As you read this, there must be at least one or more ‘identities’ that you hold: being a citizen of a country, an employee in a company, a customer of a bank and so on. You can prove those identities when called upon- by simply producing a card. That is the case for the physical world.
In the electronic world, being able to prove ones identity has become crucial. Think of a government introducing digital ids, where the citizens can use them on the internet. You're probably wondering just how possible that is. The fact is that this is now a reality, thanks to the Identity Metasystem.
Identity Metasystem
It was developed in accordance with the laws of identity, which were in turn developed by Kim Cameron of Microsoft. (You can find the laws of identity from the download links at the end of this post). Infant, the Identity Metasystem was conceptualized and developed in Microsoft though its platform independent.
The most ideal scenario would be to have one single identity for all purposes/contents. However, this is not feasible. Even in the physical world, there is no single identification that can satisfy all identity requirements. Each specific context requires corresponding identification, provided by the relevant entity.
The same is the case for the electronic world. With different identities, provided by different establishments, being used in different and diverse contexts, this is where Identity Metasystem comes in. It provides a control of an individual’s different identities residing in different locations being used in different situations. It basically has 3 parties, namely the identity provider, the relying party and the subject.
Identity Provider: This could be a government providing identities to its citizens, a company to its employees or a credit card company to its customers and so on. This can also be self, which is provided by the client software.
Relying party: Could be a resource in a website or a web service that requires a user to prove their identity in order to authenticate. This is similar to asking for a username/password login.
Subject: This is the individual whose identity is in question.
Security
The current online security does not solve all possible threats. Even with SSL, those involved in schemes like phishing are able to plan out attacks quite successfully. An attacker's website is made just identical to the genuine one. Users would then enter usernames and passwords, without knowing that they’re divulging their security information. This is one area that Identity Metasystem is able to address.
The major change that the identity presents to the user experience is replacement of the conventional username/password login with something more intuitive.
One of the implementation of Identity Metasystem, the Information Card, has been discussed in this article: http://www.brighterdayweb.com/default-articles-23.html
For more on the Identity Metasystem, and how it works, you can check out these links below:
http://www.identityblog.com/
http://blogs.msdn.com/andyhar/
Downloads:
infocard-techref-beta2-published.pdf
infocard-guide-beta2-published.pdf
Identity_Metasystem_EU_Privacy.pdf
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment