Skip to main content

POST The good doctor

I think we all understand that the identity infrastructure that we have now is not suited for the connected world that it was never designed for.

On the one hand, the problem seems obvious. We all need some kind of consistent digital identity (think virtual ID "card") that can identify and authenticate us not only to all our devices, but also to all our online services, commerce and banking accounts, and essentially anywhere where we need to digitally, or even physically, verify who we are.

From The Digital Identity Dilemma | Seeking Alpha

Now, in my world, words such as “digital identity” and “virtual identity” are not bandied around with gay abandon. To me, they mean something very specific and I am of the strongly-held opinion that it’s not possible to discuss such topics without some agreed model to work with. At Consult Hyperion we used “three domain identity” (or “3DID” model) to help our clients to develop their strategies for digital identity and its use in the mass market.

Three Domain Identity Model

The very kind people from Security Printers 2016 invited me down to Seville to deliver keynote about next generation identity today. I used the 3DID model to explain that in the connected world, all transactional interactions are between virtual identities and that the virtual identities ought to be constructed to allow for partitioned and partial identities. It is more than a decade since Kim Cameron published his seminal “seven laws of identity” that included the key principle of minimal disclosure, the idea that system should disclose the least amount of identifying information possible to effect a transaction.

To illustrate this point, I got one of my old “psychic ID” presentations out of the closet and used Dr. Who to illustrate my point about showing only what the relying party needs to (and is authorised to) see. But I finished up by talking about it will mean to have “smart” identity built on top of some sort of identity infrastructure (whether the 3DID infrastructure that I was talking about or some other infrastructure). This led into some pretty interesting discussions later in the day, so I thought I’d jot down a couple of notes here.

First, I explained that making something smart does not mean either putting a chip in it or putting on the blockchain. I was using smart in a more domain-specific way, unrelated to the particular implementation. I defined a smart ID to be an ID that can not present only those attributes that a relying party needs for a transaction and is authorised to see but can also verify the attributes presented by another smart ID. In other words, my smart driving licence can check whether your smart driving is real when you turn up to test drive my car . Your psychic paper can check that your date’s psychic paper is not lying when it says they have a Barclays account and are UK resident when you log in to online dating. The nightclub bouncer’s psychic paper (Android watch) can check that a patron’s psychic paper (iPhone app) shows he has a real VIP invite to the club. 

Comments

Post a Comment

Popular posts from this blog

There is no excuse for not taking cards

So we went to the pub. For lunch. Seven of us. Say £20 per head. £100+ quid. Say £50 quid gross for the pub. Colleague goes to order food and drinks and pay at the bar. Apologetic barmaid comes over to explain that their “card machine” is down, so she can only accept cash. Under normal circumstances I would have simply walked out, feeling it wholly inappropriate to reward such a poorly managed establishment and, as a functioning actor in a capitalist economy, done my duty to depress their lunchtime takings. Here’s what we wanted to say: This is absurd. This is 2016 not 1916. Your card machine is down? Well, so what! Are you seriously telling me that mein host has no mobile phone number capable of registering for PingIt or PayM? That none of the staff or the pub itself have a PayPal account that I can send the money to? That neither the owners nor managers not contingency planners thought to tuck an iZettle behind the bar to use when the clunky and expensive GPRS terminal fails for o...
Post a Comment
Read more