Thanks to Mr. or Mrs. Anonymous for pointing out William Heath’s “Ideal Government” blog.

Technorati Tags: Identity,
Digital Identity,
Identity Management

I just re-read the blog I just posted. It strikes me that the two gentlemen I quoted make a strong case for the value of User-Centric Identity (UCI) – as opposed to Government Centric Identity (GCI).

Mr. Loretto sounds pretty darn condescending – like I don’t have the common intelligence to juggle a few Identities on my own. Maybe from his lofty perch in the high eschelons of power within Telstra, he has forgotten that the common man is able to do some pretty remarkable things – like keeping track of a few credit cards or a few Identities. When people of power have such a disparaging view of the common man, it becomes easy for them to exploit, abuse and defraud.

To quote a favorite bit of scripture, “We have learned by sad experience that it is the nature and disposition of almost all men, as soon as they get a little authority, as they suppose, they will immediately begin to exercise unrighteous dominion.” (D&C 121:39 — Doctrine and Covenants of the Church of Jesus Christ of Latter-day Saints.)

Mr. Heath, on the other hand, points out a huge opportunity for abuse or fraud – concentrating many Identities into one is just begging for some fraudulent operator to steal identities and do bad stuff.

My concern about national ID cards is centered on the fact that abuse can and will occur within government or other institutions. The bigger the trust we put in governement (like accepting a national ID card), the bigger opportunity for abuse. It’s too bad, but it’s a fact of life.

Technorati Tags: Identity,
Digital Identity,
Identity Management,
National ID Card

In his May 16th article in the Sydney Morning Herald, entitled “Smartcard not so clever: fraudster,” Nick Miller pointed out some of the pros and cons for a National ID Card.

First the pro: Jonathan Loretto, general manager of extended enterprise solutions at Telstra, stated, “Technology is confusing for a lot of people so we need a single point of access for them, a single point of understanding that helps them make their lives simpler.

“Before long we might end up with five, six or seven identity cards, which is great for people who sell handbags or wallets. But I don’t want to stand there flicking through my cards trying to work out which one lets me into the lobby of my office and into the lift.”

“We need to simplify things and think of the end user.”

Then, the con: William Heath, chairman of consultancy Kablenet countered, “A single identifier (card) is bad and dangerous for government,” he said. “It is an extremely courageous step to put all your identification, all the different departments, on to one identifier.”

“As long as you use an identifier unique to your department you manage that risk. If somebody’s playing fast and loose you can nail them. But if you’re all using the same identifier and some external party is managing it you don’t have any control at all.”

It’s good to know that our friends on the other side of the world are as concerned as I am about this subject.

Technorati Tags: Identity,
Digital Identity,
Identity Management,
National ID Card

In yesterday’s CNet News.com piece, “Perspective: Do we need a national ID card?,” Robert Vamosi reviews some of the challenges in physical and political challenges associated with implementing a national ID card. One of Robert’s more interesting points:

“With all the talk of creating a national ID card or standardizing U.S. driver’s licenses, there has been very little action on something that would improve security–creating a united crime database in the United States. You want security? Let’s start by tracking convicted felons. Here’s an excellent test bed to see whether such ID systems really work. It’s sad that data warehouses such as ChoicePoint know more about you and me than cops know about convicted felons on the street.

“If we can’t yet sync the names of criminals wanted in one state with people arrested in another state, it seems to me that we shouldn’t be so eager to start tracking honest, noncriminal citizens.”

Well put!

Technorati Tags: Identity,
Digital Identity,
Identity Management,
Real ID Act

Couldn’t resist sharing new photos of our little granddaughters, Eve Dixon and Chloe Dunn. Simply charming!

  

Technorati Tags: Family

Luke Razzell pointed out a humorous true story about a very visible mistaken Identity. Makes you wonder about BBC‘s authentication mechanisms. Simple as black and white.

Technorati Tags: Identity,
Digital Identity,
Identity Management,
BBC

My brother in law, Jeff Redd, pointed out some incredible mural artwork by Eric Grohe. Here is one example. Enjoy!

Technorati Tags: Eric Grohe

Somehow I feel that I’m way behind the times, but today I completed my first Sudoku puzzle. I tried to solve a puzzle to easy the boredom on my last airline flight, but made a mistake somewhere. This afternoon I printed out a puzzle from WebSudoku.com and brute-forced my way to a solution. Could become addictive!

Technorati Tags: Sudoku

Congratulations to Andrea Cravens, one of our great Identity Technical Specialists, who gave birth to twin sons, Lucas and Dylan, on May 3rd. Mother and boys are doing just fine. Andrea gave me permission to share this wonderful photo.

You done good, Andrea!

Technorati Tags:
Sun Microsystems,
Twins

Sun announced today it is “teaming up with SAP to deliver an integrated software solution that will help businesses maintain automated ‘continuous compliance’ with both external government regulations such as Sarbanes-Oxley and internal corporate security policies.”

The new solution “combines the Sun Java System Identity Management Suite with SAP’s Virsa Access Enforcer …”

“By automating provisioning and compliance controls across all IT resources including custom and Web applications, host mainframes, databases, directories and business applications, Sun and SAP’s products work together to give customers continuous compliance in real-time. …

“Sun’s Java System Identity Management Suite allows companies to create a user’s virtual identity, tying the user to appropriate accounts across the enterprise. Reports are generated automatically and sent to approved reviewers, providing a clear record for auditing purposes. In addition, any violations of policy are detected, flagged and remediated.”

Good stuff!

Technorati Tags: Identity,
Digital Identity,
Identity Management,
Sun Microsystems,
SAP,
Virsa,
Compliance