Thursday, May 18, 2006

TSODI - Episode #27 - Part 1

Aldo interviews Johannes Ernst, Dick Hardt, and John Kemp on the topic of user-centric identity in this week's episode (mp3).

At the start of each episode, Aldo reads out the names and introductions of people who have added themselves to the SODI Frapper Map in the past week. A noteworthy addition to the map is Seung-Hyun Kim, a South Korean IDM researcher. His introduction includes:

I am working at ETRI, the Electronics and Telecommunications Research Institute. Our team is named as the Digital ID Research Team, developing systems that follow standards such as Liberty, SAML, ID-WSF, and XACML. I have been certified through the first SAML 2.0 interoperability test from Liberty Alliance in 2005. We now supply the Ministry of Naitonal Defense with the system ... this will be used by over 230 cities in Korea, that means that 48 million Liberty-enabled identies will be created.
In the interview itself (and vastly oversimplifying) I saw what seems a fundamental divide when the interviewees were asked to give their definition of user-centric identity.

For Dick, user-centrism boils down to how the identity is communicated from identity provider to identity consumer - the user must be an active intermediary in the flow in order to apply their release policies (my interpretation being that back-channel SOAP messaging on the user's behalf would be ruled out as deserving the user-centric description). John takes a broader view, user control is the key aspect of user-centric and a user can still have meaningful control even when not directly involved in the identity flow.

Hopefully this distinction is explored further in Part 2.

No comments: