Do you trust your appliances and devices to store your (identity) information and release it only in well defined circumstances? Which *real* control do you have on data stored on your devices? How to avoid unwanted accesses and disclosures of your personal information?
Wouldn’t be nice thinking of your device as a trusted “Personal Identity Hub” where you can safely store identity information and which enables seamless connections, authentications and interactions with a variety of systems, service providers and other parties?
In my opinion there is no practical solution available today to address the above points that can provide - at the same time - the required level of simplicity, usability, trust and security.
This space is a green field, open to research and innovation. I think that some advance in this field has been recently done in Liberty Alliance with their specs proposal for Identity-capable Platforms (Advanced Client Technology specs). Have a look at http://www.projectliberty.org/resource_center/specifications/liberty_alliance_id_wsf_advanced_client_1_0_draft_specifications.
An Identity-capable Platform (ICP) is a platform/device that consists of a Trusted Environment in which an “Identity Manager” operates to handle the lifecycle of one or more “Manageable Identities”. This platform has mechanisms supporting Policy-controlled access to data and operations (e.g. which user can access each “Manageable Identity” and what can be done with it). An ICP can be provisioned with “identity tokens” in a secure, simple and trusted way via federated Provisioning Services and enable its users to participate in Federated Services scenarios.
Have also a look at the work done by Intel, BT and HP/HP Labs about a related demonstrator shown at a Liberty Alliance workshop at RSA 2007 - http://projectliberty.org/resource_center/presentations_webcasts/rsa_conference_workshop_liberty_alliance_identity_standards ...
No comments:
Post a Comment