Planet OpenID

March 02, 2015

Nat Sakimura

米国で消費者権利章典法案がホワイトハウスによって公表されました

日本時間28日(土)に、米国ホワイトハウスが、消費者権利章典法案[1]を公表しました。これは、以前発表されていた消費者権利章典を実際に法案に落としたものです。

データの種類による規制主義ではなく、コンテキスト主義で押し切っているのが特徴です。私はこっちの方が良いと思っています。構成的には、SEC. 4 に定義があって、SEC.101~107が消費者権利章典、SEC.201~203が法執行、SEC.301が法執行可能な行動規範としてのセーフハーバー、SEC.401で、この法が他に優先すること、SEC.402で、FTCの権限に影響を与えないこと、SEC.403で、Private Right of Actionをこの法は与えないことを明示しています。

この辺りについても、今日のOpenID BizDay #8 で、時間があれば話して行ければよいと思っています。

なお、この記事は、時間を見つけて拡充して行く or 別記事をおこす予定です。

今週末は、ISO/IEC のコメント締切が5件あったりして、全然時間が取れませんでした。今日のBizDayの後ですね、何か書くのは。

ではでは!

[1] http://www.whitehouse.gov/sites/default/files/omb/legislative/letters/cpbr-act-of-2015-discussion-draft.pdf

by Nat at March 02, 2015 05:58 AM

February 28, 2015

Nat Sakimura

セミナー:企業にとっての実践的プライバシー保護~個人情報保護法は免罪符にはならない

明日3/2、OpenID BizDay #8 で、「企業にとっての実践的プライバシー保護の考慮点」について、新潟大学の鈴木正朝教授と、産総研の高木浩光先生をゲストにお迎えして座談会を行います。わたしが司会者としていろいろ質問していく中で、企業活動として、プライバシーにどのように向き合っていったら良いのかということを浮かび上がらせて行くことができればと思っています。ちなみに、OpenIDファウンデーション・ジャパンでなんでこんなことやるかというと、OpenIDというのは、同意取得のフレームワーク+属性提供のフレームワークだからですね。

予定は未定にしてしばしば変更す、ですが、今のところ以下の様なことをお聞きする予定です。これだけ見ても、ワクワクするでしょ?!

あ、ちなみに、有料イベントです。イベント申込みはこちら。

Q.1 個人情報保護法(今年改正予定)、刑法、消費者契約法、債権法(今年改正予定)、不法行為法など、関係する法律がたくさん有るように思われますが、それらの関係を教えて下さい。個人情報保護法が良いと言っても、他の法律がダメと言っているのが結構ありそうで、個人情報保護法を守っていても免罪符にはならないように思われます。その辺りも教えてください。

たとえば、今般の改正では見送られたようですが、たとえ目的変更がOKとなっても、消費者契約法では不利益変更はNGとなっていますし、債権法でもしかり。個人情報保護法でOKだからといって突き進むと、他の法律で絡め取られるケースがかなりあるように思われます。例えば、

  • 利用目的関連:不正指令電磁的記録に関する罪、電気通信事業法、電波法、民法(債権関連)、民法(不法行為)、消費者契約法、(経産省Q45)
  • 安全管理関連:不正競争防止法

法的コンプライアンスを考える上では、これらを全て勘案する必要があります。そのあたりの関係なども含めて解説していただきます。

Q.2 企業がビジネスを行う上での目標というのは、法律云々よりも、ブランド価値を高めて、自社の商品・サービスをもっと評価していただくことだと思うんですが、そこと、現在の個人情報保護法周りの話はかなり乖離しているように思われます。これはなぜなのかとか、ご意見お持ちでしょうか?

国際展開している企業だと、国内法だけでなく他国の法律も見なければなりません。これってかなり大変ですよね。その上、実際にビジネスを行う上では、法律を守っていれば良いというものでもなくて、何が大切かというと、消費者からの信頼を勝ち得ること、つまり、ブランドを確立することだと思うんですよね。それって、法律を守っていることは当然で、+αの話であるように思われます。実際、国際標準というのは、そのレベルを満たすにはどうしたら良いかというようなことが書いてあるんですが、何か巷の議論を聞いていると、どうもそういうことがすっぽり抜け落ちているような感じがするんですよね。この辺りの状況は、どうなんでしょうか?

Q.3 「特定の個人」って、何なんですか?この辺り、今般の改正でもかならいせめぎ合いになったところのように各方面から聞いておりまして、これで「個人情報」の範囲をできるだけ限定しようとしているというわけですね。なので、この概念をちょっと詳しく説明していただけますでしょうか?

ここで、ISO/IEC 29100によるリンクの概念の解説に飛ぶかもしれません。

Q.4 「個人情報」の範囲を狭くするのは、企業にとって意味があることなんでしょうか?ブランド価値の保全まで考えたら、考慮対象を狭くすることはかえってリスクを高めるように思えるのですが。

この、「できるだけ限定したい」という議論、「個人情報保護法」へのコンプライアンスだけを考えるならば、その気持ちは分からないでもないんですが、上述の通りそれじゃダメなわけで、実は個人的には非常に違和感を持っているものなんですよね。80カ国近くの企業や政府関係者が集まって作っているISO/IEC 29100 プライバシー・フレームワークとかとはまるっきり逆方向なんですよ。こちらでは個人情報(PII)を「(a)その情報が関係する本人を識別することに利用することができるか (b)本人に直接・間接に結び付けられうる、任意の情報」[1]と、とても広く定義しておりまして、なんと1節まるまる使って、どうやって隠れている個人情報をあぶり出すかなんてことまで書いています。その上で、その「個人情報」をどのように「使うか」によって起きてくるプライバシーへの影響を評価して、リスクレベルに応じた対策をせよ、となってるんですよね。たとえば、名刺情報の部門での連絡用共有なんて言うのはリスクが低いからそれなりの対策で良くて、それに対して、お預かりしている健康相談情報なんかはすごく対策する、みたいにね。ブランド価値の棄損とかまで考えたら、こっちの方がずっと実践的だと思うんですよ。

Q.5 約款変更に先立つ公表、通知、同意はどうあるべきでしょうか?

Googleなんか、何ヶ月もこれでもか~と公表、通知、し続けたわけですが、一方では、するっと変えてしまう事業者もある。でも叩かれるのは概ね前者と、なにかバランスの悪さを感じます。このあたり、変更に先立ってどの位の期間、変更内容の徹底をはじめるべきなんでしょうか?

Q.5 匿名加工情報というのが今回新設されるようですが…。オプトアウトも必要ないような「匿名加工」って、統計化のさらに限定されたものになってしまいそうなんですが、それだと現行法でもOKっぽくて…。詳しく教えていただけますでしょうか?

この話が出てきた背景や議論されていたところって、ちょっと違和感がありまして。いわゆるFTC3要件のあたりから出発しているようですが、なんか大きく誤解されているような気がします。そもそもあれは任意のところに情報提供して良いという話ではないし、その背景にFTC法5条がありまして、それをデータ提供元にも提供先にも起動できるようにするために、この3要件を受け入れよ、というものなんですよね。そもそも第一条件の「de-identification」は、その前に散々「re-identificationができない安全なde-identificationなんて無いよ」という話をしているくらいで、だから技術的にはあんまりできてなくても良くて、それをしたと宣言させて、かつ第2要件、第3要件で、自ら再識別しないし提供先にもさせない責任を持つと宣言させることで、FTC法5条が発動できるようになっているところに意味があるんです。それを、FTC法5条が無い日本で語ってもねぇ。これでやるなら、独禁法改正して公取が介入できるようにするとかしないとダメなはずなんですが。

Q.6 データの越境移動関連なんですが、グローバル展開している企業が、EU在住の職員のデータを日本に持ってきて日本で人事評価するとなるとやばそうという話もあるんですが、どうなんでしょうか?安全にやるには、どうしたら良いのですか?

まぁ、データをEUに移管して、人事評価もEUでやれば良い。どうせEU支社もあるわけだし、むしろそっちを本社にすれば良いだけだから、企業としてはどうでも良いという話もあるわけですが。

Q.7 個人情報保護法改正項目の中に「第三者提供時に提供元 & 提供先双方でその記録義務が追加される」というのが有るらしいですが…。どこまでやれば良いのでしょうか?

実務を考えると:たとえばOpenID Connect / OAuth で属性を連携したとしましょう。属性の提供先は、IdP側は記録しているはずです。RP側も建前としては記録しているはずです。ですが、その後は、経路問わずのDBに突っ込んでしまうケースが多いはずで、しかも、途中でRPは本人から新しい情報を直接もらったりもする。すると、もはやどこから何のために来たかなんてわからなくなってしまうわけで、こういうシステムは結構改造が必要になりそうです。まぁ、プライバシー・バイ・デザインをやってないと、後でひどくコストがかかるということの典型例なわけで、ISO/IEC 29101 プライバシー・アーキテクチャ・フレームワークでも、最初の段階でちゃんとそこのところ設計しろと言っているわけですが…。

[1] SOURCE: ISO/IEC 29100. 2.9 PII = any information that (a) can be used to identify the PII principal to whom such information relates, or (b) is or might be directly or indirectly linked to a PII principal

by Nat at February 28, 2015 09:53 PM

February 20, 2015

Nat Sakimura

SIMのキーが気付かれずに大量にNSAとGCHQに持って行かれていた

The Intercept が現地時間2015/2/19に報じた[1]ところによると、NSAとGCHQによって、Gemealtoから出荷されたSIMに保存されている鍵(Ki)が大量に強奪されていたとのことです。その結果、これらのSIMを使った携帯電話の通信を盗聴するのは、何でもなくなっていたと。Snordenさんが持ちだしたファイルの中にこの情報が入っていたとのことです。

携帯電話に入っているSIMカードは、Gemaltoのような「パーソナライゼーション会社」によってAuthentication Key (Ki)が焼きこまれます。このAuthentication Keyは、SIMをネットワーク上で認証するのと、暗号鍵を生成するのに使われます。この鍵は生成された後、SIMカードに記録され、取り出せないようになります。ですが、このSIMカードをネットワーク上で認証するためには、同じ鍵を携帯電話会社も持たなければならないので、携帯電話会社にも送られます。問題があったのは、この送り方ですね。SIMカードは大量にパーソナライズされて電話会社に届けられます。その時、書き込んだAuthentication Keyを大量にまとめてFTPないしはemailで送っていたとのことです。しかも、弱い暗号しか使わず、場合によっては平文で。

GCHQとNSAはGemaltoの従業員のメールからGemaltoの社内ネットワークに入り込んで、誰がこの重要な仕事をしているのかを見つけ出し、その人の通信を傍受して、その中からキーの大量送信ファイルを取り出していたようです。

わたし、この分野には疎くて、まさかこんなことになっているとは知りませんでした。当然チップ内でキーペアを生成させて、そのPublic Keyをキャリアに送っているんだとばかり思っていました。共通鍵でやっていたとは…。

昨日、Real World Crypto 報告会に行っていたのですが、そこで「暗号プリミティブをクラックするより、その他の場所をクラックしたほうが全然簡単だから、暗号プリミティブ自体が弱いとかあんまり関係ない」という意見がフロアから出ていましたが、正にそれを地で行ったわけですね。

教訓

  • (1) 長期秘密鍵を送信するのはやめよう(郵送もダメよ)
  • (2) 秘密鍵を2人以上が長期にわたって保有するのはやめよう
  • (3) 鍵管理はちゃんとやろう

かな。

[1] https://firstlook.org/theintercept/2015/02/19/great-sim-heist/

by Nat at February 20, 2015 02:22 AM

February 16, 2015

OpenID.net

Review of proposed final OAuth 2.0 Form Post Response Mode specification

The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification:

  • OAuth 2.0 Form Post Response Mode 1.0 – Defines how to return OAuth 2.0 Authorization Response parameters (including OpenID Connect Authentication Response parameters) using HTML form values that are auto-submitted by the User Agent using HTTP POST

A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision.

This note starts the 60 day public review period for the specification drafts in accordance with the OpenID Foundation IPR policies and procedures. This review period will end on Friday, April 17, 2015. Unless issues are identified during the review that the working group believes must be addressed by revising the drafts, this review period will be followed by a seven day voting period during which OpenID Foundation members will vote on whether to approve these drafts as Final Specifications and Implementer’s Drafts.  For the convenience of members, voting may begin up to two weeks before Friday, April 17th, with the voting period still ending on Friday, April 24, 2014.

A description of OpenID Connect can be found at http://openid.net/connect/.  The working group page is http://openid.net/wg/connect/.  Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration.  If you’re not already a member, please consider joining to participate in the approval vote.

You can send feedback on the specifications in a way that enables the working group to act upon your feedback by (1) signing the contribution agreement at http://openid.net/intellectual-property/ to join the working group (please specify that you are joining the “AB+Connect” working group on your contribution agreement), (2) joining the working group mailing list at http://lists.openid.net/mailman/listinfo/openid-specs-ab, and (3) sending your feedback to the list.

— Michael B. Jones, OpenID Foundation Secretary

by Mike Jones at February 16, 2015 08:57 PM

OpenID.net

Industry Leaders Lead: Google Asks Developers to Migrate from OpenID 2.0 to OpenID Connect

In 2015, waves of disruption are coursing through the Internet identity ecosystem as standard development organizations, companies and governments look to bolster the security and privacy of the information they are charged with protecting.

Implementing the latest open standards is one of the many practical steps identity providers and relying parties can take now to secure the identities of people accessing websites and apps. Industry leaders like Google are adopting the OpenID Connect protocol and migrating away from OpenID 2.0 to enable better privacy controls and stronger authentication. Released last year, OpenID Connect helps website and application developers get out of the business of storing and managing passwords – especially in the face of the increasing attacks that have compromised the identities of hundreds of millions of people worldwide.

Google recently announced to its developer ecosystem that they should migrate to OpenID Connect by April 20, 2015, the deadline when OpenID 2.0 will no longer work for Google Accounts.

Along with Google, other OpenID Foundation members including Microsoft, Salesforce, Ping Identity, and ForgeRock as well as companies such as Amazon, are adopting and deploying OpenID Connect. This is a signal to organizations worldwide that the tide is turning in the fight against identity theft and cybercrime. OpenID Connect will increase the security of the whole Internet by putting the responsibility for user identity verification in the hands of the most expert service providers.

For questions and information on OpenID Connect please turn to the following resources:

by Don Thibeau at February 16, 2015 02:39 PM

February 05, 2015

OpenID.net

2015 Board of Directors Election Results

Thanks to all who voted for those who will represent corporate members and the community at large on the OpenID Foundation Board of Directors. John Bradley and Mike Jones have been elected to two year terms and George Fletcher to a one year term.

The returning board members help ensure the leadership, continuity and deep technical expertise that is the lifeblood of the Foundation. Those reelected will join current sustaining board representatives: Pam Dingle of Ping Identity, Raj Mata of PayPal, Tony Nadalin of Microsoft, Roger Casals of Symantec, Tracy Hulver of Verizon, Dylan Casey of Yahoo!, Debbie Bucci of the US Department of Health and Human Services, Office of the National Coordinator and Adam Dawes of Google on the board.

Corporate Members of the OpenID Foundation elect a member to represent them on the OIDF board. All corporate members were eligible to nominate themselves, second the nominations of others, and vote for candidates. I am very pleased to announce the reelection of Torsten Lodderstedt of Deutsche Telekom as the Corporate member representative to the Board of Directors. In addition to his service on the Board, Torsten chairs the Mobile Profile for OpenID Connect WG. Torsten’s leadership in profiling OpenID Connect on the platform of choice, mobile, together with Deb Bucci’s focus on a particularly ‘wicked’ problem space, medical patient records permissioning demonstrates the importance of the work we have set out to do.

I am very pleased to announce a OpenID Foundation corporate member Nomura Research Institute, represented by Nat Sakimura, our long standing board Chairman, has stepped up its membership. Sustaining membership requires a significant financial and resource commitment. I am delighted that NRI’s increased investment and Nat’s global thought leadership continues to inform our work. Nat’s Chairmanship of the OpenID Foundation and liaison with OpenID Foundation Japan helps coordinate working groups with a vibrant community of developers in Asia.

There is a special place in heaven, or at least in the identity ecosystem, for those that lead by example. Please join me in thanking all OpenID Foundation Board members for their leadership.

Regards,

Don Thibeau

by jfe at February 05, 2015 08:12 PM

February 03, 2015

Nat Sakimura

Yahoo! CEO メリッサ・マイヤー「消費者からの不信がパーソナル・インターネットの発展を阻害している。」「自己情報コントロールを!」

ちょっと前のニュースになりますが、日本でも流れてましたかね?パーソナル・データの取り扱いに関する、Yahoo! CEOのメリッサ・マイヤー氏の発言が、最近の某国の某社を中心とした「オプトアウトで目的変更可能に」という主張と真っ向対立しているというニュースです。

The Drum の報道[1]によりますと、去る1月22日に行われたパネル・ディスカッションで、米Yahoo! CEOのメリッサ・マイヤー氏は、「一部テクノロジー企業がデータ販売の境界を押し広げようとすることによって、政府・消費者双方の信頼を失い、パーソナライズド・インターネットの発展を阻害している。」と述べたとのことです。個人による意思を伴った同意を経ないで、パーソナル・データから利益を得ようとする企業によって起きている信頼の喪失による経済的被害をさしたものです。「思うに、自己コントロールによる同意:あなたが何をしようとし、そのデータがどのように取り扱われ、どこに流れていくかということに関して、企業がオープンであり、個人がそれを能動的に認めることによってこそ、データが流れるようになるのだ。私たちは、データについてある種のことを行わないという能動的な商業的決定をする。」

同社のプライバシー・ポリシー[2]では、個人データは販売しないとしています。データは集計・統計化されて、オーディエンス・インサイトとして広告主に対して提供され、パーソナル・データの販売は行っていません。同社は、このようなアプローチが、広く採用されうると考えているとのことです。

また、マイヤー氏は、スノーデン事件を受けて、「データの保存と通信の仕方を変更し」暗号化もオーバーホールし、それによって顧客のブランドとサービスに対する信頼性が向上したといいます。

「パーソナライズされたインターネットはより良いインターネットです。そこに行くには、透明性と個人によるコントーロルが必要です。データはユーザのものであり、ユーザはそれを検査し、より信頼する他社に持って行くことができ、人々が利害得失に基づく判断をすることができるようにすべきです。多くの人は、この利害得失にもとづく判断をするのが難しい状態に置かれています。一部の会社のサービスが透明性を欠き、選択と制御の十分な機会を個人に与えていないからです。」

更に、米Yahoo! は、消費者に対して、データ取扱とデータのコントロールについて十分な制御を与えられるようにするために必要な商業的なコストは厭わないとしています。

同じパネルの中で、ケーブルテレビ会社であるリバティ・グループのCEOであるマイケル・フライ氏は「顧客データから利益を得られるように努力はするが、我が社には守るべき原則というものがある。視聴のパーソナライズや顧客データの利用には必ず顧客の同意が必要なのだ。これは、小さい字で利用規約に書くようなことではない。でかでかと書かれるべきことなのだ。」と述べています。

流石メリッサ・マイヤー。良いこと言いますね。

翻って、日本はどうなのかな?!

ちなみに、米Yahoo! は、プライバシー・ポリシー[2]に実影響があるような変更を施す際には、主メールアドレスに通知するとしています。通知です。公表じゃありません。まぁ、EU-USセーフ・ハーバー[3]に参加している[4]ので、EUと同様の規則に従うのは当然なんですね。

E655E851-2426-4FC4-9B69-04443179F470

(出所)The Drum[1]

[1] SEB JOSEPH: “Yahoo’s Marissa Mayer: ‘Some internet vendors are not being transparent enough with data'”, The Drum, 2015-01-23, http://www.thedrum.com/news/2015/01/23/yahoo-s-marissa-mayer-some-internet-vendors-are-not-being-transparent-enough-data

[2] https://info.yahoo.com/privacy/us/yahoo/

[3] http://www.export.gov/safeharbor/

[4] https://info.yahoo.com/privacy/us/yahoo/safeharbor/

by Nat at February 03, 2015 12:55 PM

February 02, 2015

OpenID.net

Review of proposed final OpenID 2.0 to OpenID Connect Migration specification

The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification:

A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision.

This note starts the 60 day public review period for the specification drafts in accordance with the OpenID Foundation IPR policies and procedures. This review period will end on Thursday, April 2, 2015. Unless issues are identified during the review that the working group believes must be addressed by revising the drafts, this review period will be followed by a seven day voting period during which OpenID Foundation members will vote on whether to approve these drafts as Final Specifications and Implementer’s Drafts.  For the convenience of members, voting may begin up to two weeks before Thursday, April 2nd, with the voting period still ending on Thursday, April 9, 2014.

A description of OpenID Connect can be found at http://openid.net/connect/.  The working group page is http://openid.net/wg/connect/.  Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration.  If you’re not already a member, please consider joining to participate in the approval vote.

You can send feedback on the specifications in a way that enables the working group to act upon your feedback by (1) signing the contribution agreement at http://openid.net/intellectual-property/ to join the working group (please specify that you are joining the “AB+Connect” working group on your contribution agreement), (2) joining the working group mailing list at http://lists.openid.net/mailman/listinfo/openid-specs-ab, and (3) sending your feedback to the list.

— Michael B. Jones, OpenID Foundation Secretary

by Mike Jones at February 02, 2015 06:22 AM

January 22, 2015

OpenID.net

Registration is Now Open for the OIDF Workshop on April 6, 2015

Registration is now open for the OpenID Foundation Workshop on April 6 (the Monday before IIW) from 12:00 – 5:00 PM at Aol offices in Palo Alto, CA.

This OpenID Foundation Workshop will provide early insight and influence on important new online identity standards like OpenID Connect. We will provide a hands-on tutorial on the OpenID Connect Self Certification Test Suite led by its developer Roland Hedberg. We’ll review progress on the Mobile Profile of OpenID Connect as well as other protocols in the pipeline like HEART, Account Chooser and Native Applications. Leading technologists from Forgerock, Microsoft, Google, Ping Identity and others will update developments with these key protocols, review work group progress and discuss how they help meet enterprise business challenges. Thanks to OpenID Foundation Board Member George Fletcher and teamAol for hosting.

Planned Agenda:

  • Lunch
  • Introduction and Overview of OpenID Connect Self Certification and Registration by Don Thibeau of the OpenID Foundation
  • OpenID Connect by Co-Chairs Mike Jones of Microsoft, John Bradley of Ping Identity and Nat Sakimura of the NRI
  • Mobile Profile for OpenID Connect by its Chairman Torsten Lodderstedt of Deutsche Telekom
  • Account Chooser by Adam Dawes of the Google Identity Team and Pam Dingle of Ping Identity
  • Native Applications Work Group by Chairman Paul Madsen of Ping Identit
  •  “HEART” Health Relationship Trust Profiles of OpenID Connect and Related Specifications by Co-Chairs Eve Maler of ForgeRock and Deb Bucci of the US Office of the National Coordinator for Health Information Technology
  • OpenID Connect Conformance Testing by Roland Hedberg of the Umea University of Sweden

Don Thibeau

by jfe at January 22, 2015 07:37 PM

January 16, 2015

OpenID.net

2015 Election for the OpenID Foundation Individual Board Representatives

The OpenID Foundation plays an important role in the evolution of Internet identity technologies. The OpenID Foundation Individual community board member election 2015 is now underway. Those elected will help determine the role OIDF will play in facilitating faster and broader adoption of open identity standards and profiles such as OpenID Connect, Account Chooser, the Mobile Profile for OpenID Connect, Native Applications, and Health Relationship Trust (HEART). Per the bylaws approved by the OpenID Foundation (OIDF) board on May 8, 2013, Individual community Members will elect three (3) board member to represent them.

Currently, we have four Individual community board members whose terms are expiring (2014 was a ‘transition’ year): Nat Sakimura, Mike Jones, John Bradley, and George Fletcher. I want to thank them for their service to the OIDF. They are eligible to seek re-election, if they so choose.

The Individual community board member election is being conducted on the following schedule:

• Nominations opened: Monday, January 5, 2015
• Nominations close: Monday, January 19, 2015
• Election begins: Wednesday, January 21, 2015
• Election ends: Wednesday, February 4, 2015
• Results announced by: Wednesday, February 11, 2015
• New board terms start: Wednesday, February 25, 2015

Times for all dates are Noon, U.S. Pacific Time.

All members of the OpenID Foundation are eligible to nominate themselves, second the nominations of others who self-nominated, and vote for candidates. If you’re not already a member of the OpenID Foundation, we encourage you to join now at https://openid.net/foundation/members/registration.

Voting and nominations are conducted using the OpenID you registered when you joined the Foundation. If you are already a member, you have received an email from director@oidf.org advising you that the election is open and how to participate. Please log in with your OpenID membership credentials at https://openid.net/foundation/members/ to participate in the nomination and voting. If you experience problems participating in the election or joining the foundation, please send an email to help@oidf.org right away.

Board participation requires a substantial ongoing investment of time and energy. It is a volunteer effort that should not be undertaken lightly. Should you be elected, expect to be called upon to serve both on the board and on its committees where the work of the foundation is conducted. If you’re committed to OpenID and advancing open digital identity and are a person who works well with others, we encourage your candidacy. The OIDF’s Executive Committee has suggested a few questions candidates may want to publically address in their candidate statements:
1.What are the key opportunities you see for the OpenID Foundation in 2015?
2. How will you demonstrate your commitment to the work of the foundation in terms of resources, focus and leadership?
3. What would you like to see accomplished over the next year, and how do you personally plan to make these things happen?
4. What resources can you bring to the foundation to help the foundation attain its goals?
5. What current or past experiences, skills, or interests will inform your contributions and views?

Candidates can address these questions in their election statements on various community mailing lists, especially openid-general@lists.openid.net. Please forward questions, comments and suggestions to me at don@oidf.org.

Regards,

Don Thibeau

by jfe at January 16, 2015 01:00 AM

January 11, 2015

Nat Sakimura

佐賀県知事選で樋渡候補が落選した夜に、お構いなしに上野星矢はうまいなぁという話を書くわけです。だけど、本当に重要なのは…

ネット上の落選運動他で話題になった樋渡候補が、佐賀県知事選で落選されました。自民党・公明党の共同推薦でのまさかの敗戦です。確定票で

▽山口祥義(無所属・新)当選、18万2795票。
▽樋渡啓祐(無所属・新)、14万3720票。
▽島谷幸宏(無所属・新)、3万2844票。
▽飯盛良隆(無所属・新)、6951票。

と思いの外の大差の敗戦です。

2012年2月以来武雄市&樋渡(当時の)市長に、色んな意味で注目していた私[1]としてはなかなか感慨深いわけですが、そんなことはお構いなしに上野星矢はうまいなぁという話を書くわけです。

で、上野星矢さんですが、全然一昨日まで知りませんでした。最近わたくしはビデオメッセージに味をしめております。たとえば、クリスマスはこんなのを急いでのっけたり[2]してるわけですが、

春のメッセージはどうしようかということで、手元に楽譜があった、松任谷由実「春よこい」[3]でもやるかと思ってYoutubeでお手本探して付き合ったたのがこれ。上野星矢さん。弱冠19歳でジャン・ピエール・ランパル国際コンクールで優勝し、パリ高等音楽院に行かれた俊才。

うんめー。一音一音すべて異なるニュアンスを込めて吹いておる。音楽っチューのはこうでなくっちゃ。完璧に戦意喪失しますた。ちなみに、CDはこちら

上野星矢:万華鏡

上野星矢:万華鏡

なんですが、Youtube版のほうがうまいね。

閑話休題

今日の最大のニュースは、佐賀県知事選ではなく、こっちだと思うぞよ。

Paris march: Global leaders join ‘unprecedented’ rally in largest demonstration in history of France

パリの追悼デモ

パリのジャーナリスト追悼デモ。(出所)http://www.independent.co.uk/news/world/europe/world-leaders-gather-for-freedom-march-in-paris-as-million-expected-at-rally-9970512.html

言論の暴力による封殺は絶対に許されない。ムスレムの方々も声を上げておられます。暴力は絶対に許されない、と。

自由は常に暴力による謀殺にさらされています。自由は天から与えられたものではありません。我々が戦って勝ち取り、守らなければならないものなのです。

[1] まぁ、遠回し(?)に一貫してdisっているわけですが…。

[2] まずは練習を録音していろいろ反省してバグフィックスして本番録音しようと思っていたら、本番録音する時間がなくなってしまった…。なので、バグだらけ…。

[3] 敬愛する、一回だけ偶然お好み焼き屋さんのカウンターで隣で食事をしたことのある高木綾子さんの楽譜を持っているわけで。

by Nat at January 11, 2015 08:38 PM

January 08, 2015

OpenID.net

Open Invitation to Join the First Meeting of the Health Relationship Trust ( HEART) Working Group

A few months ago the OpenID Foundation Board of Directors welcomed Deb Bucci as a colleague and representative of the US Office of the National Coordinator for Health Information Technology (ONC). The Board noted the important coincidence of the growing adoption of the OpenID Connect standard and the commitment of public and private sector organizations to OpenID Connect profiles that can accelerate progress on identity-related heath care challenges.That public and private collaboration is reflected the leadership of a new working group. Eve Mailer of Forgerock, OpenID Foundation member and industry opinion leader, has joined Deb as co chair of a new working group.

We are inviting interested parties in the public, private and academic sectors to join the first meeting of the Health Relationship Trust ( HEART) Working Group (WG) on January 12. The HEART WG is a collaboration of the MIT – KIT Consortium and the Open ID Foundation. The HEART WG will be looking at ways to harmonize and develop a set of privacy and security specifications that will help an individual control the authorization of access to RESTful health-related data sharing APIs and facilitate the development of interoperable implementations of these specifications.

The US ONC’s Office of Standards and Technology is supporting this effort joins the Foundation in encouraging the active participation of technical and policy subject matter experts from across the Health IT community. The initial work will focus on identifying/scoping/framing relevant use cases rather than delving into the technical details.

You can review the HEART Project Charter for more detailed information about the HEART WG. Additional Information about joining and registering for our mail list can be found here. Anyone can join the mailing list as a read-only recipient and attend the meetings.

Don Thibeau
The OpenID Foundation

by jfe at January 08, 2015 11:15 PM

January 06, 2015

Nat Sakimura

TEPPEN 2015のピアノ対決がヤラセというが…

全然知らなかったのだが、TEPPEN 2015というフジテレビの芸能番組で、芸能人のピアノ対決をやっていたらしい。その中でいまネットで話題に成っているのが HKT48 の森保まどか氏、AKB48 の松井咲子氏、芸人のさゆり氏、の3人。彼女たちがトップ3人なのだが、森保まどかが圧倒的なのに3位でヤラセなのではないかというのだ。

森保まどかは、PIARAピアノコンクール(って初耳だが。ピティナなら知ってる。)奨励賞などをとっている本格派。下のビデオ画像が自宅だとすると、マイピアノはベーゼンドルファーのようだ。(すげー)。

一方、松井咲子は東京音大のピアノ科の学生さん。プロの卵ですね。ビデオの中ではスタインウェイを引いています。学校のかな?自宅だったらこれまたすげー。

最後のさゆりはコメディアンだが、大阪音楽大学短期大学部ピアノ科中退と、いずれも専門的にピアノに取り組んでいる/いたこのとのある人達だ。

で、この結果だが、さゆり>松井>森保の順番になって、これに対して『内容の無い音楽会』の「生福」の福田裕彦氏他がネットで酷評している[1]、という構図だ。

まぁ、専門家である服部克久氏他が上記の順にし、一方これまた専門家である福田裕彦氏が逆だと言っているところに、素人のわたしなどが何か言うべきでは無いのかもしれないが、素人の特権で演奏についてちょっと考えてみたい。
まずは、それぞれの演奏を

森保まどか

松井咲子

さゆり

では、それぞれの、素人講評をば。

まず、タッチ、音の粒の揃い方は、これは森保の圧勝だろう。指がよく動いているし硬質な音は、どこかベーゼンドルファーチック。ヤマハじゃなくて、ベーゼンドルファーかファツィオリが、せめてスタインウェイあたりで弾かせて上げたかった感じ。こういうところがネット民には非常にうけたのだと思う。これに対して、松井は少しばらつくし、さゆりは更にばらつく。というか、さゆりは破綻しすぎ。わたしは多くの日本人聴衆と違って、多少ミスタッチがあっても音楽があれば良いと思っている口だが、それにしてもちょっとしすぎ。テクニックがおいついていない。この点で見れば、森保>松井>さゆりなのは間違いないだろう。

だが、音楽はそれだけではない。森保を聞いた後に松井を聴き始めた時、「あれ?音が違う。」と思った人は多いのではないだろうか。どちらもヤマハで、おそらく同じ人が調整しているにもかかわらず。松井のほうが音にぐっと膨らみが有り深みがある。そしてその中から、ふわっと旋律が浮き出してくる。何故か。これは、ピアノが平均律の楽器であるという弱点をきちんと補って弾こうとしているかどうか(殆どの場合演奏者はそれを意識するのではなく、音色で聞き分けているわけだが)にあると感じられる。前述のとおり、現代のピアノは平均律で調律されている。それ故に、音が濁る。この濁りは、和音の各音を同じ音量で演奏すると特に顕著に出る。プロの演奏家は、このデメリットを減らすために、各音の音量や音の出のバランスを変えながら弾く[2]。だから、同じピアノでも、本当のプロが弾くと澄んだ音が出て、そうでない人が弾くと濁った音が出るのだ。森保よりも松井の方が音に広がりと深みがあるのは、ここに起因している。森保は「音が揃っている」が故に、「平均律の濁り」が強く出てしまっているのだ。同様に、さゆりもまた、そこのところはケアして弾いている。つまり、音大での教育はそれなりの成果を出しているということかな。森保さんもあれだけテクニックがあるだから、ちょっと気をつけたらすぐ良くなるだろう。この観点で見ると、松井>さゆり>森保、だ。

次に曲と解釈。まず、異邦人。うーん、そういう曲じゃないんだけどなぁ。「子どもたちが空に向かい両手を広げ、鳥や雲や夢までもつかもうとしている」に始まるあの寂しさが出てこない…。年齢的には久保田早紀も19歳だったからそんなに変わらないんだけどなぁ…。今の子の方がおこちゃまなのかな…。伴奏にしても、ズルナ[3]もサントゥール[4]も聞こえない。一度、ひどく失恋して、アラブの街でも彷徨ってみると、きっと良くなるんだろうな、という感じ。技術的に言うと、歌の旋律のレガートをもっと気をつけて弾いて、フレージングをしっかりと、一音一音の音量を変えながら歌うよう(今のはあまりにピアノ的)に弾く。伴奏の音量は落とす。

久保田早紀さん本人の異邦人:(どうでもよいけど、こんな美人さんだったので。音でしか知らなかったので…。しかも同郷の国立市出身。)

一方のレリゴーだが、パーツパーツは良い。よく歌ってるし。だけど、曲をブツブツにしすぎですよ。編曲悪すぎ。持ち時間の関係なんだろうけど、これは音楽としてはやっちゃだめでしょう。

対して、残酷な天使のテーゼは曲をぶつ切りにしていないから、ちゃんとまとまっている。前奏部分(特に3音目まで)はすごく広がりもあって良い。直後の旋律も、松井ほどではないがちゃんと歌っている。あとは、気持ちで弾いてる感じ。終わりはちょっと取ってつけたような感じですね。腕力が足りない。

という訳で、「さゆり>松井」になるとすると、選曲点がかなりウェイトが高い場合だろう。それくらいしか考えられない。

「松井>森保」は、上述の通り、ピアノの扱い方と音楽の作り方。

でもなぁ…。

「対決」にするなら、やはりちゃんとしたクラシックの課題曲を決めてやったほうが良いと思うよ。たとえばさ、こんな感じ。

(同じく芸能人の)松下奈緒の 「Chopin バラード第3番変イ長調」[5]

そうすると「さゆり>松井」みたいなのは起きなくなるし、森保さんもちゃんと指導をうけたらきっと森保>松井になるような気がする。指が動くもん。

あと、フジテレビにもう一つ注文。録音、悪すぎ。もうちょっと何とかして。

では、最後におまけで、本当のピアニストの演奏。ツィーメルマンです。うまいわ~。プロは違うね。[6]

やはり、これが良いということで、お後がよろしいようで。

[1] ロケットニュース http://rocketnews24.com/2015/01/06/530471/
[2] 更に、音量のバランスを変えると、実はピッチも微妙に変わる。強く弾けば弦が端まできちんと振動するので低くなるし、軽く弾けば高くなる。
[3] アラブのダブルリード楽器。
[4] アラブの打弦楽器。これがシルクロードを西に下ってハンガリーのツィンバロンやドイツのハックブレット、英国のハンマー・ダルシマーに、東に下って中国の楊琴になった。
[5] ま、上記3人+松下奈緒だったら、松下奈緒が一番うまい感じですな。
[6] 同じ音量で聞いていると、出だしの音が小さい気がするかもしれないが、それはダイナミック・レンジが広くて、ピアニッシモはとても小さく、フォルティッシモはとても大きく弾いてるから。ダイナミック・レンジは広いし、音一つ一つにニュアンスを込めてるし、フレージングも素晴らしいし、音楽はこうでなくっちゃね。ちなみにこの演奏は、Youtubueにアップされていた、ホロヴィッツ、キーシン、他各種の演奏の中から筆者が厳選いたしましたです。ずーっとホロヴィッツで聞いてたんですがね、ツィーメルマン、いいわぁ。

by Nat at January 06, 2015 11:46 PM

Nat Sakimura

カップヌードルCM「NY/サムライーK」 は本当に木刀でボールを打っているらしい

巌流島へ行く武蔵よろしくハドソン側を木刀を削りながら渡るSAMURAI-K。ついた先は完全アウェイのテニススタジアム。変なのが来た、木刀なんかでテニスが出来るわけがないと冷笑する観客。だが…

最初見た時は、当然CGだと思いましたよ。本当に木刀で打っていたとは…[1]。まぁ、常に芯で捉えていたら、ラケットの大きさはあまり関係ないのか…。

しかし、すごすぎ。カッコイイ。

それはそうと、インスタント麺というのは、実は日本発のスゴイ発明なんだぞ。東南アジアでは既に国民食になってしまっているようだし。加えて、それをカップヌードルにすると、あれもまたスゴイ発明。1年間のインスタント麺の消費量はなんと954億食[2]。日清食品エライ!正に、日本からアウェイの世界に出て行ったサムライだ。

みんな、発明者の安藤百福さんのこと、もっと知ったほうが良いと思う。

[1] http://www.cupnoodle.jp/cm/samurai-k/ 参照

[2] 1年間で全世界の即席めんの消費量は953.9億食, WIZBIZ, (2012/3/7)

by Nat at January 06, 2015 03:28 PM

January 04, 2015

Nat Sakimura

桑田佳祐ーソラミミ・アベーロードが凄すぎと話題

先ほどツイッターで流れて来たんですが、桑田さん、凄過ぎ〜。ソラミミ・アビーロード、題してアベーロード。正に天才、文句なし。いや〜、良いもの見せて頂きました。

2009年5月4日 放送 、『桑田佳祐の音楽寅さん』だそうです。

みなさんも是非!

曲目

  1. 公明党BROTHER(Come Together
  2. さみしい…(Something
  3. 舛添居ず知らぬ間データ(Maxwell’s Silver Hammer
  4. 親だ~れ!?(Oh! Darling
  5. 僕当選さす票田(Octopus’s Garden
  6. iPhone中(I Want You (She’s So Heavy)
  7. 爪噛むおじさん(Here Comes The Sun
  8. 民主党(Because
  9. 油田は危機を招き(You Never Give Me Your Money
  10. 国際危惧!!(Sun King
  11. 民意無視して増した・・・!!(Mean Mr. Mustard
  12. オレ審判!?(Polythene Pam
  13. 「死刑」にするも「罰する」も非道!?(She Came In Through The Bathroom Window
  14. 公然知らんばい(Bye)!?(Golden Slumbers
  15. 借金(かり)が増え!!(Carry That Weight
  16. 次年度(The End

by Nat at January 04, 2015 01:44 PM

Nat Sakimura

これが日本の生きる道?!〜パワードスーツによる高齢者の戦力化

さてさて、お正月第3弾のネタは前回の記事のお約束通り、「夢のある」[1]成長戦略です。

今の日本は少子高齢化が最大の問題とされています。これの何が本質的な問題かというと、生産人口に比べて消費人口が多すぎる状態になるのが問題なんですね。消費>生産になると、国富がどんどん海外に流出し、国民が貧しくなっていきます。また、需要が供給より強いわけですから、輸入が困難な産業ではインフレが進むでしょう。

これのオーソドックスな解法は

  1. 産めよ増やせよ
  2. 移民

です。フランスは1.をやってある程度成功しました。アメリカは2.で経済を維持しています。日本でもこれらが検討されていますが、1.は最低でも20年がかりでいささか手遅れ(でも今すぐにでもやるべきですが)で、2. は移民国家ということ自体がアイデンティティである米国とは違って日本ではさまざまな摩擦を引き起こすことが予想され、多くの困難があるであろうことは、識者の皆さんのご指摘の通りだと思います。

ではどうしたら良いか?

あるじゃないですか、Cool Japanな解決方法が。

そう、ロボットスーツパワードスーツですよ。こういうやつ。

(図1)ロボットスーツHAL (出所)https://www.tsukuba.ac.jp/news/20070611102240.html

(図1)ロボットスーツHAL (出所)https://www.tsukuba.ac.jp/news/20070611102240.html

高齢になるとだれでも成長ホルモンや性ホルモンの分泌が減り、筋力が衰えます。その結果、動きも不自由になります。また、目も弾力性を失い、極めて優秀な自動焦点方式であった肉眼が、固定焦点レンズになってしまいます。老眼ですね。それらの結果、引退を余儀なくされているのが現状だと思います。

この引退状態はさらに好ましくない結果を生みます。御存知の通り、筋肉の収縮は血流の確保に重要な役割を果たしています。筋肉の衰えによって歩くのも億劫になりあるかなかくなると血流が悪くなり、その結果痴呆を促進します。この痴呆は、本人の労働力を奪うだけでなく、約2名分の家族の労働力も奪うと言われています。つまり、1人痴呆状態になると、労働力は−3人の純減になるのです。

ロボットスーツの着用は、筋力の衰えをカバーし、動きを促進することによって、痴呆を予防すると同時に、本人も労働戦力化します。

最初に述べたように、少子高齢化の問題の本質は、消費オンリー人口が生産人口より多くなり、消費>生産になることです。であれば、定年を廃止して高齢者を生産者にしてしまえば解決するわけです。その手段が、ロボットスーツなわけです。

では、どこからはじめましょうか?

おりしも2020年には東京オリンピックがあります。たくさんの観光客が海外からやってくることが想定されます。彼らの荷物は非常に重いです。対して、それを受け止めるタクシー運転手の平均年齢は57.9歳、60歳以上が半数、50歳以上が77%を超えていて(2012年度[2])、年々高齢化が進んでいます。このままで行ったら、ぎっくり腰多発です(w。そこで、まずは彼ら・彼女らにロボットスーツを配給して受け入れ体制を作ります。大荷物をもった外国人観光客が空港でタクシーに乗ろうとすると、白髪のロボットスーツの運転手さんが降りてきて、めちゃ重い荷物を「ウィーン・ウィーン」と軽々と持ち上げてトランクに収納、「さあどうぞ」とお客に乗車を促すのです。

「ワ〜オ、イッツ・クール・ジャパーン!♡」

となるのウケオイです。

タクシー乗務員は6万5千人強で、そのうち50歳以上の5万人に支給するとして、パナソニックの量産型は年間1000体作成時点で50万円[3]だそうですから最大250億円の予算規模ですね。実際には、年産2万体とかになれば、それよりもぐっと安くなるでしょうし、新たな産業が出来ると考えたら安いものです。

実は、アベノミクスの3本めの矢には、「ロボットによる新たな産業革命の実現」[4][5]というのが入っています。そこでは、医療・介護現場での「抱え上げる際の腰への負担を軽減するロボット」が挙げられています。ここでは対象は若い人でしょうが、それを高齢者に適用しようというのです。あながち夢物語でもないように思うのですが、どうですかね?!

[1] 与太話ともいう

[2] 一般社団法人 東京タクシー・ハイヤー協会:『東京のタクシー2013』P.25

[3] 小野口哲『来年には50万円でパワードスーツが買えるようになります』日経ビジネス (2014/3/5)

[4] 首相官邸 『「日本再興戦略」の改定』 (平成26年6月24日閣議決定)

[5] 首相官邸 『「「日本再興戦略」改訂のポイント(改革に向けての10の挑戦)』(平成26年6月24日閣議決定)P.4

by Nat at January 04, 2015 07:01 AM

Nat Sakimura

EeeBoxにLubuntu 14.10を入れてみた

eb1012-blackうちのサーバルーム(納戸ともいう)の片隅に、もう4年近く火を入れていないEeeBox[1]があった。リカバリーパーティションも潰して、Debian Lennyを入れて、しばらくサーバとして使っていたのだが、東日本大震災の影響で毎日のように停電していた頃に諦めてクラウド移行してからずっと放ってあったものだ。これを、娘が使えるように再生しようというわけだ。

最初はWindowsにリカバリーしようかとも思ったが、よく見ると添付されていたのはWindows XP。2009年1月に買ったマシンだからしかたがないが、これではダメだ。Lubuntu と Xubuntu とどちらにしようかと一瞬迷ったが、メモリーが少ないこのマシンにはLubuntu一択のようだったので、Lubuntu 14.10を入れることにした。

手順は以下のとおり。

インストール用SDディスクの用意

  1. Mac OS 10.10.1 のマシンを使って、Lubuntu 14.10 PC 32bit版をダウンロードページから取得。
  2. ターミナルで、ダウンロードしたフォルダにGO。(私の場合、$ cd Download)
  3. ダウンロードした.isoファイルを.imgファイルに次のようにして変換。
$ hdiutil convert -format UDRW -o ./lubuntu-14.10-desktop-i386.img ./lubuntu-14.10-desktop-i386.iso
  1. hdutil が勝手にファイル末尾に.dmgをつけているのでこれを削除
$ mv ./lubuntu-14.10-desktop-i386.img.dmg ./lubuntu-14.10-desktop-i386.img
  1. ブートドライブにするSDカードをスロットに挿入。
  2. ターミナルで diskutil list して、ディスクのパスを調査
$ diskutil list
/dev/disk0
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *500.1 GB   disk0
   1:                        EFI EFI                     209.7 MB   disk0s1
   2:                  Apple_HFS Macintosh HD            499.2 GB   disk0s2
   3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
/dev/disk1
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:     Apple_partition_scheme                        *2.0 TB     disk1
   1:        Apple_partition_map                         32.3 KB    disk1s1
   2:                  Apple_HFS MyBook2T                2.0 TB     disk1s3
/dev/disk2
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *3.0 TB     disk2
   1:                        EFI EFI                     209.7 MB   disk2s1
   2:                  Apple_HFS TimeMachine2            3.0 TB     disk2s2
/dev/disk3
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:     FDisk_partition_scheme                        *7.7 GB     disk3
   1:                 DOS_FAT_32 NO NAME                 7.7 GB     disk3s1

  1. SDカード(NO NAMEという名前だった)が、/dev/disk3だということがわかったので、これを一旦アンマウント。アンマウントにあたっては、ボリューム名を使用するので、df コマンドでボリューム名を調査
$ df -g
Filesystem    1G-blocks Used Available Capacity   iused     ifree %iused  Mounted on
/dev/disk0s2        464  425        38    92% 111670483  10216259   92%   /
devfs                 0    0         0   100%       670         0  100%   /dev
map -hosts            0    0         0   100%         0         0  100%   /net
map auto_home         0    0         0   100%         0         0  100%   /home
/dev/disk1s3       1862 1326       536    72% 347818226 140519426   71%   /Volumes/MyBook2T
/dev/disk2s2       2794 2003       790    72% 262631430 103609902   72%   /Volumes/TimeMachine2
/dev/disk3s1         15    0        15     0%         0         0  100%   /Volumes/NO NAME
  1. アンマウント(これをしないと、Resource busyになって、次のステップで書き込みできない。)
$ diskutil umount /Volumes/NO\ NAME/
Volume NO NAME on disk3s1 unmounted
  1. ddコマンドでディスクイメージをSDカードに書き込み:
$ sudo dd if=lubuntu-14.10-desktop-i386.img of=/dev/rdisk3 bs=256m
2+1 records in
2+1 records out
739246080 bytes transferred in 148.771499 secs (4969003 bytes/sec)
  1. 書き込み終わると、MacOSがマウントしようとして読み込めないと言ってくるので「取り出す」を選ぶ。

EeePCへのインストール

  1. 作成したSDカードを取り出して、EeePCに挿入
  2. 電源ONして、DELキーでセットアップ画面に入る。ここで、ブートデバイスの設定をする。SDカードはハードディスクとして認識されるので、HDDのブート順序を、変更。F10で保存、再起動。
  3. あとはウィザードにしたがって進めばOK。インストールが終わったら、再起動を即されるので再起動。この際、SDカードは抜くこと。

日本語入力設定

  1. デフォルトだと、日本語入力の切り替えが<super>+<space>に割り当てられている。慣れの問題かもしれないが、これを<control>+<space>に変更したいので、Lubuntuメニューから「設定>キーボード・インプットメソッド」 とたどり、設定。

FirefoxからGoogle Documentを使う分にはなんとかこれで行ける。(変換中の文字列が、入力行より微妙に下にでるのはちょっとあれだが。)AbiWordだと、インラインに入力文字列が出ないので、ちょっと使えないかな。

[1] ASUS EeeBox MODEL:EBXB202 BLK/VK191T。CPU: Atom N270,Memory:1GB, HDD: 80GB, Wireless: 802.11n。Windows XP home (JPN)添付。

by Nat at January 04, 2015 04:53 AM

January 02, 2015

Nat Sakimura

新年にあたって、2003年〜2014年の現金価値を振り返ってみた

「新年にあたって、2014年の現金価値を振り返ってみた」では、2014年一年の現金価値の遷移を振り返ってみたわけですが、「リーマンショックの前後を含む過去8年位は引っ張らないとダメだ」とのご批判をいただきましたので、為替データが簡単に手に入った2003年からのグラフを引っ張ってみました。これです。

Nikkei-vs-Yen-2003-2014

図1 – 2003年からの現金と株式の価値の推移

株は確かにボラティリティが高いです。ですので、長期投資を考えるコトが必要です。底値で換金を余儀なくされるようなことは避けなければならないので、短期的に必要になる資金を株にするのは勧められません。ボラティリティは、株>債券>現金ですから、資金の需要計画に応じて適切に配分する必要があります。年金などはこの資金需要が予めある程度わかるので、それに合わせてポートフォリオ・バランスを設定して、それを維持するのが結構重要だと思います。インフレターゲットと同じで、指標維持が大切なわけで、政治介入による機動的なリバランスなんてものはあってはならないわけです。

ところで、「新年にあたって、2014年の現金価値を振り返ってみた」を書いた後閲覧したら、「お金を刷って、景気を良くしよう」という1998年の記事が関連記事で出てきました。言っている内容は、

  1. 政府貨幣の発行(or 国債日銀引受)によるマネーの増加
  2. その収入による公共投資

で、アベノミクスの第1、第2の矢となっております。アベノミクスの始まる2013年の15年前にそのことを言っていたというのは、なんとも感慨深いものがあります。

ちなみに、アベノミクスの3本の矢は次の3つと言われております。

  1. 大胆な金融政策
  2. 機動的な財政政策
  3. 民間投資を喚起する成長戦略

残念ながら、1998年の記事では、3の成長戦略についてはなにも述べていません。この辺はお正月らしく夢も含めたものを明日書こうと思います。

では、Good Night!

by Nat at January 02, 2015 04:08 PM

Nat Sakimura

新年にあたって、2014年の現金価値を振り返ってみた

あけましておめでとうございます。

戦後70年の本年も宜しくお願い申し上げます。

さて、世間的にはGPIFが株の購入比率を引き上げるのはキ◯ガイだとかかますびしいわけですが、そんなことは無いということを新年にあたり2014年のデータを使って振り返ってみたいと思います。

みなさん、良く「株は危ない。現金が安全。」といいますよね。これは、名目値に惑わされた錯覚です。昔、各国の年金基金をまわってインタビューしたことがあるのですが、その時に某欧州の国の基金に「株が一番の安全資産だ」といわれたのを鮮明に覚えております。名目値は変動するかもしれないが実質経済にリンクしているので実質値は確保しやすいのに対して、現金は長期的には必ず負ける(インフレ率が+である限り)というのがその根底にありました。

それをたった一年でキッチリしめしたのが、日本の2014年であったように思います。図1は、ドルベースでの日本株(日経平均)と現金(日本円)を1月末価格を100に指数化してしめしたものです。

Nikkei-vs-Yen-2014

図1 日経平均と現金の価値の推移(米ドルベース指数)

いかがでしょうか。現金がいかにアブナイ資産かお分かりいただけたのではないでしょうか。株は安定的ですね。個人的には、ポートフォリオの現金エクスポージャをもっと減らさなかったのと、もっと海外資産にティルトしなかったのが悔やまれます。

というわけで、今年はもうちょっとまじめに資産運用についても考えようかなと思った新年でございました。

みなさまの一年が良い一年でありますように。

by Nat at January 02, 2015 03:50 AM

December 14, 2014

Kaliya Hamlin

Internet Identity Workshop #20 is in April !!

IIW is turning 20 !

That is kind of amazing. So much has evolved in those 10 years.
So many challenges we started out trying to solve are still not solved.

I actually think it would be interesting as we approach this milestone to talk about what has been accomplished and what we think is yet to be accomplished.

I am working on organizing a crowd funding campaign to support completing an anthology that I have outlined and partially pulled together. I will be asking for your support soon. Here is the post on my blog about it.

In the mean time tickets for IIW are up and for sale! You can also order a special T-shirt we are designing especially for the occasion.

by Kaliya Hamlin, Identity Woman at December 14, 2014 11:31 PM

Kaliya Hamlin

ID Anthology – the community “cannon”

A few years ago I pulled together the start of a community anthology.
You could think of it as a cannon of key blog posts and papers written in the Identity Gang and circulated around the Internet Identity Workshop and other conferences back in the day like Digital Identity World.

I think with IIW coming into its 10th year and #20 and #21 happening this year the time is right to make a push to get it cleaned up and actually published.

We need to make the important intellectual and practical work done thinking and outlining digital identity that this community has done .  I also have included works that highlight key issues around user-centrism and identity that originated from outside the community of the identerati.

I am working on organizing a crowd funding campaign to raise a small amount to work with a professional editor and type setter get the needed copyright clearances so we can have a “real” book.

In the mean time I have this outline below of articles and pieces that should be included.

I would love to hear your suggestions of other works that might be good to include. It may also be that we have So many that choose to do more then one volume. For this first one my focus is more on early works that were foundational to a core group early on – essays and works that we all “know” and implicitly reference but may not be known or accessible (because they are 6-10 years ago in blogosphere time and that is eons ago) or may not even be on the web any more.

You could comment on this blog. You could use the hashtag #idanthology on twitter. You could e-mail me Kaliya (at) Identitywoman (dot) net. Subject line should include IDAnthology

The book would be dedicated to the community members that have died in the last few years (I am open to including more but these are the ones that came to my mind).

  • Nick Givitosky
  • RL “Bob” Morgan
  • Bill Washburn
  • Eno Jackson

Digital Identity Anthology

Context and History from the User-Centric Identity Perspective

edited by Kaliya “Identity Woman”

Forward, Preface, Introduction – TBD

Openning Essay – by Kaliya

Contextualizing the Importance of Identity

Protocols are Political – Excerpts from Protocol: How Control Exists after Decentralization

Identity in Social Context

Identity in Digital Systems

The “Words” – taking time to contextualize and discuss the meaning of words with broad meaning often used without anchoring the particular meaning the author is seeking to convey.

Identity
Trust
Reputation
Privacy
Security
Federation

Pre-Identity Gang Papers

Building Identity and Trust into the Next Generation Internet (10 page summary)

Accountable Net (summary or key points)

Cluetrain Manifesto by Doc Searls et al. (some key highlights)

The Support Economy (some key excerpt?)

Identity Gang Formation

Andre Durand’s talk at DIDW way back in the day.

Blog post of Kaliya and Doc meeting at SBC (now ATT ) park in SF -

Dick’s Identity 2.0 talk.

Phil’s Posts

Johannes – early Venn

The Community Lexicon

Laws of Identity + Responses

The Laws of Identity

4 More Laws (by Fen Labalme)

Verifiable, Minimal and Unlinkable (by Ben Laurie)

Axioms of Identity

Key Identity Gang Ideas + Posts

On The Absurdity of “Owning One’s Identity

Law of Relational Symmetry

The Limited Liability Persona

Identity Oracles  (Bob Blakley)

Identity Spectrum version 1 version 2    (Kaliya)

Onion Diagram (by Johannes)

Venn of Identity (Eve Mahler)

Claims and Attributes

Context and Identity

Signaling Theory

Agency Costs

Social Protocols

 What is Trust?

The Trouble with Trust and the Case for Accountability Frameworks

Trust and the Future of the Internet

User-Centric ID and Person-hood.

At Crossroads: Personhood and Digital Identity in the Information Society

The Properties of Identity

The Privacy Frame

Ann Covukian’s Take

Daniel Solove’s work

Taxonomy of Privacy

Model Regime of Privacy

Understanding Privacy

The Future of Reputation

Nothing to Hide

Identity and Relationships

A Relationship Layer for the Web, Burton Group Paper

Privileged and Not Gender and Other Difference

Genders  and Drop Down Menus

Designing a Better Drop-Down Menu for Gender

Disalienation: Why Gender is a Text Field on Diaspora

“Gender is a Text Field” (Diaspora, backstory, and context)

NymRights

There were many posts that arose out of the NymWars that began with Google+ turning of people’s accounts in July of 2012 – I have to go through and pick a good selection of those from BotGirl, Violet Blue and others.

Personal Data Concepts and Principles

Vendor Relationship Management Community,

The Support Economy

Exploring Privacy:

LumaScape of Display Advertising

My Digital Footprint (By Tony Fish)

Personal Data the Emergence of a New Asset Class, WEF Report

Rethinking Personal Data: Strengthening Trust

The Paradox of Choice: Why More is Less

Visions and Principles for the Personal Data Ecosystem (Kaliya)

PDX Principles (Phil Windley)

Control and Protocol

Its Not so Simple Governance and Organizational Systems Theory

Accountable Net

Visa the Original “Trust Framework”

Life organizes around identity form When Change is out of Control. and Using Emergence to take Social Innovation to Scale.

Intervening in Systems

Closing Essay

Appendix 1: Information Practices the Evolution of FIPPs

Drawing on this work.

Appendix 2: Bills of Rights

“The” Words

by Kaliya Hamlin, Identity Woman at December 14, 2014 11:25 PM

Kaliya Hamlin

A Preliminary Mapping of the Identity Needs in People’s Life Cycles

This start of a paper and idea for an interactive Exercise to be done at the ID360 Conference was written by myself and Bill Aal. It was submitted to the 2014 ID360 Conference put on by the Center for Identity at the University of Texas at Austin.

Over people’s life cycles there are many different “identity events” that occur. While considering how people interact with an identity ecosystem the whole range of lifecycle events must be considered not just those in mid-life career people.  We present a draft Field Guide to the different stages of life naming different key events and contextualizes what identity needs they might have. We also explore a user centric view of the hat looks at the digital lifecycle from the perspective of our needs as people in a social context. This may be contrasted with a view of the digital life cycle from governmental, civil society or business perspectives. We end with exploring the implications of going beyond the tension between privacy rights and institutional desires for security and authentication.

This paper builds on some of the key concepts of the paper also submitted to ID360 by Kaliya Hamlin entitled The Field Guide to Identity: Context, Identifiers, Attributes, Names and More

The first part of the paper draws  the key concepts from that paper and go on to articulate to ask critical questions that are particular to the Digital Life Cycle. It is an attempt to layout a research program for a user centered view of the digital life cycle.

The second part of the paper charts key life stages and identity events along with community and institutional interactions that are likely.  We would like to work with the organizers of the conference to have a interactive wall sized paper map available in the conference center as the event is happening to both consider each phase from the individual’s point of view and the institutions and potentially contextualize the contributions of different papers/presentations on the map.

Key concepts:

Identity is socially constructed and contextual.

More and more at earlier and earlier ages, we are given identifiers by the state, medical institutions and educational institutions that signify who we are in the social field.
How do our identities evolve through an interaction between our bio/social roots and the institutional identifiers we are assigned?

When are we recognized as a person?

Do we think of ourselves as our drivers license, or library card identifiers??Does our online representation play out in the development as human identities?

Self as a Part of Something Greater

We are defined by who we are, connected to our identities as part of something greater.
Do online identities support that sense of being part of a larger whole?

Context of Observation

The context of observation matters for shaping our identities. It defines the scope of our freedom expression our ability to make choices about context. There are three different types of observation that are quite different.

Being Seen – a mutual act. I see you, You see me. We see each other.  ?How do digital social networking identities help us see each other?

Being Watched – This is where one is observed but it is not known by the person who is looked at.  There may be interaction between actors, but there is less of an  “I- thou” quality. How do we know when we are being watched?   In small society social interactions, we grow up being watched and knowing that we are being cared for.
How do our online identities help us be seen as we mature?

Being Stalked – This is what happens when the watching shifts from an appropriate happenstance window of time and space to  watching over time and space – to following and monitoring our behavior without our knowledge. Recent attention to government surveillance and corporate access to our most intimate online interactions gives rise to anxiety over privacy/anonymity.
How do we create principles that allow for control over the stalking?

Self in Mass Society

The self is shaped differently by living in a mass society.
The first systems of mass identity were paper and bureaucratic record keeping of the state as way to give abstract identity to citizens to provide them services and to control their movement. It is vital to remember that we are not our government issued paperwork.

We are people with our own identities, our own relational lives in our communities. We must not mistake how identity in mass society operates for what it is a system, a set of technologies to manage identity in mass society.
How can we create systems of digital identity that recognize and support our having continuity across governmental, educational and medical systems, that protect our first amendment and privacy rights?

Self in Communities

Communities provide the middle ground in between the Small Society and Mass Society modalities of Identity. Communities of interest, communities of practice and geography give us the affordance to move between different contexts and develop different aspects of ourselves. This type of contextual movement and flexibility is part of what it mean to live in cities and particularly large cities, where people in one context would not necessarily share other contexts. We need to work to ensure the freedom to move between communities is not implicitly eroded in the digital realm. One key way to do this is to build digital systems that people have the capacity to use non-corelateable identifiers (pseudonyms) across different contexts they do not want linked.

Self in relationship to Employers

The power relationship between an employee and an employer is quite clear.  This power relationship is NOT the same of an individual citizen’s relative to their government or the power relationship of a person relative to communities they participate in. There is a tension between the employers rights and responsibilities and the individual employees rights and responsibilities.
For example, should an employer have the “right” to access an employee’s private social network activities, or surveillance of their life outside the workplace?
What are the digital assets that are uniquely the employer or employee?
How can standards apply across the business world??

Other areas we wish to explore:

  • Self in Relation to Peers
  • Self in Relation to the Education System
  • Self in Relationship to the Medical System and Social Services
  • Self in Relation to the State

Power and Context

The Self in a Small society is embedded in a social mesh one can not escape. There is no “other place” and one is defined in that society and because it is so small one can not leave. The self in a Mass society is in a power relationship with the state. Where one has rights but one also must use the identification system they issue and manage to interact and connect with it.

The self in community gets to navigate a myriad of different communities ones each with its own social constructions and how power operates and flows within it. (egalitarian, religions, social)communities, work places (traditional owner – worker | worker owners | holocracy).  These communities, needs and responsibilities change over a person’s lifetime.
How can consistent, yet user centered identity frame works support this development?

Where to Start

The start of all our conversations about people’s identity comes from being embodied being in a social context.  Online digital identifiers and systems at their best should support the unfolding of our identities, help us access institutional and government services, as well as help those systems provide better service.

Contexts in which Identity Lifecycle issues arise:

We are at the beginning stages of exploring how from a person’s perspective, their online identities can evolve.  This is in the process of being refined by looking at the identity needs of the individual, the state and businesses and where those interests might clash.  This is a long term research project that we are initiating  The idea is to go  beyond the usual clashes of privacy and personal rights vs big data.  Etc/

This is the beginning of a research project that we are just initiating.
We invite the collaboration of the ID360 and other professional and academic communities.

Person’s View Institutional View
Pre-Birth
Prenatal Screening
Birth
Naming
National Identity Number
Community Acknowledgement
Enrollment in Mass Society
Medical Info
Adoption
Kid
School
After-School
Camp
Sports
Arts
Online social networks
Gaming
Medical
Biometrics
RFID Tags
Teen
Self Expression / Identity Exploration Online
School ID
Drivers License
Banking Info
Medical
Sports
Social Networking
Work related
Student
University/Trade School
Student Loan
Social Identity
Adult
Economic Realm
Consumer
Worker
Owner
Owner of major items such as
Car/Home
Social Identity
Computers / Portable Devices
Financial
Community Realm
Political affiliation
local, state/provincial and national government, rights and responsibilities
(Taxation, licensing, relation to court systems, permits etc)
Voting Eligibility, residential status, citizenship, entitlement programs
Religious Affiliation
Interest Groups
Service Groups
Special Needs
Mental Disabilities
Physical Disabilities
Relational
Married
Partnered
Parental
Divorce
Blended Families
Elder
Retirement
Deteriorating Mental /Physical Condition
Death
Post Death Digital Life

by Kaliya Hamlin, Identity Woman at December 14, 2014 10:12 PM

December 13, 2014

Nat Sakimura

ザ・クリスマス・ソングをフルートで吹いてみた

今年もお世話になった方々へ、クリスマス・カードにかえて…。

The Christmas Song はMel Torme & Robert Wellsが1944年の夏の暑い日[1]に、寒い時のことを思えば少しは涼しくなるかと書いた曲です。その頃はまだエアコンとかなかったので、精神的エアコンを目指したわけですね。わずか40分で書いたこの曲は、ナット・キング・コール(Nat “King” Cole)の歌で大ヒットし、もっともよく演奏されるクリスマス・ソングの一つになりました。

「栗は暖炉で炙られている。鼻は冬将軍に弾かれている。」で始まるこの歌は、こどもが目を輝かせてプレゼントを待って眠れなく、トナカイが空を飛べるところを隠れて見つけてやろうと考えているところなどを描写する、とても心温まる歌です。

1歳から92歳までの子供に、この簡単な言葉を贈ろう。
何度も色々な言い方で言い古されてきた言葉だけど、『あなたにメリー・クリスマス』。

相変わらず一発録り[2]なので色々瑕疵がありますが…。お楽しみください。Merry Christmas!

[1] 日本はその頃、「鬼畜米英」で全く余裕もなく総力戦をやっていたわけで、彼我の余裕の違いがまざまざと。

[2] それだけじゃなくて、そもそもジャズを勉強したことないし、結構ジャズをされる方からしたら変な演奏だと思います。6日前にこの楽譜(めちゃモテ・フルート「ザ・クリスマス・ソング」)をゲットした時は、どう弾いたものか途方にくれたくらいですから。ジャズとクラシックだと語法も何も違いますからね…。

by Nat at December 13, 2014 03:00 PM

December 12, 2014

Kaliya Hamlin

We must understand the past to not repeat it.

Please see the prior post and the post before about how we got to discussing this.

We can not forget that the Holocaust was enabled by the IBM corporation and its Hollerith machine.  How did this happen? What were these systems? How did they work? and particularly how did the private sector corporation IBM end up working a democratically elected government to do very horrible things to vast portions of its citizenry? These are questions we can not ignore.

In 2006 Stefan Brands gave a talk that made a huge impression on me he warned us and audience of very well meaning technologists that we had to be very careful because we could incrementally create a system that could lead to enabling a police state. It was shocking at the time but after a while the point he was making sunk in and stuck with me. He shared this quote (this slide is from a presentation he gave around the same time)

Stefan

It is the likability that is the challenge.

We have to have the right and freedom NOT to be required to use our “real name” and birthdate for everything.

This is the defacto linkable identifier that the government is trying to push out over everything so they can link everything they do together.

Stephan proposes another Fair Information Principle.

Stefan6

I will share more of Stephan’s slides because I think they are prescient for today.

Stephan’s slides talk about User-Centrism technology and ideas in digital identity – ideas that have virtually no space or “air time” in the NSTIC discussions because everything has been broken down (and I believe intentionally so) into “security” “standards” “privacy” “trust frameworks” silos that divide up the topic/subject in ways that inhibit really tackling user-centrism or how to build a working system that lives up to the IDEALS that were outlined in the NSTIC document.

I have tried and tried and tried again to speak up in the year and a half before the IDESG and the 2 years since its existence to make space for considering how we actually live up to ideals in the document.  Instead we are stuck in a looping process of non-consensus process (if we had consensus I wouldn’t be UN-consensusing on the issues I continue to raise).  The IDESG are not taking user-centrism seriously, we are not looking at how people are really going to have their rights protected – how people will use and experience these large enterprise federations.

Yes everyone that is what we are really talking about…Trust Framework is just a code word for Enterprise Federation.

I went to the TSCP conference a big defence/aerospace federation (who was given NSTIC grants to work on Trust Framework Development Guidance) where this lovely lady Iana from Deloitte who worked on the early versions of NSTIC and potential governance outlines for IDESG – she said very very clearly “Trust Frameworks ARE Enterprise Federations” and it was like – ahhh a breath of fresh clear honest air – talking about what we are really talking about.

So back to the Stephan Brands re-fresher slides on user-centric ID so we don’t forget what it is.

Stefan5

Stefan4

Stefan2

Stefan3

Stefan2

Look at these, take them seriously.

by Kaliya Hamlin, Identity Woman at December 12, 2014 07:31 PM

Kaliya Hamlin

Faith and the IDESG

Since becoming involved in the IDESG, I have become concerned that we do not have people of religious faith – with that as their primary “identity” within the context of participating in the organization. Let me be clear about what I mean, we have many people of many faiths involved and I am not disrespecting their involvement. We also don’t have people who’s day job is working for faith institutions (that they would take time out from to “volunteer” on this effort to explicitly bring in a faith perspective). Someone from say the National Council of Churches would not be a bad thing to have given that one of groups of people who today have consistently sue against “identity systems” are Christians objecting to ID systems put into public schools to track children students. With this proactive faith stance involved the systems we are seeking to innovate reduces the risk of rejection via law suite. I also think the views of those from Jewish, Muslim Sikh, Budhist, Hindu and other faiths should be proactively sought out.

Another Tweet from the Tampa meeting….

Tampa15

by Kaliya Hamlin, Identity Woman at December 12, 2014 05:46 AM

Kaliya Hamlin

Dear IDESG, I’m sorry. I didn’t call you Nazi’s.

The complaint  by Mr. Ian Glazer was that I called my fellow IDESG colleagues Nazi’s. He was unsatisfied with my original statement about the tweet on our public management council mailing list.  Some how this led to the Ombudsman taking on the issue and after I spoke with him in Tampa it was followed by a drawn out 5 week “investigation” by the Ombudsman before he issued a recommendation.  During this time I experienced intensive trolling about the matter on twitter itself.

Here is the tweet that I authored while pondering theories of organizational dynamics in Tampa and without any intent to cause an association in the mind of a reader with IDESG, NSTIC, nor any person or persons in particular note that I did not reference anyone with a @____ or add any signifying hashtags e.g., #idesg or #nstic in this tweeted comment.

Tampa11

I own that the tweet was provocative but it was It was not my intent to cause harm to anybody or to the IDESG organization and wider identity community.

I in no way intended to imply that any member of the IDESG has any intention remotely similar to those of the NAZI party of Germany.

I in no way intended to imply that the content of the meeting of the IDESG related to the content of the meeting I referenced in the tweet.

I am very sorry if the tweet had an emotionally negative impact on people on the management council and particularly those of with Jewish Heritage.

I fully acknowledge that referencing anything relative to the Nazi era is triggering. It touches on our collective shame and surfaces vulnerability it is very hard to look at.

I also believe that we have to actually be prepared to do so. If we don’t examine the past we can’t be sure we will not repeat it. [Please click to see my my next post for this to be further expounded upon]

I’m sorry I didn’t say something along these lines sooner.

One should not feed the internet trolls and I didn’t.

I was in a process were I felt it was inappropriate to speak about this more until the Ombudsman’s process had run its course.

I think that we all need to keep in mind our roles as Directors of the IDESG when we interact with the public and with each other.

The whole process left my and my attorney puzzled. My attorney wrote a letter to the Management Council/Board of Directors with a whole bunch of questions and now that this is posted we look forward to their answers to those questions.

by Kaliya Hamlin, Identity Woman at December 12, 2014 05:42 AM

December 11, 2014

Kaliya Hamlin

The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 1 Intro + What is Identity

This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.

Introduction

I was attending a day long think tank called Forces Shaping the Future of Identity hosted by the Office of the Director of National Intelligence and facilitated by the Institute for the Future. A man in the audience pipped up “Are we going to Define what we mean by Identity?” I smiled :).  One can’t go very far in a conversation about identity before someone asks “that” question. It always is asked when space is opened up to discuss the topic.
I have been engaged with communities of technology professionals and with forward looking civil society organizations circling around the question what is Identity for over 10 years. The simple one-liner comprehensive definition that I use is Identity is socially constructed and contextual. However it’s just one line.  This paper is a Field Guide covering core concepts along with a visual language to represent them so we can talk about it in a meaningful way across the whole lifecycle from cradle to grave, both online and off and in other times.  It builds on the model we used for the Field Guide to Trust Models that I co-wrote last year for the ID360 Conference.

Part 2: Names, Part 3: Identifiers  Part 4: Name Space, Attributes and Conclusion.

This is Part 1:

What is Identity?

Identity is socially constructed and contextual.

Our sense of self arises first from our social interactions with our family of origin.  Humans are unique animals in that 80% of our brain growth happens outside of the womb in the first three years of life. Our family of origin is within the context of a community and in this age broader society that ultimately reaches to be global in scope.
The names we have, identifier systems, attributes that are articulated all depend on our context and from there the social constructions that define these.

Sense of Self

We are told who we are by our family – they give us a name and share with us who we are.

When does it begin? When people recognize you?

When are we recognized as a person?  Different cultures have different traditions.
I have had a connection with the 3HO Sikh community. When a woman is 120 days pregnant there is a celebration to welcome the spirit of the child into the community. Women who give birth in that tradition stay at home and don’t go out for 40 days after the child is born.

Self as a Part of Something Greater

We are defined by who we are connected to. Our identities as part of something greater. Children seek to understand their environment to understand where they fit in. An example from my childhood is one my first memories.  I remember a Canada Day Celebration we attended in Hastings Park. Being Canadian is to be mutli-cultural. The day had different ethnic communities performing on a stage different folk dances while dressed in traditional dress. At some point they handed out Canadian flags on 30 centimeter (12 inch) flag poles with a stand made out of shiny gold colored plastic in a box. It symbolizes this point in time where I understood myself to be part of something bigger to be part of the nation I was born in along with understanding some key values.

Projection of Self

We begin to understand who we are by projecting ourselves into these contexts we find ourselves and learning from the response – shaping ourselves.
There is an African saying/word –  Ubuntu – I am because you are. We are the authors of each other.

Context of Observation

The context of observation matters for shaping our identities. It defines the scope of our freedom expression our ability to make choices about context.
There are three different types of observation that are quite different.

Being Seen – a mutual act. I see you, You see me. We see each other.

Being Watched – this is where one is observed but it is not known by the observee. However it is known to the observee that they might be watched for example walking down one’s street, one knows that one could be seen by any of one’s neighbors looking out their window. One also knows that being inside of one’s own home prevents one from being watched. When walking into a store one knows that the storekeeper will see us, watch us in the store and we know that when we leave the store they will not be able to watch us. When we return to the same store they will likely recognize us (because we are returning in the same body) and know something about us based on prior interactions. In time a relationship of knowing might develop.
It should be noted that our bodies in physical space give away attributes about us that we can not proactively hide. Because we live in a society that is full of implicit bias the experiences of different types of people is different in the world.  Banaji’s work on implicit bias is a starting point. Following the Trayvon Martin verdict the president gave a speech where he said that before he was president he regularly was shadowed while shopping in stores because he was stereotyped. My partner had this happen to him this fall while shopping at Old Navy and it was not the first time.

Being Stalked – This is what happens when the watching shifts from an appropriate happenstance window of time. To watching over time and space – to following and monitoring our behavior without our knowledge.

Self in Small Society

I have often heard it said that with the advent of what appears to be ubiquitous digital identity and the fact that we can be “seen” is just like it was when we lived in small societies.

In small societies it is said that there is no privacy – everyone knows everyone’s business. Their is another layer there is a relational human connection that weaves the people in this context together.

They know each other, they can understand when they are seen and know they are being watched as the move about town.

In a a small society you also know when you are not being watched when you are in your own home with your blinds drawn.

A mesh-network of relationships that form over life and inter-generationally that inform identity and role in the society.

Self in Mass Society

The self of is shaped by living in a mass society.

We developed systems using the technology of paper and bureaucratic record keeping of the state as way to give abstract identity to citizens to provide them services. This began first with the pensions given to civil war veterans. In the 1930’s a system was developed to support people paying for and getting Social Security benefits. The advent of cars as machines that people operate gave rise to the development of licensing of people to be able to drive the vehicles. These all assigned people numbers by the state so they can present themselves to the state at a future time and be recognized. It is vital to remember that we are not our government issued paperwork. We are people with our own identities, our own relational lives in our communities. We must not mistake how identity in mass society operates for what it is a system, a set of technologies to manage identity in mass society.

Self in Communities

Communities provide the middle ground in between the Small Society and Mass Society modalities of Identity. Communities of interest, communities of practice and geography give us the freedom to move between different contexts and develop different aspects of ourselves. This type of contextual movement and flexibility is part of what it mean to live in cities and particularly large cities. Where people in one context would not necessarily share other contexts. The freedom to move between different contexts exists in the digital real. The internet enabled those in more remote locations to also participate in communities of interest and practice well beyond what they could access via their local geography. We need to work to ensure the freedom to move between communities is not implicitly eroded in the digital realm. One key way to do this is to ensure that people have the freedom to use non-corelateable identifiers (pseudonyms) across different contexts they do not want linked.

Self in relationship to Employers

The power relationship between an employee and an employer is quite clear. The employer does the vetting of potential new employees. They are hired and given access to the employers systems to do work for them. When the employee was no longer working for a company because of any number of reasons – retirement, resignation, termination – the employer revokes the employees ability to access those services. This power relationship is NOT the same of an individual citizen’s relative to their government or the power relationship of a person relative to communities they participate in. In both cases the person has an inherent identity that can not be “revoked”.

Power and Context

The Self in a Small society is embedded in a social mesh one can not escape. There is no “other place” and one is defined in that society and because it is so small one can not leave.

The self in a Mass society is in a power relationship with the state. Where one has rights but one also must use the identification system they issue and manage to interact and connect with it.

The self in community gets to navigate a myriad of different ones each with its own social constructions and how power operates and flows within it. (egalitarian, religions, social) communities, work places (traditional owner, worker | worker owners | holocracy).

Abstraction

The start of all our conversations about people’s identity comes from being embodied beings. The beauty of the digital realm is that we can abstract ourselves from our bodies and via digital identities interact via digital media. This gives us the freedom to connect to communities beyond those we could access in our local geographic location.

Atoms and Bits

Atoms and Bits are different. The difference between them is still not well understood.

  • “Atoms” Physical things can only be in one place at one time.
  • “Bits” Can be replicated and be in two or more places at once.

Physical Body

Atoms – We each have only one physical body. Our physical bodies can only be in one physical place at once. It is recognizable by other humans we meet and interact with. Because it is persistent we can be re-recognized and relationships can grow and evolve based on this. When we move between contexts in physical space – we can be recognized in different ones and connections made across them. We also have social norms, taboos and laws that help us maintain social graces.

Digital Representation

Bits – When we create digital representations of ourselves we get to extend ourselves – our presences to multiple places at the same time. We can use a digital identity that is strongly linked to the identity(ies) and contexts we use/have in the physical world. We also have the freedom to create a digital representation that steps out of the identity we occupy in the physical realm.

We can be an elf or an ork in a online game.
We can cloak our gender or choose to be a different gender.
We can cloak our race or choose to be a different one when we represent ourselves online.
We can interact on a level playing field when in the physical realm we are confined to a wheel chair.

These identities we create and inhabit online are not “fake” or “false” or “not real”. They are representations of the self. The digital realm is an abstraction and gives us the freedom to articulate different aspects of ourselves outside of the physical world.

Digital Dossier

In the digital realm because it is en-coded means that our our movements around digital space leave trails, records of the meta-data generated when we click, type, post a photo, pay for a song do basically anything online. We leave these behind and the systems that we interact with collect them and reconstruct them to develop a digital dossier of us. This behavior if it happened in the world of atoms in the physical space would be considered stalking. We have a stalker economy where our second selves are owned by corporations and used to judge us and target things at us.

Power in Space & Relationships

The freedom of people to transend aspects of identity from the physical world is disruptive to some of default power dynamics.

Disrupting Privilege

The push back against Google+’s requirement for the use of “real names” was lead by women and others who use the freedom of the digital realm to step out of the bias they experience in the physical world.

The people who were pro-real name were largely white men from privileged positions in the technology industry and implicitly through the support of the policies wanted the default privileges they enjoyed in the physical realm to continue into the digital.

Shape of Space

In the physical world we understand how different physical spaces work in terms of how big they are, how many people are in them, what the norms and terms and conditions are. We know that based on these we have a social understanding.

The challenge in the digital world is that the space is shaped by code and defined by the makers of the contexts. These contexts can change at their will. As has happened repeatedly with Facebook’s changing settings for who could see what personal information. This instability creates mistrust particularly by vulnerable people in these systems.

The commercial consumer web spaces currently have a structure where they collect so much information about us via their practices of stalking us digitally. They have enormous power over us.

by Kaliya Hamlin, Identity Woman at December 11, 2014 09:53 PM

Kaliya Hamlin

The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 2: Names

This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.

Part 1: Intro + hat is Identity?   Part 3: Identifiers  Part 4: Name Space, Attributes and Conclusion.

This is Part 2:

Names

Names are what we call ourselves and what others call us. They are a special kind of identifier because they are the link between us and the social world around us. We present ourselves using names so people know how to refer to us when talking to others or call us when they are talking to us. They convey meaning and have power.

Digital devices can also have names are defined by the administrators of these devices. Places have names given to them by people in a given context these help us refer to a geographic location. It should be noted that the names first nations (indian or native american) people had for places are different then the ones that the American’s colonized their land used.

Given Names

These are the names our parents give us when we are born. In America we have a naming convention of a first name and last name. This convention originates from ___ when states were seeking to impose control.

Name structure in various cultures

Different cultures have very different naming conventions. In Hong Kong their is a convention of an english first name written in English and a Chinese character written last name. In Mayanmar everyone has a first name.

Meaning in Wisdom Traditions

Different wisdom traditions ascribe different ways to interpret and ascribe meaning in names.

NickName

These arise when people start to refer to us by a different name then the name we might give ourselves. We can take these on and they can become our name. They might arise from our families, from school, from sports teams, social clubs, work places. In these different contexts, the name that we are referred to may have nothing to do with the name our our birth certificate and the people using the name to refer to us.

Name on Government Issued Paperwork

We have a convention in the liberal west of registering names with the state. This originated out of several practices in the last several hundred years. One key aspect of this is to both provide services to citizens but also to control citizens.

Pen Name / Stage Name

A name used by artists for their artistic expression and authorship. It does not match the name on government issued paperwork and is often used to obscure the link between such authorship and government paperwork names so that they are free to express themselves artistically.

Autonym

A name that one uses to refer to themselves. An example is that when Jorge Mario Bergoglio became pope he chose to become Pope Francis.

Pseudonym

A name that one uses to interact in various contexts that may be linked one’s name on one’s government issued paperwork. Bob is clearly linked to the name Robert or Barb to Barbara or Liz to Elizabeth on government issued paperwork. It is important to note that many non-european languages also have examples of these.

Mononym

This is name consisting of a single word. Examples include Stilgarian and Sai. Madona or Cher are examples of Pseudonymous, Mononym, Stage Names

Handle

A name that one uses to represent ones digital identity in online contexts. It arose in computer culture when people needed to have a user name within a computer system. This is closely related to Screen names.

Screen Name

The name that one chooses to have displayed on screen. In a system like World of Warcraft the service knows identity information of their clients who pay monthly to access their service. They choose to support those player presenting to the other players on the system and forums a “screen name” that reflects their gaming persona or character name.

Name Haystack

Different Names have different qualities of hiding in the haystack of the similar or the same names. Some people have huge name – haystacks where tens of thousands people have the same name – Mike Smith, Joe Johnston, Mohamed Husain, Avi Blum, Katherine Jones. Mike Garcia who works for NIST said that there were 17 different Mike or Michael Garcia’s. People use pseudonyms to help manage the fact that name-haystacks exist making them more or less identifiable depending on the size of theirs.

Roles

RBAC – Roll Based Access Control is based on managing the rights and privileges for digital systems based on roles. When a person gets a role assigned to them the inherit the privileges.

Community groups also have different roles that might have . Earn role from getting a degree.

Titles, Given and Created

There is a history of titles being pasted down.

Eastern Wisdom Traditions pass them down from guru to student creating lineage’s.

I have had conversations with friends about who the next “Identity Woman” might be. This identity that I have constructed to hold an aspect of my self – work focused on people’s rights around their digital selves. I could see at some point handing this identity over to someone else who wants to continue the torch over.

Collective Single Identity

Theses identities are co-created by two or more people. They are managed and maintained and people jointly act together to create a persona.

by Kaliya Hamlin, Identity Woman at December 11, 2014 09:52 PM

Kaliya Hamlin

The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 3: Identifiers

This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.

Part 1:  Intro + hat is Identity?   Part 2: Names   Part 4: Name Space, Attributes and Conclusion.

This is Part 3:

Identifiers

For people Names are a special class of Identifiers. They are both self-asserted by people and are used to refer to them and acknowledge them in social context.

System Identifiers

In systems, bureaucratic, digital and techno-bureaucratic identifiers are alpha numeric string pointers at/for people in systems.

This may seem simple but their are many different types and a person with a record in a system will likely have more then one type. To get these different types of identifiers I will share different examples.

Persistent Correlateable Identifiers

This type of identifier is re-used over time within contexts and across multiple contexts.

Examples

Student Number - When I enrolled at my university I was assigned an 8 digit student number. This number was persistent over my time as a student at the school. When interacting with school institutions I was asked to share this number so that activity could be linked together across different facets of the institution.

Social Security Number – This number is issued by the federal government to those born in the US as part of the standard process for being born. It is meant to help those who submit money to the SSN system and when they retire be able to collect money from the system.

Phone Number - People today often have a personal number that they use across many different contexts. It is common place to ask for a phone number to be able to contact a person. What people don’t know is that those are used to look people up in data broker services. The phone number is used to link together activity across contexts.

E-mail Address - Many people have one personal address and use it These are often used across different contexts. What people don’t know is that those are used to look people up in 9data broker services like RapLeaf.

Directed Identifiers

A directed identifier is created to support individuals using different identifiers in different contexts. The purpose of this is to inhibit the ability to link records across contexts.

Examples

The British Columbia eID System – This system enrolls citizens and issues a card to them. When the card is used to access different government systems by the citizens. It does not use one identifier for the citizen. Rather for each system it uses a different identifier for the system – an identifier directed for a particular system.

Defacto Identifiers

By combining a name names, and key attributes together systems use this combination to create a defacto identifier which uniquely identifies a person often in the context of a whole society. An example is the us of “name” “birth date” and “birth place”. It seems innocent enough to be asked for one’s name, birthdate and place but this becomes a persistent correlateable identifier to link and track activity across many systems. The creation of defacto identifiers that are persistent and correlateable limits people’s ability to control how they present in different contexts.

Opaque Identifiers

An opaque identifier is one that does not give away information about the subject it identifies.

Examples of Opaque Identifiers

The BC Government eID program has at its core an opaque identifier on each card – it points to their card record. It is just a number with no meaning. If they loose their card a new opaque identifier is issued for their next card.
Examples of Non-Opaque Identifiers

National Identity Number in South Africa contains a lot of information it is a 13-digit number containing only numeric characters, and no whitespace, punctuation, or alpha characters. It is defined as YYMMDDSSSSCAZ:

  • YYMMDD represents the date of birth (DoB);
  • SSSS is a sequence number registered with the same birth date (where females are assigned sequential numbers in the range 0000 to 4999 and males from 5000 to 9999);
  • C is the citizenship with 0 if the person is a SA citizen, 1 if the person is a permanent resident;
  • A is 8 or 9. Prior to 1994 this number was used to indicate the holder’s race;

• Z is a checksum digit.

The US Social Security Number is created via a formula and so the number gives away information about the person it identifiers.

Phone numbers give away information about the metro region that a person was issued the number from.

End-Point

Some identifiers that represent people are also end-points to which messages can be sent.

Physical Address

It is often forgotten in conversations about digital identity that we had a system of end-points for people before networks known as a mailing address. They system of mailing addresses was developed and is maintained by the US postal service.

Network Address

Phone Number – Now with cellular phones people have their own phone numbers (not just one for a household or their workplace as a whole). This permits both voice calls being made, text messages and MMS Multi-Media messages. The name space for phone number originates from the ITU-T. They are globally unique. They are also recyclable.

E-mail Address – These addresses permit people to send messages to the address they have. They are globally unique. The name space for domain names resides with ICANN. They are also recyclable.

Device Identifier

Many digital devices have unique identifiers. Activity on digital networks can be linked together by tracking these activity originating from particular devices even if people using them .

Non-End-Point

These are identifiers that do not resolve in digital or physical networks.

Document Identifiers

Documents like birth certificates have serial numbers that identify the document.

Document Validation Systems

These systems are used to look up which documents are infact valid. When properly constructed they don’t give away any information about the person. Those using the system type in the serial number of the document and information it contains and the system simply returns a Yes/No answer about weather it is valid or not.

Beacons

A beacon actually broadcasts from a digital device a persistent correlateable identifier to any device that asks for it. It creates a form of tracking people and their devices in the physical world.

Examples

RFID chips, cellular phones, laptop computers

Polymorphic

These systems generate different identifiers depending on context.

Examples

The BC eID system way of using one card that then supports the use of different identifiers depending on context.

Time Limited & Revocable

Some identifiers are created and point at a person but are revocable. An example is a phone number that is after one stops paying one’s phone bill for a month is re-assigned to another person. An employee at a company may have an employee number that is revoked (no longer valid) once employment is terminated. A passport number is an identifier that has a time limit it is good for 5 or 10 years. A landed immigrant card (green card) in the US is only good for 10 years.

Un-Revocable

These identifiers are persistent and are not revoked. Examples include Social Security Numbers.

Identifier Issues

Identifier Recycling

Some identifiers are in systems where identifiers that point at one person can be discontinued (they stop paying their phone bill or using their e-mail address) and then the identifier can be re-assigned to a different user.

Delegation (Acting on Behalf of Another)

This functionality is critically to a variety of user populations. Elders who want to delegate access to their accounts children. Service professionals who have contractual relationships with clients such as an accountant managing access to financial & tax records. Most systems are designed with an assumption that people themselves are the only one accessing accounts. This creates a problem when people want to delegate access they have to turn over their own credentials so the person they are delegating to “pretends” to be the actual user.

Stewardship (Care-Taking – Oversight)

Their is another role that is slightly different then delegation when someone turns over a power of attorney like function for a particular account/set of functions. Stewardship of identity is the type of relationship a parent has for a child’s identity or the type of care needed to help the mentally disabled with their interactions online.

The Mesh of Pointers

We end-up with a way that identifiers work together as a web of pointers towards a particular individual.

by Kaliya Hamlin, Identity Woman at December 11, 2014 09:52 PM

Kaliya Hamlin

The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 4: Name Spaces, Attributes, Conclusion

This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.

Part 1: Intro + What is Identity?   Part 2: Names   Part 3: Identifiers

This is Part 4:

Name Spaces

Different identifier systems work differently some originate from physical space and others operate purely in the digital realm.

Local

A great example of a local name space in the physical world is a school classroom. It is not uncommon in american classrooms that when there is a name space clash – that is two people have the same name in the same space – they take on different names to be identifiable within that context. Take for example those with the names “Stowe” “Fen” and “Chris” – each is one part of the name Christopher : Chris – Stowe – Fer. When they were in grade school each took on a different part of the name and it stuck with them.

Global

These names spaces mean that identifiers within them are unique and global. Phone numbers, domain names and thus e-mail addresses.

Private

Some private name spaces seem like global name spaces but they are run by private companies under privately decided terms and conditions. Examples include skype handles, twitter handles,

International Registry

These are identifiers in a global space that are registered and managed globally an example is domain names.

Attributes

Self Asserted

These are attributes that people self defined. They include things that are subjective like “favorite color” or “name”

Inherent

These arise from the individual and typically do not change (such as birth date) and are not as morphable. Sex and ethnic identity are things that people have and display in the physical world that don’t (typically) change throughout one’s life.

Ascribed

These are attributes that are given to us by others or by systems. This may include names that are imposed on us by social convention and or power relationships.

Assigned

These are attributes that are given to us by others or by systems.

Examples:

Social Security Numbers are assigned by the Social Security Administration.

Conclusion

Identity is a big topic and outlining the core concepts needed to understand it was the purpose of this paper. We need to think about how the systems that manage identity are structured. Are they designed to have power over people, supporting people having power with one another or enabling power to be networked between us to create something greater then ourselves. These questions are relevant across the whole life-cycle of identity from cradle to grave.

by Kaliya Hamlin, Identity Woman at December 11, 2014 09:51 PM

Nat Sakimura

「同意なんて本当はいらないんじゃない?」 – WirelessWire News(ワイヤレスワイヤーニュース)

私のことが、ワイヤレスニュースに出ていました。

「同意なんて本当はいらないんじゃない?」 – WirelessWire News(ワイヤレスワイヤーニュース).

若干補足をすると、僕が言いたかったのは、

  1. 「明示的な同意」というのは、既にそれが必要な段階で同意すべきものでは無い(何故なら、それは、直接的業務に不必要なデータを取得しようとしているということだから)ので「いらない」。基本的には「暗黙の同意」ベースにすべきだ。
  2. いたるところにカメラのある社会でのべつくまなくデータを垂れ流して歩いている現代人に対しては、取得は時・ところかまわずリアルタイムでずっと起き続けてしまう。つまり、従来に比べて「観測による取得」の比重が増える。この場合、「取得前の同意」というのは破綻していて、「利用前の同意」にシフトせざるを得ない。
  3. 「推測による取得(プロファイリング)」には、本人にとってメリットのあるもの、デメリットのあるもの両方ある。基礎データが取得されていることを本人が知っていて、データのオプトアウトも容易で、かつメリットが有る確率がデメリットの確率に比べて格段に高いならば、そのように「良くしてもらう」ことは本人の期待の範囲として、「暗黙の同意」がある範囲として扱って良いのではないか?一方、デメリットのほうが当該個人について出てしまった場合、企業は少なくとも通知し利用の同意を取らなければならない。

です。 「同意」が要らないなんて言ってないからねw。

by Nat at December 11, 2014 03:36 AM

December 04, 2014

Nat Sakimura

千本桜から小林幸子から和楽器バンドから伝統音楽への流れ

今日流れてきた記事に『小林幸子が示した「干され芸能人」が生き残るための道』というのがあった。芸能界を干された小林幸子がNico動でボカロ曲を歌って復活してきているという話で、ある意味従来モデルの終わりの始まりが示唆されていて面白い記事だった。

そこから、「さちさちにしてあげる♪」→「紅一葉を哀愁感たっぷりで歌ってみた」→「千本桜 【カウントダウンLIVE】」とたどった。

千本桜 」は、2011年黒うさPが作詞・作曲・編曲し、ボーカルに音声合成ソフト「初音ミク」を使用してインターネット上で公開した楽曲で、カラオケなどでも非常に流行っている曲だという[1]。(私は聞いたことなかったが。)オリジナルは、こんな感じ。

動画の完成度に驚かされるが、歌は流石に小林幸子の方が良いなぁと思いつつ下を見たら、「和楽器バンド」というのが見えた。それが、これ。しびれますね[2]。

始まりは和楽器だけ。そしてボーカルの歌い出しから明らかに邦楽をやっている人だというのが分かる。ちょいと調べたら、2012年のコロンビア全国吟詠コンクールの優勝者らしい。すぐに洋楽器も重ねられて低音も補われ、普通のロックとしても聴きやすく成っていて、「これなら世界に出られるんじゃない?」という感じ。ぜひ、クールジャパンで売りだして欲しいところだ[3]。

by Nat at December 04, 2014 05:39 PM

December 01, 2014

Kaliya Hamlin

Field Guide to Internet Trust Models: The Sole Source

Sole Source

A Sole Source is an organization that acts as identity provider (IdP) and relying party (RP) for itself. This organization issues all identities that it recognizes, and only trusts identities that it has issued.

An organization like this does not federate identities at all. Because it does not connect to anything else, this model is sometimes referred to as a Silo, an Identity Island, or a Standalone Domain. The service provider performs its own verification and dictates governance, privacy, and technical terms to all participants.
There is minimal – if any – negotiation between the requester and the service provider. The service provider manages the entire account lifecycle from creation through retirement.

Examples
Historically, this has been the most common identity model because it can be implemented simply and gives the service provider the most control. Large, consumer-facing services like eBay, Facebook, and Yahoo! were created with sole source identity, although many are adopting newer models as internet technology has evolves. Internal corporate services are often sole source, and only accept identities issued by the organization.

The Sole Source identity model

Financial services, and health insurance, are likely to remain sole source identity providers until a strong, multifactor identity gains momentum with consumers and liability questions are settled. There have been several attempts to do this, but none has yet achieved critical mass.

Being a sole source provider does not guarantee account security, as end users may simply give their account login and password to a third party. Tricking users into giving up account information is a common tactic used by “phishing” sites and other criminals, but legitimate services like Mint.com (a US-based financial service provider) also ask for credentials in order to combine information from sites that do not provide APIs.

When to Use
A service that maintains particularly confidential information or valuable assets, or that operates in an uncertain environment. If proper operation and risk management requires a high level of assurance, then consider being a sole source.

Advantages
The service provider can authenticate requesters to whatever level of assurance it desires before issuing an identity and does not depend upon third parties.

Disadvantages
The service provider bears the full management cost of the identity life cycle. The requirement to create a new identity may discourage potential users of the service. The service must provide a product attractive enough to justify asking the requester to create and manage a new account.

Ability To Scale
When the service provider does not need to integrate with any other services or when it is in a position to dictate terms, a sole source trust model can scale to very large systems. The requirement to create and remember new identity can be a barrier to growing the number of active users.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 05:20 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Centralized Token Issuance, Distributed Enrollment

A special case peer-to-peer network. Participants want to establish trusted identities that can be used securely for ongoing, high-value communication among organizations. A trusted, central provider issues identity tokens which are then enrolled independently by each service provider. Service providers are not required to cooperate or accept one another’s enrollments.

Examples: The most common examples are RSA SecurID and SWIFT 3SKey. Hardware tokens are issued by a trusted provider, which are then used to authenticate individual identities.

Each service will require the user to enroll separately, but once the user has registered they can use the token for future interactions.

When the requester wants to use a service, they’re authenticated using the token.

When to use: Strong Authentication across a range of business entities who may have different enrollment requirements.

Advantages: Can provide a high level of identity assurance to institutions spread across legal and national boundaries.

Disadvantages: Can be expensive and complex to implement. Depends upon the existence of a trusted third party who can issue and ensure the security of hardware tokens. Hardware tokens can be lost.

Ability to scale: Can scale to large networks.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:49 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Pairwise Agreement

Two institutions want to trust identities issued by one another, but there is no outside governance or policy framework for them to do so. They negotiate a specific agreement that covers only the two of them. Each institution trusts the other to properly manage the identities that it issues.

Examples: A pairwise agreement can specify governance, security and verification policies, or specific technical methods.

Businesses might negotiate pairwise agreements with large supplier. Educational institutions may craft specific research agreements.

When to Use: Business or institutional partners want to grant one another access to confidential systems or information, but no standard contracts or umbrella organizations exist.

Advantages: Organizations can grant one another access to scarce resources and confidential information. Highly customized for the specific situation and participants.

Disadvantages: Time consuming and complex to negotiate, expensive. Difficult to scale.

Ability to Scale: Pairwise federations do not scale well, because each additional party will need to make a custom agreement with every other party.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:46 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Introduction

This is the first in a series of posts that cover the Field Guide to Internet Trust Models Paper. The paper was presented at the University of Texas at Austin ID360 Conference in 2013.

This paper was collaboration between myself and Steve Greenberg. I had an outline of all the Trust Models and worked with Steve Greenberg for several months to shape it into the paper.

The full papers is downloadable [Field-Guide-Internet-TrustID] (see the bottom of this post for a link to a post on each of the models).

The decreasing cost of computation and communication has made it easier than ever before to be a service provider, and has also made those services available to a broader range of consumers. New services are being created faster than anyone can manage or even track, and new devices are being connected at a blistering rate.

In order to manage the complexity, we need to be able to delegate the decisions to trustable systems. We need specialists to write the rules for their own areas and auditors to verify that the rules are being followed.

This paper describes some of the common patterns in internet trust and discuss some of the ways that they point to an interoperable future where people are in greater control of their data. Each model offers a distinct set of advantages and disadvantages, and choosing the appropriate one will help you manage risk while providing the most services.

For each, we use a few, broad questions to focus the discussion:

  • How easy is it for new participants to join? (Internet Scale)
  • What mechanisms does this system use to manage risk? (Security)
  • How much information the participants require from one another how strongly verified?

(Level of Assurance -not what I think assurance is…but we can talk – it often also refers to the strength of security like number of factors of authentication )

Using the “T” Word
Like “privacy”, “security”, or “love”, the words “trust” and “identity”, and “scale” carry so much meaning that any useful discussion has to begin with a note about how we’re using the words.
This lets each link the others to past behavior and, hopefully, predict future actions. The very notion of trust acknowledges that there is some risk in any transaction (if there’s no risk, I don’t need to trust you) and we define trust roughly as:
The willingness to allow someone else to make decisions on your behalf, based on the belief that your interests will not be harmed.
The requester trusts that the service provider will fulfill their request. The service provider trusts that the user won’t abuse their privileges, or will pay some agreed amount for the service. Given this limited definition, identity allows the actors to place one another into context.

Trust is contextual. Doctors routinely decide on behalf of their patients that the benefits of some medication outweigh the potential side effects, or even that some part of their body should be removed. These activities could be extremely risky for the patient, and require confidence in the decisions of both the individual doctor and the overall system of medicine and science. That trust doesn’t cross contexts to other risky activities. Permission to prescribe medication doesn’t also grant doctors the ability to fly a passenger airplane or operate a nuclear reactor.

Trust is directional. Each party’s trust decisions are independent, and are grounded in the identities that they provide to one another.

Trust is not symmetric. For example, a patient who allows a doctor to remove part of their body should not expect to be able to remove parts of the doctor’s body in return. To the contrary, a patient who attempts to act in this way would likely face legal sanction.

Internet Scale

Services and APIs change faster than anyone can manage or even track. Dealing with this pace of change requires a new set of strategies and tools.

The general use of the term “Internet Scale” means the ability to process a high volume of transactions. This is an important consideration, but we believe that there is another aspect to consider. The global, distributed nature of the internet means that scale must also include the ease with which the system can absorb new participants. Can a participant join by clicking “Accept”, or must they negotiate a custom agreement?

In order to make this new world of user controlled data possible, we must move from a model broad, monolithic agreements to smaller, specialized agreements that integrate with one another and can be updated independently.

A Tour of the Trust Models

The most straightforward identity model, the sole source, is best suited for environments where the data is very valuable or it is technically difficult for service providers to communicate with one another. In this situation, a service provider issues identity credentials to everyone it interacts with and does not recognize identities issued by anyone else. Enterprises employing employees, financial institutions, medical providers, and professional certifying organizations are commonly sole sources. Because this is the most straightforward model to implement, it is also the most common.

Two sole sources might decide that it’s worthwhile to allow their users to exchange information with one another. In order to do so, they negotiate a specific agreement that covers only the two of them. This is called a Pairwise Agreement and, while it allows the two parties to access confidential resources, the need for a custom agreement makes it difficult to scale the number of participants. This is also a kind of federated identity model, which simply means that a service accepts an identity that is managed someplace else.

As communication technology became more broadly available, the number of institutions who wanted to communicate with one another also increased. Groups of similar organizations still wanted to issue their own identities, but wanted their users to be able to interact freely with one another. The prospect of each service having to negotiate a custom agreement with every other service was daunting, so similarly chartered institutions came up with standard contracts that allow any two members to interact. These groups are called Federations, and there are several different kinds. Federation agreements and membership are managed by a Contract Hub.

When the federation agreement limits itself to policy, governance, and common roles, but leaves technical decisions to the individual members, it’s referred to as a Mesh Federations. Individual members communicate form a mesh, and can communicate directly with one another using whatever technology they prefer.

Alternatively, a Technical Federation defines communication methods and protocols, but leaves specific governance and policy agreements to the members. In some cases, the technical federation may also route messages between the members.

As the number of services has increased, so has the problem of managing all of those usernames and passwords. Users might decide to reuse an existing identity rather than creating a new one. In recent years, some organizations have made identities that they issue available to other services. Service providers accept these identities because it lowers the cost of user acquisition. When the same entity provides identities for both the requester and the service provider, it is referred to as a Three Party Model.

If the requester and the service provider have provider have separate but compatible identity providers, it is called a Four Party model. This is present in highly dynamic models, such as credit card processing,

Peer-to-peer networks are for independent entities who want to identity assurance, but who lack a central service that can issue identities to everyone. To get around this, the participants vouch for one another’s identities.

Individual contract wrappers are an innovation to enable complex connections between services where the terms and conditions of using the data are linked to the data.

Common Internet Trust Models

Sole source: A service provider only trusts identities that it has issued.

Pairwise Federation: Two organizations negotiate a specific agreement to trust identities issued by one another.

Peer-to-Peer: In the absence of any broader agreement, individuals authenticate and trust one another.

Three-Party Model: A common third party provides identities to both the requester and the service provider so that they can trust one another.

“Bring your Own” Portable Identity: In the absence of any institutional agreement, service providers accept individual, user-asserted identities.

“Winner Take All” Three Party Model: Service provider wants to allow the requester to use an existing identity, but only accepts authentication from a single or very limited set of providers.

Federations: A single, standard contract defines a limited set of roles and technologies, allowing similar types of institution to trust identities issued by one another.

Mesh Federations: These share a common legal agreement at the contract that creates permissible interoperability.

Technical Federations:  These share a common technical hub responsible for making the interoperability happen.

Inter-Federation Federations: This is what happens when one federation actually inter-operates with another federation.

Four-Party Model: An interlocking, comprehensive set of contracts allows different types of entity to trust one another for particular types of transaction.

Centralized Token Issuance, Distributed Enrollment: A shared, central authority issues a high-trust communication token. Each service provider independently verifies and authorizes the identity, but trusts the token to authenticate messages.

Individual Contract Wrappers: Manage how personal data is used rather than trying to control collection. Information is paired contract terms that governs how it can be used. Compliance is held accountable using contract law.

Open Trust Framework Listing: An open marketplace for listing diverse trust frameworks and approved assessors.

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:39 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Peer-to-Peer Trust and Identity

Peer-to-Peer Identity

When no central identity provider or governance agreement is present, participants assert their own identities and each individual decides who they trust and who they do not. Each participant is a peer with equal standing and each can communicate with anyone else in the network.

Examples: The most familiar peer-to-peer network is probably e-mail. An internet host can join the e-mail network with little more effort than updating its DNS entry and installing some software. Once a host has joined the network, individual e-mail addresses are easily created with no requirement for approval by any central authority. This flexibility and ease of account creation helped spur the growth of the internet, but also allows spam marketers to create false emails.

The best known secure peer-to-peer identity networks on the Internet have been implemented using public key cryptography, which allows participants to trust messages sent over insecure channels like email. Products like PGP and it’s open source counterpart gpg are the most common implementations of public key messaging tools.

When To Use: No central identity provider is available but network participants can exchange credentials.

Advantages: No dependence on a central identity provider. No formal agreement needed to join the network. Participants can assert any identity that they want. Secure peer-to-peer technologies can provide a high degree of confidence once identities have been exchanged. Peer-to-peer models are very flexible, and can support a wide range of trust policies.

Disadvantages: No governing agreement or requirement to implement any policies. Secure deployment requires a high degree of technical sophistication and active management. Individually verifying each participant can be labor intensive. Tracking identities that have been revoked can be complex and error prone.

Ability to Scale: If security requirements are low, peer-to-peer networks can grow very large because new members can join easily. Higher levels of security can be complex to deploy and operate, and can impose a practical limit on the size of the network.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:39 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Three Party Model

Three Party Model

A trusted third party provides identities to both the requester and service provider. In order to interact with one another, both must agree to trust the same identity provider.

Examples: Google, Facebook, American Express, Paypal, Amazon, iTunes App Store

There are two broad types of Three Party Model. If one (or both) of the parties insists on a particular identity provider, we refer to it as a Winner Take All network because other identity providers are locked out. If only technical methods are specified and the requester is free to specify any identity provider they like, we refer to it as a Bring Your Own Identity network.

When to Use: An identity provider may choose to offer a three party model when it can provide identities more efficiently than the requester or service provider can on their own. Requesters and service providers may choose to implement a three party network for access to an existing market.

Advantages: Separates identity management from the service being provided. In cases where a shared third party is available, this model simplifies the process of exchanging trusted identities. Malicious actors can be identified and isolated from the entire network. Requesters can use a single identity with many service providers, and service providers can trust requesters without having to verify each one.

Disadvantages: Because participants can only interact if they have been authenticated by a single identity provider, that provider wields substantial power. The identity provider effectively controls the requester’s ability to use services and the services’ ability to work with requesters.

For instance, a requester who loses their account with the identity provider also loses all of the services where they used that identity. If you use your Facebook to sign in to other products then you also lose those other products if your Facebook account is closed.

Ability to Scale: Very difficult to get started because a three party network is not interesting to service providers until it has users, but only attracts users if it has interesting services. Once they are established and functioning, however, a successful three party network can grow extremely large.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:37 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Bring Your Own Identity

A special case of the three party model where the service provider specifies the technical methods that it will accept, but allows the requester to choose any identity service they like. The service provider does not set details for identity verification or authentication and simply assumes that the requester has chosen one that’s good enough for their purposes. The service provider and requester agree to terms, the requester and the identity provider agree to terms, but the service provider does not make any agreement with the identity provider.

Examples: The most common Bring Your Own Identity technologies are SAML, OpenID, and email address verification.

When to Use: The service provider does not want to bear the cost of managing the requester’s identity, or wants to simplify account creation and sign-in.

Advantages: The requester can use an existing identity rather than having to create a new one for this service. If the requester chooses a good identity provider, the service gets the benefit of higher security with no additional cost.

Disadvantages: The account is only as secure as the authenticating service. The service provider depends on the user to select a trustworthy identity service.

Designing a user interface that allows the user to specify an identity provider has proved to be difficult. Consumers don’t generally have the experience to know a good identity provider from a bad one so, in practice, they depend upon seeing a familiar brand. When OpenID was first introduced, supporting sites attempted to help by listing a large set of brands so that the user could choose a familiar one. The resulting products ended up so festooned with logos that they were likened to NASCAR cars, and ended up being more confusing than helpful.

Ability to Scale: Very high.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:36 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Winner Take All

3Party

“Winner Take All” Three Party Model

A special case of the three party model where the service provider wants to allow the requester to use an existing identity, but only accepts authentication from a defined set of providers. Participants sign an agreement with the identity provider, which also allows them to talk to one another.

Examples: Apple completely controls the channel between app vendors and iPhone users, deciding which applications are available and which users are allowed to use them. Spotify and Zynga games depend upon Facebook for authentication.

When to Use: The service provider wants to take part in a large, established channel, or requires a high level of assurance.

Advantages: The requester can use an existing identity, which lowers the amount of effort required to use a new service. The service provider gets access to the users of an identity network without having to manage the accounts itself. Some identity providers offer higher security than the service could practically provide on its own.

Large three-party model identity providers like Facebook, Google, and PayPal dedicate substantial resources to security.

Disadvantages: Because participants can only interact if they have been authenticated by a single identity provider, that provider wields substantial power. The identity provider effectively controls the requester’s ability to use other company’s products. For instance, a requester who loses their account with the identity provider also loses all of the services where they used that identity. If you use your Facebook to sign in to other products then you also lose those other products if your Facebook account is closed.

Conversely, a service provider that depends on a single third party identity provider leaves themselves open to the third party deciding to change its terms.

Ability to Scale: Difficult to get started because it is only interesting to service providers when it has consumers, but only interesting to consumers if it can offer interesting services. Once they are established and functioning, however, a successful identity provider can build a very large network.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:36 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Federations

Federations

A Federation provides a standard, pre-negotiated set of contracts that allow organizations to recognize identities issued by one another. A federation agreement might specify user roles, governance, security and verification policies, or specific technical methods. The federation is organized around a Contract Hub, which is responsible for the agreements. Organizations with similar goals or structure create a standard agreement rather than negotiating individually.

When to Use: A large number of organizations can agree upon roles and governance, and can create a standard contract.

Advantages: Organizations can recognize identities that one another issue without having to negotiate individual agreements with every party.

Disadvantages: Not customized for individual member organizations. Because of the need to create an agreement that a large number of parties can agree to, the federation might be limited to lowest common denominator roles.

Ability to Scale: Very high.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:35 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Mesh Federation

Mesh Federation

A Mesh Federation provides a legal and policy umbrella so that institutions can interact with one another but does not specify technical methods. Each member organization issues digital identities for its people and the federation agreement provides the legal framework for them to use one another’s resources. The federation agreement might specify governance, policy, or roles, but the member institutions are free to implement using whatever technologies they like. This is referred to as a mesh because participating services connect directly with one one another in order to authenticate identities. For contrast, a federation network that provides a central identity clearing house is referred to a Technical federation (discussed below).

Examples: Mesh federations were pioneered by educational institutions. Universities already had a culture of cooperation and realized that the interest of students and research goals of faculty were best served by the free flow of information. NRENS (National Research and Education Networks) around the world include InCommon in the US, SurfnNET in the Netherlands, and JISC/Janet in the UK.

When to use: Large institutions wish to share resources and can agree on roles and governance, but do not need a central point for authenticating identity.

Advantages: Federation participants don’t need to negotiate custom agreements with every other member.

Disadvantages: Because of the need to gather broad adoption, mesh federations may be limited to the most common roles and might not cover complex use cases.

Ability to Scale: Because the mesh federation provides a standard contract, it scales to a large number of members.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:35 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Inter-Federation Federations

[Image Coming]

Inter-Federation Federations

When organizations are unable to communicate directly with one another because of legal limits or national boundaries, existing federations can negotiate inter-federation federations which allow members of different federations to interact with one another.

Examples: REFEDS, eduGAIN, and Kalmar2 are inter-federation programs for research institutions and higher education.

When to use: Institutions are unable to form direct relationships with one another because of legal or national boundaries, but have existing federations that can negotiate on their behalf.

Advantages: Federations can act as agents, negotiating for members to simplify the complexity of getting agreement among a large number of institutions.

Disadvantages: The complexity of negotiating inter-federation agreements slows the process and may limit the interactions that are covered.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:34 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Four Party Model

Four-Party Model

A four-party model provides a comprehensive set of interlocking legal contracts that detail roles, responsibilities, and technical methods. In order to take part in the network, each party must agree to one of the contracts in a given framework. Identity providers specialize in providing support for particular roles.

Examples: The credit card networks, such as Visa and Mastercard, are implemented as four party networks. These represent a large collection of individuals and institutions, each of which must routinely trust participants they’ve never encountered before.

Parties of all types continually join and leave the network, making it impractical for any single organization to track them all. By creating a standard set of well defined roles that work together, the Visa and Mastercard enable risk assessors to specialize.

Because of the vast difference in the size of the entities involved (anywhere from an individual person to a multi-national corporation), and the complexity of governing law, no single contract could be both complete and understandable by all parties.

To solve this problem, the network created a comprehensive, interlocking set of contracts that lay out all of the roles that entities can play. For each role, the appropriate contract specifies the interactions and responsibilities. The network design allows for multiple identity providers, each of whom can specialize in managing risk for a particular set of users. Risks are managed at the system level.

When to use: Closed network where all parties can be expected to sign a contract to join.

Advantages: Enables a network where participants of different sizes can interact smoothly with one another. Allows for specialization of risk management in a complex, constantly changing network where participants frequently join and leave.

Disadvantages: Depends upon the ability to create comprehensive contracts. Risk management can impose substantial costs on the network.

Ability to scale: Four party models can scale to a large number of participants.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:33 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Individual Contract Wrappers

Individual Contract Wrappers

When providing information to a service, the requester also provides terms for how that information can be used. Service providers agree to honor those terms in exchange for access to the data, and compliance is enforced through contract law. Terms might include an expiration date, limits on whether the data can be re-sold, or whether it can be used in aggregate form. This model is the mirror image of the Sole Source.

Examples: Personal.com offers a service that provides end users with a place to store personal data. Service providers agree to abide by a set of agreements in order to use this data.

When to use:

Advantages: Provides an incentive for the requester to provide clear, correct, and up-to-date information. In exchange for accepting limits on how the data can be used, the service provider gains access to better quality and more complete data.

Disadvantages: Emerging technology with evolving standards, not widely supported yet.

Ability to scale: It has a high ability to scale but it is almost a reverse architecture of the Sole Source and some of the same challenge.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:33 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Open Trust Frameworks

A Trust Framework is a specification that describes a set of identity proofing, security, and privacy policies. The framework is authored by subject matter experts, and is written with the intent that compliance can be assessed. The framework also lists the qualifications that an assessor must have in order to judge compliance.

A Framework Listing Service provides a publicly visible location where trust frameworks can be published and tracked. The listing service sets guidelines for acceptable frameworks and accredits assessors to verify that services implement the frameworks properly.

Examples: The Open Identity Exchange (OIX), Kantara Initiative, and InCommon operate framework listing services. A Framework Creator authors a trust framework that specifies identity validation policies and publishes it to a Framework Listing Service. The framework may also specify the qualifications required in order to be a valid assessor of the policy.

When to use: This should be used by networks who share a common set of technology and policy needs but are not in the business of creating technology networks or accrediting compliance.

Advantages: Standard, publicly available specifications that are designed by subject matter experts. Assessors can verify that the frameworks are implemented properly.

Disadvantages: Not broadly supported, evolving model.

Ability to scale: Because each component can be independently updated, a network based on open trust frameworks could potentially scale to be very large.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:32 AM

Kaliya Hamlin

Field Guide to Internet Trust Models: Technical Federation

In addition to contract terms, a Technical federation also provides a central service that acts as a clearinghouse for identity operations. It routes authentication requests from the service back to the requester’s chosen identity provider, translating protocols as needed. The existence of a central service lowers the technical and administrative costs of participating in the network. For contrast, a federation network where the participants connect directly with one another rather than going through a central clearinghouse is called a Mesh.

Examples: WAYF provides federated single sign-on to Denmark’s higher education, research institutions, and libraries.

When to Use: A large entity is available to act as an identity clearing house.

Advantages: Encourages use of digital identity by providing a central clearinghouse for authentication. Service providers only need to integrate with a single identity provider. Requesters can choose from a variety of identity providers.

Disadvantages: Requires substantial investment that may only be available to very large institutions or states.

Ability to Scale: Can scale to support national identity programs.


The full papers is downloadable [Field-Guide-Internet-TrustID] Here is a link to introduction of the paper and a at the bottom of that post is a link to all the other models with descriptions.  Below are links to all the different models.

Sole source, Pairwise FederationPeer-to-Peer,

Three-Party Model 1) “Bring your Own” Portable Identity 2) “Winner Take All” Three Party Model:

Federations 1) Mesh Federations 2) Technical Federations 3) Inter-Federation Federations

Four-Party Model, Centralized Token Issuance, Distributed Enrollment, Individual Contract Wrappers, Open Trust Framework Listing

by Kaliya Hamlin, Identity Woman at December 01, 2014 04:32 AM

November 29, 2014

Nat Sakimura

マッサンの主題歌「麦の唄」とソ連国歌が似ている?

今放映中のNHK朝ドラ「マッサン」の主題歌は、中島みゆき作曲の「麦の唄」という曲である。某所でこれがソビエト連邦国歌に似ているという話を聞いたので、早速調べてみました。いや、マッサン見てないので、曲も全然知らなかったんですよね。

で、まず、「麦の唄」のサビの部分:

http://www.sakimura.org/wp-content/uploads/2014/11/c61ad03f5ac8486779fcef1b32d39685.m4a

mugi-no-uta

確かになんか聞いたことがあるような。どこでだろう、と思ったら、どうやらソビエト連邦国歌=ロシア連邦国歌のサビの部分がよく似ているようです。これです:

http://www.sakimura.org/wp-content/uploads/2014/11/russian-anthem.m4a

Russian_Anthem

なるほど、確かに似ていますね。最初の2小節はほぼ一緒と言っても良い。とはいえ、2小節だけですからねぇ…。でも、サビなので、印象に残るのでしょうね。

でわでわ。

by Nat at November 29, 2014 03:05 PM

November 21, 2014

Nat Sakimura

IDMからIRMへ~変わるアイデンティティーの地平

本日(2014/11/21)14:15より、品川インターシティにて行われた第6回OpenAMコンソーシアムセミナーで、基調講演をやってまいりました。

題して

「IDMからIRMへ
変わるアイデンティティーの地平」
IDMからIRMへ

by Nat at November 21, 2014 06:00 AM

November 11, 2014

Nat Sakimura

XACML v3.0 Privacy Policy Profile Version 1.0 パブリック・レビュー

eXtensible Access Control Markup Language (XACML) のCommittee Specification Draft (CSD) の15日間のパブリックレビューピリオドが、11/12から始まります。

この規格案は、プライバシーポリシーをXACMLで表すためのものです。

期間は11/12 0:00 UTC ~11/26 23:59 UTCです。

対称の文書のURLは以下のとおり:

Editable source (Authoritative):
http://docs.oasis-open.org/xacml/3.0/privacy/v1.0/csprd03/xacml-3.0-privacy-v1.0-csprd03.doc

HTML:
http://docs.oasis-open.org/xacml/3.0/privacy/v1.0/csprd03/xacml-3.0-privacy-v1.0-csprd03.html

HTML with inline tags for direct commenting:
http://docs.oasis-open.org/xacml/3.0/privacy/v1.0/csprd03/xacml-3.0-privacy-v1.0-csprd03-COMMENT-TAGS.html

PDF:
http://docs.oasis-open.org/xacml/3.0/privacy/v1.0/csprd03/xacml-3.0-privacy-v1.0-csprd03.pdf

コメントは、OASISのコメント機能を使って送信可能です。

送信されたコメントは以下から参照可能です。

http://lists.oasis-open.org/archives/xacml-comment/

送信された全てのコメントは、OASIS Feedback Licenseによって提出されたとみなされます。詳しくは以下の[3][4]をご参照ください。

========== Additional references:

[1] OASIS eXtensible Access Control Markup Language (XACML) TC
http://www.oasis-open.org/committees/xacml/

[2] Previous public reviews:

* 15-day public review, 23 May 2014: https://lists.oasis-open.org/archives/members/201405/msg00019.html

* 60-day public review, 21 May 2009: https://lists.oasis-open.org/archives/members/200905/msg00006.html

[3]http://www.oasis-open.org/policies-guidelines/ipr

[4] http://www.oasis-open.org/committees/xacml/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#s10.2.3
RF on Limited Terms Mode

by Nat at November 11, 2014 09:05 PM

Kaliya Hamlin

Quotes from Amelia on Systems relevant to Identity.

This is coverage of at WSJ interview with Amelia Andersdotter the former European Parliament member from the Pirate Party from Sweden. Some quote stuck out for me as being relevant

If we also believe that freedom and individualism, empowerment and democratic rights, are valuable, then we should not be constructing and exploiting systems of control where individual disempowerment are prerequisites for the system to be legal.

We can say that most of the legislation around Internet users protect systems from individuals. I believe that individuals should be protected from the system. Individual empowerment means the individual is able to deal with a system, use a system, work with a system, innovate on a system—for whatever purpose, social or economic. Right now we have a lot of legislation that hinders such [empowerment]. And that doesn’t necessarily mean that you have anarchy in the sense that you have no laws or that anyone can do whatever they want at anytime. It’s more a question of ensuring that the capabilities you are deterring are actually the capabilities that are most useful to deter. [emphasis mine].

This statement is key  “individuals should be protected from the system” How do we create accountability from systems to people and not just the other way around. I continue to raise this issue about so called trust frameworks that are proposed as the solution to interoperable digital identity – there are many concerning aspects to the solutions including what seems to be very low levels of accountability of systems to people.

The quotes from Ameila continued…

I think the Internet and Internet policy are very good tools for bringing power closer to people, decentralizing and ensuring that we have distributive power and distributive solutions. This needs to be built into the technical, as well as the political framework. It is a real challenge for the European Union to win back the confidence of European voters because I think a lot of people are increasingly concerned that they don’t have power or influence over tools and situations that arise in their day-to-day lives.

The European Union needs to be more user-centric. It must provide more control [directly] to users. If the European Union decides that intermediaries could not develop technologies specifically to disempower end users, we could have a major shift in global political and technical culture, not only in Europe but worldwide, that would benefit everyone.

by Kaliya Hamlin, Identity Woman at November 11, 2014 08:14 PM

November 09, 2014

OpenID.net

Errata to OpenID Connect Specifications Approved

Errata to the following specifications have been approved by a vote of the OpenID Foundation members:

An Errata version of a specification incorporates corrections identified after the Final Specification was published.

The voting results were:

  • Approve – 46 votes
  • Disapprove – 0 votes
  • Abstain – 0 votes

Total votes: 46 (out of 194 members = 24% > 20% quorum requirement)

The original final specification versions remain available at these locations:

The specifications incorporating the errata are available at the standard locations and at these locations:

— Michael B. Jones – OpenID Foundation Board Secretary

by Mike Jones at November 09, 2014 07:28 PM

OpenID.net

Implementer’s Draft of OpenID 2.0 to OpenID Connect Migration Specification Approved

The following specification has been approved as an OpenID Implementer’s Draft by a vote of the OpenID Foundation members:

An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification.

This Implementer’s Draft is available at these locations:

The voting results were:

  • Approve – 44 votes
  • Disapprove – 1 votes
  • Abstain – 1 votes

Total votes: 46 (out of 194 members = 24% > 20% quorum requirement)

— Michael B. Jones – OpenID Foundation Board Secretary

by Mike Jones at November 09, 2014 07:26 PM

October 21, 2014

OpenID.net

Notice of Vote for Errata to OpenID Connect Specifications

The official voting period will be between Friday, October 31 and Friday, November 7, 2014, following the 45 day review of the specifications. For the convenience of members, voting will actually open a week before Friday, October 31 on Friday, October 24 for members who have completed their reviews by then, with the voting period still ending on Friday, November 7, 2014.

If you’re not already a member, or if your membership has expired, please consider joining to participate in the approval vote. Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration.
A description of OpenID Connect can be found at http://openid.net/connect/. The working group page is http://openid.net/wg/connect/.

The vote will be conducted at https://openid.net/foundation/members/polls/86.

– Michael B. Jones, OpenID Foundation Secretary

by Mike Jones at October 21, 2014 05:43 AM

OpenID.net

Notice of Vote for Implementer’s Draft of OpenID 2.0 to OpenID Connect Migration Specification

The official voting period will be between Friday, October 31 and Friday, November 7, 2014, following the 45 day review of the specification. For the convenience of members, voting will actually open a week before Friday, October 31 on Friday, October 24 for members who have completed their reviews by then, with the voting period still ending on Friday, November 7, 2014.

If you’re not already a member, or if your membership has expired, please consider joining to participate in the approval vote. Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration.

A description of OpenID Connect can be found at http://openid.net/connect/. The working group page is http://openid.net/wg/connect/.

The vote will be conducted at https://openid.net/foundation/members/polls/81.

– Michael B. Jones, OpenID Foundation Secretary

by Mike Jones at October 21, 2014 05:38 AM

October 18, 2014

Nat Sakimura

オンラインサービスにおける消費者のプライバシーに配慮した情報提供・説明のためのガイドラインを策定しました(METI/経済産業省)

検討委員会の委員としてお手伝いしたガイドラインが発表されました。

経産省「オンラインサービスにおける消費者のプライバシーに配慮した情報提供・説明のためのガイドライン
meti-20141017

これは、一昨年のIT融合フォーラム パーソナルデータワーキング・グループの検討結果と、それに引き続き昨年度行われた事業者事前相談の試行を通じて作成された『消費者への情報提供・説明を充実させるための「基準」』を受けて策定されたものです。消費者からパーソナルデータの提供を受ける場合に、どのように通知したらよいか、目的や提供範囲の変更に際してはどうすべきか、などをまとめています。

このような取組は各国で始まっており、特にオンラインの場合はあまりバラバラになると事業者の対応が大変になるので、国際的な調和も求められます。その一環として、ISO/IECにもこれを提出する予定になっており、10月20日から始まるISO/IEC JTC1 SC 27/WG 5 メキシコ会合で、Study Periodの提案が行われることになっています。

この辺りはまた別途ご報告もうしあげます。

(メキシコシティにて)

by Nat at October 18, 2014 11:08 PM

Nat Sakimura

消費者の金融取引の安全性向上のための大統領令発布 – クレジットカードのICカード化や政府サイトの多要素認証対応など

2014年10月17日付で、消費者の金融取引の安全性向上のための大統領令[1]が発布されました。

Executive Order   Improving the Security of Consumer Financial Transactions   The White House

主な内容は以下の3つです。

  • Section 1. 政府への支払いの安全性向上 — 2015年1月以降に導入される決済端末は、より安全な標準規格にもとづいたものになります。具体的にはICチップ対応になります。
  • Section 2. Identity窃盗被害者救済の向上 — 典型的な事例における救済にかかる時間を大幅に短縮するための対策が3つあげられています。
  • Section 3. 政府サイトのアクセスの安全性向上 — 個人情報へのアクセスにあたっては、NSTIC[2]に沿った形で、多要素認証と適切な身元確認への対応が求められます。政府機関は18ヶ月以内にこれに対応しなければなりません。

日本や欧州では、クレジットカードはICチップ付きが主流になっていますが、米国ではまだまだ普及には程遠い状況です。この大統領令のSection 1は、この状況を改善するためのものです。政府機関でのクレジットカードの決済がICチップベースになることで、クレジットカード発行者がICチップ付きのものを発行するようになるための呼び水となることを狙っています。

おりしも同日 Daily Telegraph に

Sorry Mr President; your credit card has been declined
Barack Obama’s card rejected at trendy New York restaurant Estela

という記事が出ました。オバマ大統領がニューヨークのEstelaというレストランで支払いをしようとしたら支払いができなかったという記事です。磁気ストライプだと複製が簡単なので、クレジットカード会社は過去の取引のパターンを使ったリスクベース認証を行っているのですが、オバマ氏は大統領になってからほとんどカードを切ることが無くなったので、このレストランでの支払いが異常な取引としてフラグが上がってしまったわけですね。同記事曰く、

「どうもあんまりカードを使わないものだから、不正行為が行われていると思われたようだね。ミッシェルがカードを持っていて良かったよ。」

「ウェイトレスに、これまでちゃんと支払いをしていると説明したんだけどね。こんなことになってしまった。」

オバマ大統領はロブ・コードレイ米消費者金融保護局長に、クレジットカード顧客を保護するためのもっと簡便な方法が導入される必要が有ることを、この事例は指し示していると語った。

彼は、欧州では普通になっているのに米国ではそうではないICカード決済システム[3]を褒め称えた。

(出所)Rosa Prince: “Sorry Mr President; your credit card has been declined”, Daily Telegraph, 2014/10/17

仕込み記事乙、という感じでありますが、それだけ本気ということでしょう。ちなみに、この話は、AP電/Fox Newsなんかにも出ています。セキュリティの話しじゃみんな読まないけど、オバマ大統領がカード使えなかった!という俗な話にすればみんな読むだろうという読みのもと、メディア戦略うまいですね。

アイデンティティ窃盗はだいぶ前から社会問題になっていました。Section 2は、それに対する対策ですね。具体的な対策と言うよりは、対策を立てなさいという命令ですが。

そしてSection 3.が、政府サイトへのアクセスで、本人が個人情報にアクセスしたりするときのセキュリティレベルを上げ、それによってプライバシーの保護を向上させるというものです。ホワイトハウス筋から事前に聞いていたところによると、これもSection 1.と同じで、民間に対する呼び水にすることを狙っているそうです。今後、これに対応するためにSP800-63の改定もあり得るようです[4]。18ヶ月と切ってあるのは、FCCXのインプリがそれまでに済むということですかね。

ちょうど発表が私の東京→メキシコの移動に重なってしまって、記事を書くのがちょっと遅くなりましたが、まだ日本ではこれが第一報になるのかな…。

ではでは!

(メキシコシティにて)


[1] Executive Order –Improving the Security of Consumer Financial Transactions, http://www.whitehouse.gov/the-press-office/2014/10/17/executive-order-improving-security-consumer-financial-transactions

[2] National Strategy for Trusted Identity in Cyberspace

[3] chip-and-pin payment system

[4] 現行のSP800-63だと多要素認証はLoA3になるが、LoA3の身元確認を要求するのは多分酷なので、LoA2で多要素認証を要求するようになるとか、あるいは、クレデンシャルのレベルと身元確認のレベルを分離させるとかするんじゃないでしょうか。

【関連記事】

by Nat at October 18, 2014 10:29 PM

October 17, 2014

OpenID.net

The Name is the Thing: “The ARPU of Identity”

The name is the thing. The name of this Open Identity Exchange White Paper, the “ARPU of Identity”, is deliberate. ARPU, Average Revenue Per User, is one metric telcos use to measure success. By deliberately using a traditional lens that telcos use, this paper puts emerging Internet identity markets into a pragmatic perspective. The focus of the white paper is on how mobile network operators (MNOs) and other telcos can become more involved in the identity ecosystem and thereby improve their average revenue per user, or ARPU. This perspective continues OIX’s “Economics of Identity” series, or as some call it the “how do we make money in identity” tour in the emerging Internet identity ecosystem. OIX commissioned a white paper reporting the first quantitative analysis of Internet identity market in the UK, where HMG Cabinet Office hosted workshops on the topic at KPMG’s headquarters in London and at the University of Washington’s Gates Center in Seattle.

The timing of this paper on business interoperability is coincidental with work groups in the OpenID Foundation developing the open standards that MNOs and other telco players will use to ensure technical interoperability. GSMA’s leadership with OIX on pilots in the UK Cabinet Office Identity Assurance Program and in the National Strategy on Trusted identity in Cyberspace offer opportunities to test both business and technical interoperability leveraging open standards built on OpenID Connect. The timing is the thing. The coincidence of white papers, workshops and pilots in the US, UK and Canada with leading MNOs provides a real-time opportunity for telcos to unlock their unique assets to increase ARPU and protect the security and privacy of their subscribers/citizen.

In my OpenID Foundation blog, I referenced Crossing the Chasm, where Geoffrey A. Moore argues there is a chasm between future interoperability that technology experts build into standards and the pragmatic expectations of the early majority. OIX White Papers, workshops and pilots help build the technology tools and governance rules needed for the interoperability to successfully cross the “chasm.”

Several OIX White Papers speak to the “supply side” how MNOs and others can become Identity Providers (IDPs), Attribute or Signal Providers in Internet identity markets. Our next OIX White Paper borrows an industry meme (and T-Shirt) for its title, “There’s No Party Like A Relying Party”. That paper speaks to the demand side. Relying Parties, (RPs) like banks, retailers and others rely on identity attributes and account signals to better serve and secure customers and their accounts rely on technical, business and legal interoperability.

By looking at the “flip sides” of supply and demand, OIX White Papers help us better understand the ARPU, the needs for privacy and security and the economics of identity.

Don

by Don Thibeau at October 17, 2014 01:49 PM

OpenID.net

Crossing the Chasm of Consumer Consent

This week Open Identity Exchange publishes a white paper on the “ARPU of Identity”.   The focus of the white paper is on how MNOs and telecommunications companies can monetize identity markets and thereby improve their average revenue per user, or ARPU.   Its author and highly regarded data scientist, Scott Rice, makes a point that caught my eye. It’s the difficulty in federating identity systems because consumer consent requirements and implementations vary widely and are a long way from being interoperable. It got my attention because Open Identity Exchange and the GSMA lead pilots in the US and UK with leading MNOs with funding in part from government. The National Strategy on Trusted identity in Cyberspace and UK Cabinet Office Identity Assurance Program are helping fund pilots that may address these issues. Notice and consent involves a governmental interest in protecting the security and privacy of its citizens online. It’s a natural place for the private sector to leverage the public-private partnerships Open Identity Exchange has helped lead.

Notice and consent laws have been around for years.  The Organization for Economic Co-operation and Development, or OECD, first published their seminal seven Privacy Guidelines in 1980.  But in 1980, there was no world wide web nor cell phone.  Credit bureaus, as we know them today, didn’t exist; no “big data” or data brokers collecting millions of data points on billions of people.  What privacy law protected then was very different than what it needs to protect now.  Back then, strategies to protect consumers were based on the assumption of a few transactions each month, not a few transactions a day.  OECD guidelines haven’t changed in the last 34 years. Privacy regulations and, specifically, the notice and consent requirements of those laws lag further and further behind today’s technology.

In 2013 (and updated in March of this year), OIX Board Member company Microsoft, and Oxford University’s Oxford Internet Institute (OII) published a report outlining recommendations for revising the 1980 OECD Guidelines.  Their report makes recommendations for rethinking how consent should be managed in the internet age.  It makes the point that expecting data subjects to manage all the notice and consent duties of their digital lives in circa 2014 is unrealistic if we’re using rules developed in 1980.  We live in an era where technology tools and governance rules assume the notice part of “notice and consent” requires the user to agree to a privacy policy.  The pragmatic choice is to trust our internet transactions to “trusted” Identity Providers (IDPs), Service Providers (SPs) and Relying Parties (RPs). The SPs, RPs, IDPs, government and academic organizations that make up the membership of Open Identity Exchange share at least one common goal: increasing the volume, velocity and variety of trusted transactions on the web.

The GSMA, Open Identity Exchange and OpenID Foundation are working on pilots with industry leading MNOs, IDPs and RPs to promote interoperability, federation, privacy and respect for the consumer information over which they steward.  The multiple industry sectors represented in OIX are building profiles to leverage the global adoption of open standards like Open ID Connect. Open identity standards and private sector led public-private partnership pilots help build the business, legal and technical interoperability needed to protect customers while also making the job of being a consumer easier.

Given the coincidence of pilots in the US, UK and Canada over the coming months, it is increasingly important to encourage government and industry leaders and privacy advocates to build on interoperability and standardization of consumer consent and privacy baked into standards like OpenID Connect brings to authentication.

Don

by Don Thibeau at October 17, 2014 01:47 PM

October 16, 2014

OpenID.net

Crossing the Chasm In Mobile Identity: OpenID Foundation’s Mobile Profile Working Group

Mobile Network Operators (MNOs) worldwide are in various stages of “crossing the chasm” in the Internet identity markets. As Geoffrey A. Moore noted in his seminal work, the most difficult step is making the transition between early adopters and pragmatists. The chasm crossing Moore refers to points to the bandwagon effect and the role standards play as market momentum builds.

MNOs are pragmatists. As they investigate becoming identity providers, open standards play a critical role in how they can best leverage their unique technical capabilities and interoperate with partners. The OpenID Foundation’s Mobile Profile Working Group aims to create a profile of OpenID Connect tailored to the specific needs of mobile networks and devices thus enabling usage of operator ID services in an interoperable way.

The Working Group starts with the challenge that OpenID Connect relies on the e-mail address to determine a user’s OpenID provider (OP). In the context of mobile identity, the mobile phone number or other suitable mobile network data are considered more appropriate. The working group will propose extensions to the OpenID discovery function to use this data to determine the operator’s OP, while taking care to protect data privacy, especially the mobile phone number. We are fortunate the working group is led by an expert in ‘crossing the chasm’ of email and phone number interoperability, Torsten Lodderstedt, Head of Development of Customer Platforms at Deutsche Telekom who is also an OpenID Foundation Board member.

The Working Group’s scope is global as geographic regions are typically served by multiple, independent mobile network operators including virtual network operators. The number of potential mobile OPs a particular relying party needs to setup a trust relationship with will likely be very high. The working group will propose an appropriate and efficient model for trust and client credential management based on existing OpenID Connect specifications. The Foundation is collaborating with the Open Identity Exchange to build a trust platform that combines the “rules and tools” necessary to ensure privacy, operational, and security requirements of all stakeholders.

Stakeholders, like service providers, may likely have different requirements regarding authentication transactions. The OpenID Connect profile will also define a set of authentication policies operator OP’s are recommended to implement and service providers can choose from.

This working group has been setup in cooperation with OpenID Foundation member, the GSMA, to coordinate with the GSMA’s mobile connect project. We are fortunate that David Pollington, Senior Director of Technology at GSMA, and his colleagues have been key contributors to the Working Group’s charter and will ensure close collaboration with GSMA members. There is an importance coincidence of the GSMA and OIX joint leadership of mobile identity pilots with leading MNOs in the US and UK. All intermediary working group results will be proposed to this project and participating operators for adoption (e.g. in pilots) but can also be adopted by any other interested parties. The OIX and GSMA pilots in the US and UK can importantly inform the OIDF work group standards development process. That work on technical interoperability is complemented by work on “business interoperability.” OIX will publish a white paper tomorrow, “The ARPU of Identity”, that speaks to the business challenges MNOs face leveraging the highly relevant and unique assets in Internet identity.

The OpenID Foundation Mobile Profile Working Group’s profile builds on the worldwide adoption of OpenID Connect. The GSMA and OIX pilots offer an International test bed for both business and technical interoperability based on open standards. Taking together with the ongoing OIX White Papers and Workshops on the “Economics of Identity”, “chasm crossing” is within sight of the most pragmatic stakeholders.

Don

by Don Thibeau at October 16, 2014 03:45 PM