OpenID and Usercentric Identity: It's All About Me
1. OpenID and User-Centric Identity: It’s All About Me
Nicole Harris, JISC Executive
Joint Information Systems Committee
2. An Apology
Today, I will be saying very little about OpenID
Joint Information Systems Committee
3. What are we talking about?
Identity 2.0??
Joint Information Systems Committee
4. “in Identity 2.0, usage of identity more closely resembles today's offline
identity systems, but with the advantages of a digital medium. As with a
driver's license, the issuer provides the user with a certified document
containing claims. The user can then choose to show this information
when the situation requires.”
Burton Group
Joint Information Systems Committee
5. What are we talking about?
The multiple identity problem?
Joint Information Systems Committee
11. Approaches to managing multiple affiliations
and lots more……
Joint Information Systems Committee
12. Identity 2.0 Is Too Ill-Defined for Imminent Deployment
Gartner, 9th August 2006
Joint Information Systems Committee
13. We are talking about…
What services are users accessing?
Who is responsible?
Joint Information Systems Committee
14. Access and Identity Within the UK
User Centric Identity??
Devolved Authentication
Single Central Identity Provider
Joint Information Systems Committee
Service Provider Credentials
29. No Direct Relationship Between User-Institution-Resource
Joint Information Systems Committee
30. Questions
When is it better for the institution to physically host the resource for an end-user? Institution
provided blogs, wikis, google video etc.?
When is it better for the institution to manage an identity for the end-user? (registration /
revocation).
When is it better for the institution to verify identity for service providers? (authentication)
When is it better for the institution to broker access to resources for the end-user (authorisation
process)? Can this be disaggregated from all service providers?
Do we have the infrastructure to allow institutions to broker access against a user-managed
identity?
Where will this be important?
Who benefits, and where?
Joint Information Systems Committee
31. So, OpenID?
Important role to play in providing the
infrastructure to allow us to move
forward.
Better than e-mail verification.
Role for institutions as an OpenID
provider?
Links to ‘policy-lite’ approaches.
Single digital identity very important.
Great for people without an identity
provider.
Joint Information Systems Committee
32. What is JISC Doing?
Full review of access and identity management against the Information Environment.
Identity Project: reporting soon. Focus on current landscape within institutions.
OpenID / external identity provision study to be commissioned.
Identity Metasystems study to be commissioned.
Personalisation study.
E-Portfolio work: ULN??
Importance of links to repositories work.
Users and Innovation Programme.
Joint Information Systems Committee
33. Contacts
n.harris@jisc.ac.uk
j.farnhill@jisc.ac.uk
www.jisc.ac.uk
Joint Information Systems Committee