KNOCK, KNOCK, WHO'S THERE?
As Internet users embrace a plethora of wired and wireless broadband devices to conduct their personal and professional lives online, there will be a compelling need for a whole host of industries to agree on the standards and evolution path for a next-generation identity management system online.
I remember this statement being true a decade ago when Internet commercialization was just beginning (without the "broadband"), and it remains truer today. It was all brought to mind by Yahoo!'s unveiling its next version of its popular Yahoo! Instant Messenger, that has improved PC to PC calling features, along with free voicemail, photo sharing, better integration with your email system, and a digital contact management/sharing system, amongst other features.
And they're not alone...Microsoft updated their IM client recently, as did AOL, along with Google moving in similar directions. These systems are rapidly moving from "nice to have to "must have" communication platforms. Identity Management becomes increasingly important as a result.
IT trade publication, eWeek, has a special report on the subject this week, following an industry conference on Digital ID management hosted by Verisign in San Francisco last week.
In a presentation at the conference, Kim Cameron, the identity and access architect at Microsoft outlined the need for focus in this area:
"the computer industry shouldn't be surprised that the public has a fundamental distrust of computer passwords and log-on procedures because they provide so many opportunities to expose personal information and assets.
Part of the problem is that companies ask people over and over again to provide personal information to gain access to essential services"
He then went on to outline "the seven laws of identity":
1. The user must control and give consent to disclosure. 2. There should be minimal disclosure for limited use of personal information. 3. Digital identity systems must limit information disclosure to parties having a necessary and justifiable need to know. 4. Identity metasystems should be designed to work effectively with both public and private entities or relationships. 5. Identity metasystems should support multiple identity technologies from multiple providers. 6. Provide clear human-system communications. 7. Provide a consistent experience.
Microsoft-watch has a good summary of Microsoft's grand plans in the ID management area.
It's early days here, but with an increasing series of activities moving online, including entertainment and media content, internet telephony, instant messaging, online shopping, blogging, online collaboration, and many more, there will need to be better mechanisms for managing presence online.
The alternative is living with increasingly fragmented sets of walled garden providers with users juggling infinite user names/phone numbers/emails/passwords and whatever else that comes along, on almost every conceivable kind of device...kind of like what we have now.
P.S. Here's a good review on the Microsoft plans by NetworkWorld, and a good white paper on Identity Issues.
P.S.S. Another good description on Microsoft's InfoCard by Johannes Ernst here, with a more recent follow-up here in response to David Weinberger's thoughts here.
Comments