdnet.com/BTL/?p=1371
Steve GillmorSomething in the Air
http://blogs.zdnet.com/Gillmor/index.php?p=95
Timothy GraysonFare thee well DIDW
http://timothygrayson.com/blog/archives/000664.html
Kaliya HamlinIdentity Commons and Persistent Digital Identity
http://identitywoman.kaliyasblogs.net/archives/2005/05/identity_common.htm
Kaliya HamlinDoc's Possy - Identity Gang On Stage
http://identitywoman.kaliyasblogs.net/archives/2005/05/docs_possy_iden.htm
Kaliya HamlinMicrosoft's Presentation @ DIDW
http://identitywoman.kaliyasblogs.net/archives/2005/05/microsofts_pres.htm
Kaliya HamlinDick on Identity 2.0
http://identitywoman.kaliyasblogs.net/archives/2005/05/dick_on_identit.htm
Kaliya HamlinIdentity Gang Meeting - links and last 1/2 summary
http://identitywoman.kaliyasblogs.net/archives/2005/05/identity_gang_m.htm
Chris JablonskiJamie Lewis on the future of identity management
http://blogs.zdnet.com/BTL/?p=1370
Scott MaceDIDW 2005: Kim Cameron's 7 laws of identity
http://scottsrawnotes.blogspot.com/2005/05/didw-2005-kim-camerons-7-laws-of.html
Drummond ReedKey talks at DIDW 2005
http://www.equalsdrummond.name/index.php?p=32
Tom SandersMicrosoft calls for online identity overhaul
http://www.vnunet.com/news/1162956
Doc SearlsDIDW retrospectives
http://garage.docsearls.com/node/596 (MORE LINKS HERE!)
Silicon Valley SleuthMicrosoft: your new best friend for online identities
http://www.siliconvalleysleuth.com/2005/05/microsoft_your_.html
James van KesselClosing Session - Summing It Up, Doc Searls (Linux Journal)
http://spaces.msn.com/members/wandering-mind/Blog/cns!1pqEVRpKSYYbjvBgwmt75xIg!132.entry
Mark WahlDigital ID World 2005, day 1
http://www.ldap.com/1/commentary/wahl/20050511_01.shtml
Mark WahlDigital ID World 2005, day 2
http://www.ldap.com/1/commentary/wahl/20050512_01.shtml
There is also a collection of the presentations at http://conference.digitalidworld.com/2005/attendees/downloads.php.

More on InfoCards

Noted. Last week, Digital Identity World was a hot place for revelations on Microsoft's/Kim's InfoCard. Here are a few links to articles and postings:

Phil BeckerMicrosoft Leaks Identity - Is Info Cards a Good Thing?
http://www.digitalidworld.com/print.php?sid=274
Kim CameronSteve Gillmore; John Fontana on the Identity Metasystem; 'Enlightened' Identity Metasystem
http://www.identityblog.com/2005/05/14.html
Kim CameronFast Forward to InfoCards
http://www.identityblog.com/2005/05/18.html#a232
Mark G. DixonPutting Rubber on the Identity Management Road
http://blogs.sun.com/roller/page/identity/Weblog/putting_rubber_on_the_road
Johannes ErnstWhat is Microsoft InfoCard?
http://netmesh.info/jernst/Digital_Identity/what-is-msft-infocard.html
Joris EversMicrosoft to flash Windows ID cards
http://news.com.com/Microsoft+to+flash+Windows+ID+cards/2100-1029_3-5711126.html
Dan FarberMicrosoft's enlightened identity metasystem
http://blogs.zdnet.com/BTL/?p=1377
John FontanaMicrosoft sells ID mgmt. plan
http://www.networkworld.com/news/2005/051605-microsoft-identity.html
Steve GillmoreSomething in the Air
http://blogs.zdnet.com/Gillmor/index.php?p=95
Dave KearnsInfoCard Info
http://vquill.com/2005/05/infocard-info.html
Hubert Le Van GongMicrosoft's InfoCard
http://blogs.sun.com/roller/page/hubertsblog/Weblog/div_class_text_microsoft_recently
MicrosoftMicrosoft's Vision for an Identity Metasystem
http://msdn.microsoft.com/webservices/understanding/advancedwebservices/default.aspx?pull=/library/en-us/dnwebsrv/html/identitymetasystem.asp
Mike RowehlInfoCard
http://www.bitsplitter.net/blog/?p=501

And here's an old post of mine: http://blog.onghome.com/2005/02/infocards.htm.

More on InfoCards

Noted. Last week, Digital Identity World was a hot place for revelations on Microsoft's/Kim's InfoCard. Here are a few links to articles and postings:

Phil BeckerMicrosoft Leaks Identity - Is Info Cards a Good Thing?
http://www.digitalidworld.com/print.php?sid=274
Kim CameronSteve Gillmore; John Fontana on the Identity Metasystem; 'Enlightened' Identity Metasystem
http://www.identityblog.com/2005/05/14.html
Kim CameronFast Forward to InfoCards
http://www.identityblog.com/2005/05/18.html#a232
Mark G. DixonPutting Rubber on the Identity Management Road
http://blogs.sun.com/roller/page/identity/Weblog/putting_rubber_on_the_road
Johannes ErnstWhat is Microsoft InfoCard?
http://netmesh.info/jernst/Digital_Identity/what-is-msft-infocard.html
Joris EversMicrosoft to flash Windows ID cards
http://news.com.com/Microsoft+to+flash+Windows+ID+cards/2100-1029_3-5711126.html
Dan FarberMicrosoft's enlightened identity metasystem
http://blogs.zdnet.com/BTL/?p=1377
John FontanaMicrosoft sells ID mgmt. plan
http://www.networkworld.com/news/2005/051605-microsoft-identity.html
Steve GillmoreSomething in the Air
http://blogs.zdnet.com/Gillmor/index.php?p=95
Dave KearnsInfoCard Info
http://vquill.com/2005/05/infocard-info.html
Hubert Le Van GongMicrosoft's InfoCard
http://blogs.sun.com/roller/page/hubertsblog/Weblog/div_class_text_microsoft_recently
MicrosoftMicrosoft's Vision for an Identity Metasystem
http://msdn.microsoft.com/webservices/understanding/advancedwebservices/default.aspx?pull=/library/en-us/dnwebsrv/html/identitymetasystem.asp
Mike RowehlInfoCard
http://www.bitsplitter.net/blog/?p=501

And here's an old post of mine: http://blog.onghome.com/2005/02/infocards.htm.

More on InfoCards

Noted. Last week, Digital Identity World was a hot place for revelations on Microsoft's/Kim's InfoCard. Here are a few links to articles and postings:

Phil BeckerMicrosoft Leaks Identity - Is Info Cards a Good Thing?
http://www.digitalidworld.com/print.php?sid=274
Kim CameronSteve Gillmore; John Fontana on the Identity Metasystem; 'Enlightened' Identity Metasystem
http://www.identityblog.com/2005/05/14.html
Kim CameronFast Forward to InfoCards
http://www.identityblog.com/2005/05/18.html#a232
Mark G. DixonPutting Rubber on the Identity Management Road
http://blogs.sun.com/roller/page/identity/Weblog/putting_rubber_on_the_road
Johannes ErnstWhat is Microsoft InfoCard?
http://netmesh.info/jernst/Digital_Identity/what-is-msft-infocard.html
Joris EversMicrosoft to flash Windows ID cards
http://news.com.com/Microsoft+to+flash+Windows+ID+cards/2100-1029_3-5711126.html
Dan FarberMicrosoft's enlightened identity metasystem
http://blogs.zdnet.com/BTL/?p=1377
John FontanaMicrosoft sells ID mgmt. plan
http://www.networkworld.com/news/2005/051605-microsoft-identity.html
Steve GillmoreSomething in the Air
http://blogs.zdnet.com/Gillmor/index.php?p=95
Dave KearnsInfoCard Info
http://vquill.com/2005/05/infocard-info.html
Hubert Le Van GongMicrosoft's InfoCard
http://blogs.sun.com/roller/page/hubertsblog/Weblog/div_class_text_microsoft_recently
MicrosoftMicrosoft's Vision for an Identity Metasystem
http://msdn.microsoft.com/webservices/understanding/advancedwebservices/default.aspx?pull=/library/en-us/dnwebsrv/html/identitymetasystem.asp
Mike RowehlInfoCard
http://www.bitsplitter.net/blog/?p=501

And here's an old post of mine: http://blog.onghome.com/2005/02/infocards.htm.

Grayson’s Observations on Themes in Identity

Noted. Tim Grayson continues to make good observations on digital identity. In Themes in Identity (or at least at Digital Identity World), Tim observes that the following themes:
o Long Tail -- the fact that there are lots of products that have low sales volume, but it could be profitable to target these segments.
o Emergence -- properties that evolve out of complex adaptive systems.
o Identity Vetting -- binding of identities to entities (typically a human).
o Loosely Coupled Systems -- as in David Weinberger's Small Pieces Loosely Joined.
were highlighted at DIDW. I would add the following ideas:
o Distributed Systems -- implied by Loosely coupled systems.
o End-Point Security -- how there is a realization in the market that every device needs to be locked down with strong identity. (See Evolution to Self-Secured Nodes.)
o Bottoms-Up -- building up global directories from pieces at the end-user or subdirectories.
o Metasystems -- a system that will give a global view of any significant set of identities will be a metasystem.
o Tipping point -- centers around the discussion of what it'll take for the next generation of digital identity to become the dominant system.
Update (May 12, 2005):
Tim had more to say in DIDW theme update:
o Liability -- i.e. people are starting to realize the that federation is not just a technology issue. See Federation Won't Mean World Peace.
o Enterprise vs Social Identity -- realization that businesses and social circles need very different privacy needs. I wrote about this in Information Dogma.
o Rising Out of the Weeds -- convergence on understanding on scope of the problem.