Microsoft calls for online identity overhaul (long)

[David Farber <dave () farber net>]

Begin forwarded message:

From: "Bennison, Mark M" <mark.m.bennison () mbda co uk>
Date: May 12, 2005 2:49:28 AM EDT
To: "'dave () farber net'" <dave () farber net>
Subject: Microsoft calls for online identity overhaul (long)


For IP if you wish...

"Microsoft calls for online identity overhaul" (http://www.vnunet.com/ 
news/1162956)
Tom Sanders at Digital ID World in San Francisco, vnunet.com 11 May 2005
The IT industry needs to adopt an identity meta system to overcome  
existing issues with online identities, Kim Cameron, Microsoft's  
architect of identity, told delegates at the Digital ID World  
conference in San Francisco.

In designing such a meta system, Microsoft will unveil an identity  
service to replace the failed Passport system in a keynote at the  
conference on 12 May.

The meta system is required because the industry, including Microsoft  
itself, has failed to create a secure and fail-safe solution for  
online authentication.

Authentication suffers from an abundance of standards which are not  
aligned and confuse users. This has created an opportunity for  
hackers and computer criminals to launch phishing attacks and commit  
identity theft.

"The ad hoc nature of the internet identity patchwork cannot  
withstand the ongoing assault of professional attackers," said Cameron.

"What we have done is teach the world to indiscriminately put their  
credentials and personal identifying information into almost any form  
that appears on the screen. And then we make fun of them for being  
subject to phishing [attacks]."

Existing standards like Secure Sockets Layer encrypted pages, the  
Kerberos authentication protocol or the Liberty Alliance for digital  
identities are all part of this patchwork.

But the problem, according to Cameron, is that there is no agreement  
between these standards on the nature of a digital identity, and  
which scientific laws play a part in digital identity.

"When we do start talking about identify, we always have to go back  
to this tabula rasa," he said. "I've had people come in with all  
these proposals about what we need to do with identity, and every  
time it's back to square one again."

Although the problem may seem daunting, it has been solved before.  
Cameron pointed to device drivers that have created an abstraction  
layer between software and the display, so that software developers  
were not required to know on what display their software would be  
deployed.

Similarly the rise of TCP/IP allowed programmers to stop worrying  
about whether they develop software for a computer that used  
Ethernet, Token Ring or some other networking standard.

Cameron came up with seven laws during an online discussion which  
dictate whether a online identity technology will succeed or fail.

The laws include users having the right of veto over what  
technologies they do and do not use, as well as the requirement that  
a party governing an identity is "justifiable".

The latter caused Microsoft's Passport service to fail as a general  
online authentication service, but made it successful as a log-in  
service for Hotmail and MSN Messenger, according to Cameron.

"[Users] want to have a relationship with Microsoft within a context  
that makes sense to them," he explained. "[Passport] is fine within  
their relationship with Microsoft, but it's not fine in their  
relationship with Amazon or eBay."

Cameron also claimed that the Bluetooth wireless technology is  
wrongly designed because it constantly transmits a signal, turning  
the owner of a Bluetooth device into a beacon. Radio Frequency ID  
suffers from the same problems.

A RFID tag in a passport, for instance, could be used by terrorists  
to identify an American citizen.

"RFID is fine for a can of beans, but it's not suitable to be  
impregnated into our children," he said. "We have designed all this  
technology in a very naive way."

Cameron promised to publish an overview of his seven laws on his  
Identity Weblog, although the list had not been posted at the time of  
going to press.

John Shewchuck, chief technology officer for distributed systems at  
Microsoft, will unveil the company's plans for the next generation of  
digital identity in a keynote presentation on 12 May.

Part of the proposal is a structure where individuals can use  
multiple identity sets, each containing different information and  
having different privacy risks and characteristics. It will be up to  
the user to decide which set he chooses to hand out.

Microsoft declined to provide any additional details about its plans  
prior to Thursday's keynote.

Note although the article states that the "seven laws" weren't posted  
at the time of the article they appear to be now, and I reproduce  
them below (from http://www.identityblog.com/stories/2004/12/09/ 
thelaws.html)

The Laws of Identity


People who work on or with identity systems need to obey the Laws of  
Identity.  When we don't, we leave behind us a wake of reinforcing  
side-effects that eventually undermine all resulting technology.  The  
result is similar to what would happen if civil engineers were to  
flaunt the law of gravity.

The Laws of Identity are not about the "philosophy of identity" -  
which is a compelling but entirely orthogonal pursuit.

Instead, they define the set of "objective" dynamics that constrain  
the definition of an identity system capable of being widely enough  
accepted that can serve as a backplane for distributed computing on a  
universal scale.  Our goal is to change the identity conversation  
enough that its laws are no longer argued as "moral imperatives", but  
rather as explanations of dynamics which must be mastered to craft  
such a universal system.

Our intentions are pragmatic.  For example, when we articulate the  
Law of Control (stated below), we do so because a system which does  
not put users in control of their own identity will - on day one or  
over time - be rejected by enough users that it cannot become and  
remain a unifying technology.  The accordance of this law with our  
own sense of values is essentially irrelevant.  Instead, the law  
represents a contour limiting what a unifying identity system must  
look like - and must not look like - given the many social formations  
and cultures in which it must be able to operate.  And so on for the  
other laws.

These laws are objective because they pre-exist our consciousness of  
them.  For example, the Law of Fewest Parties explains the successes  
and failures of widely promoted real life systems in spite of the  
fact that those who built the systems were totally unaware of them.

The Laws of Identity, taken together, establish significant  
constraints on what a unifying identity system can be.  The emergent  
system must conform to all of the laws.  Understanding this can help  
us eliminate a lot of doomed proposals before we waste too much time  
on them.

The first big breakthrough is to understand that "some set" of laws  
exist.  The second breakthrough comes from wrestling with what they  
are.  In doing this we need to invent a vocabulary allowing us to  
communicate precisely about them.

We've now come to the end of the Seventh Law.  I am working on a  
paper that integrates all the thinking we have done together since  
this discussion began.  But for now, it's best (and often amusing) to  
follow the actual blog conversation, which has really been helpful to  
me in clarifying these ideas.

1.  The Law of Control:

Technical identity systems MUST only reveal information identifying a  
user with the user's consent.  (Starts here...)

2.  The Law of Minimal Disclosure

The solution which discloses the least identifying information is the  
most stable, long-term solution.  (Starts here...)

3.  The Law of Fewest Parties

Technical identity systems MUST be designed so the disclosure of  
identifying information is limited to parties having a necessary and  
justifiable place in a given identity relationship.  (Starts here...)

4.  The Law of Directed Identity

A universal identity system MUST support both "omnidirectional"  
identifiers for use by public entities and "unidirectional"  
identifiers for use by private entities, thus facilitating discovery  
while preventing unnecessary release of correlation handles.    
(Starts here...)

5.  The Law of Pluralism:

A universal identity system MUST channel and enable the interworking  
of multiple identity technologies run by multiple identity  
providers.  (Starts here...)

6.  The Law of Human Integration:

The universal identity system MUST define the human user to be a  
component of the distributed system, integrated through unambiguous  
human-machine communications mechanisms offering protection against  
identity attacks.  (Starts here...)

7.  The Law of Contexts:

The unifying identity metasystem MUST facilitate negotiation between  
a relying party and user of a specific identity - presenting a  
harmonious human and technical interface while permitting the  
autonomy of identity in different contexts.

© Copyright 2005 Kim Cameron.

Cheers,

Mark.

********************************************************************
This email and any attachments are confidential to the intended
recipient and may also be privileged. If you are not the intended
recipient please delete it from your system and notify the sender.
You should not copy it or use it for any purpose nor disclose or
distribute its contents to any other person.
********************************************************************

-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/