Opening Up User-Centric Identity

Nate Klingensteinndk@internet2.eduInternet2Shibboleth Project

Royal College of PhysiciansEduserv Symposium 200921st May, 2009: London

2

Identity is Totally Forked

• Federated identity has diverged

• Enterprise-centric

• User-centric

• Nothing matters but users and applications

• Is divergence desirable, feasible, neither?

“When you come to a fork in the road, take it” – Yogi Berra

3

Enterprise-Centric Federated Identity

• Enterprise asserts identity data on behalf of an individual for which it is authoritative

• Attributes

• Identity

• Trust relationships and integrated applications defined by the enterprise

• Federations

• SAML is the primary protocol

4

User-Centric Federated Identity

• Self-asserted or unverified

• User-mediated trust establishment

• Opens up worlds of apps

• OpenID

• Yahoo ID, MyspaceID, Google Friend Connect Twitter?, and maybe your provider here

• Facebook Connect

• Federated identity’s largest success by far

5

Universities and Identity

• Both services and identities

• The natural “home” for some user data

• Courses, majors, titles, affiliations, grades, HR

• Identity-proofing?

• Also a home to applications

• Many outside applications federated today

• Some are low-risk, consumer-oriented

6

Students, Identity,and School Services

• how many email accounts do they have that parents don't know about- do they use same password 4 all #socialmedia ? #teens

• “They don't use email so it's more a matter of which ones they forgot about. They often forget their passwords so I would guess that they don't use the same password consistently. Of course, they also share certain passwords with their closest "trusted" friends so that gets messy really fast. And they change it when there's a breakup.”

• Do they really care about/use school library websites?

• “Nope, they don't. All but Twitter [which they don’t use] are categorized as school tools and are only used when absolutely necessary and Google won't suffice.”

http://www.zephoria.org/thoughts/archives/2009/05/16/answers_to_ques.html

7

Natural Pressures

• Economy

• Discovery

• Trust and Ease of Use

• Users, developers, administrators

• We’re lazy

Economic Pressures

• User data is extremely valuable

• To both IdP/OP and SP/RP

• User data is extremely expensive

• Password resets, vetting, aging, etc.

• Network externalities

• Security externalities

• Save now, maybe pay later: easy choice?

8

9

Discovery Pressures

• Users are Lazy

• Interface Work is Hard

• Pull-downs? Text boxes? Buttons? Client code?

• Buttons are winning

http://google-code-updates.blogspot.com/2009/05/google-openid-api-taking-next-steps.html

• Social bookmarking syndrome

• Browsers ready to enter the fray? Whither Cardspace?

10

Trust Pressures

• Administrator-mediated trust mediation is slow and arduous

• Federations help; could help more in a different world

• Consent-based trust is faster, gives users control

• Will they use it responsibly? Do they care? Do we care? Does it depend?

11

What to do?

• Reunification of federated identity?

• Protocols

• Discovery

• Trust

• Attributes

• Ne’er the two shall meet?

12

Protocols

• World’s most ridiculous fight

• But there’s bad blood and high stakes

• Most protocols can solve most problems

• Hacks, revisions, kludges

• Identity sources should support many protocols and apps should be agnostic

• Deployed base is large

13

Discovery

• If we don’t come up with something good, buttons win

• E-mail?

• Auto-complete with institutional name?

• Client software? Cardspace, Mozilla?

• Remember the economic pressures

• A few providers would also win

14

Trust

• One size will never fit all

• Many different user preferences

• Many different application needs

• Many different legal requirements

• The answer must be flexible enough

• Federations, consent, reputation systems, roots, authorities…

15

Attributes

• Attributes cannot be divorced from the asserting/attesting entity

• Natural sources of authority exist

• Legal name, course enrollment, music preferences

• Aggregation happens out-of-band today

• Must be automated for tomorrow

• Levels of Assurance

16

Would a Lack of Unification be Bad?

• User confusion, particularly with discovery or client software

• Data duplication, distribution

• Additional deployment and software complexity -- maybe

• Nothing new here…

17

Will Unification Happen?

• Dunno

• Probably some, particularly aggregation

• Probably not all

• We should endeavor to ensure that the outcome is deliberate and sufficient

• Cooperation

• Economic pressures