[Log In] []

Exploring the science and magic of Identity and Access Management
Saturday, May 18, 2024

Hyper-Connected Christmas Eve

Author: Mark Dixon
Friday, December 25, 2009
5:11 am

A great tradition of our family is to gather at the kitchen table after Christmas Eve festivities, drink hot chocolate and talk with each other. As we did so this year, we suddenly realized that we were all connected to the Internet, interacting on Facebook, Twitter and blogs using a variety of devices – extending our Christmas Eve chatter to people far removed from our physical home. Not shown in this photo are my iPhone and the desktop computer on the kitchen desk behind me as I was taking the photo.  Just another example of how technology has changed and enriched our lives. 

With sincere apologies to Holly for a very unflattering photo!

Hyper-connected Christmas Eve


Math Geek Humor

Author: Mark Dixon
Thursday, December 24, 2009
3:14 am

I’m only about two years late to the party, but I stumbled across this wonderfully rye cartoon from G. J. Caulkins today.  Enjoy!



Technorati Tags: , , ,
Comments Off on Math Geek Humor . Permalink . Trackback URL

1000 Posts! 1000 Thanks!

Author: Mark Dixon
Thursday, December 24, 2009
2:56 am

The previous post, the Dixon Family Christmas Card, was the one-thousandth post on the Discovering Identity blog.  Many thanks for following, visiting, commenting, and otherwise supporting this ongoing investigation into the science and magic of Identity Management.

One Thousand. Many Thanks.

Thanks to  Charleston Primary School for a great photo.

Technorati Tags: ,
Comments Off on 1000 Posts! 1000 Thanks! . Permalink . Trackback URL

Merry Christmas from the Dixon Family

Author: Mark Dixon
Thursday, December 24, 2009
2:38 am

A Christmas Card from our family to yours. May you have a happy holiday season and wonderful new year!


Technorati Tags: ,
Comments Off on Merry Christmas from the Dixon Family . Permalink . Trackback URL

Experimenting with FOAF

Author: Mark Dixon
Wednesday, December 23, 2009
4:55 am

Thanks to the help of Henry Story, who recently presented the concepts of FOAF (an acronym of Friend of a friend) in a Sun Identity Interest teleconference forum, I have begun to experiment a bit with the technology.

According to the FOAF Wikipedia article:

FOAF is a descriptive vocabulary expressed using the Resource Description Framework (RDF) and the Web Ontology Language (OWL). Computers may use these FOAF profiles to find, for example, all people living in Europe, or to list all people both you and a friend of yours know. This is accomplished by defining relationships between people. Each profile has a unique identifier (such as the person’s e-mail addresses, a Jabber ID, or a URI of the homepage or weblog of the person), which is used when defining these relationships.

The FOAF project, which defines and extends the vocabulary of a FOAF profile, was started in 2000 by Libby Miller and Dan Brickley. It can be considered the first Social Semantic Web application, in that it combines RDF technology with ‘Social Web’ concerns.

The FOAF project provides a way for me to maintain my personal Identity profile and link to others I know, creating a global social graph of acquainted people.  I don’t know much yet, but am intrigued by its possibilities.

You can visit my FOAF Card by clicking here, or view the XML for the corresponding FOAF file by clicking here.

If you have a FOAF file and would like to be added to my “knows” list, please send my the URL for your FOAF file.

Thanks!  I’ll keep you updated on my progress.

Comments Off on Experimenting with FOAF . Permalink . Trackback URL

My Christmas Wish List: Personal Identity-Persona Service

Author: Mark Dixon
Wednesday, December 23, 2009
3:55 am

christmas_wish_list It is almost Christmas Eve.  In the midst of an insomnia episode, I conjured up a crazy notion of making a Christmas wish list of things I want from a Personal Identity-Persona Service (PIPS).   Your list may be different, but here’s mine.

  1. Secure Identity Bank Vault for my Identity Profile and Credentials.  Of all the potential Identity Providers jostling for prominence in the market, I favor my bank the most.  They take pretty good care of my money, enable me to selectively send some of my money to other people, and seem to be sensitive to the issues surrounding security, privacy, liability and potential cyber threats.  I think I could trust them to take good care of my online Identity.  Think of it as the bank providing a safe deposit box for all the Identity attributes that I want to store and use, and providing the means to selectively take out Identity attributes for presentation to other people.  This vault should be located in a secure cloud, so I can get access from any computer or mobile device of my choice.  I think this is a concept even my technology-challenged wife, mother and father could readily understand and accept. 
  2. Really Easy to use Identity/Profile/Persona Editor.  With my Secure Identity Bank Vault in place, I need a really easy to use way to fill that vault with my Identity information and maintain it over time.  This will include the information I would normally include provide to an online merchant or social network, as well as subsets of such information that I can define for the purpose of presenting different personae to facilitate different online experiences.
  3. Multiple Levels of Identity Assurance or Validation.  I want to make sure that other people can’t impersonate me by setting up a  fake Identity Bank Vault for Mark Dixon that could be used to conduct illicit transactions.  To do that, methods need to be in place to validate the claims I make about my identity, such as birthplace, social security number, credit card numbers, etc.  Progressively rigorous checks of my background information will allow me to confidently present Bronze, Silver, Gold or Platinum Identity credentials to enable different levels of online interaction.
  4. Really Easy to use Persona Selector.  I need the ability to easily select from a set of personae I have defined in the Identity Bank Vault.   For example, I will most likely have one persona to use for online shopping, one for interaction with state government, and another for using my church website.  This selector needs to be immediately accessible, probably in the browser toolbar.  For mobile use, the persona selector needs to be easily accessed and presented by any online application that requires me to log in or pay for services.
  5. Multiple Levels of Secure Authentication.  I want to make sure that no one can access and use my Identity Bank Vault or persona and credentials it contains without my explicit permission.  In some cases, I may want to simply surf the web and virtually window shop by identifying myself with a user name and password.  However, I would like to restrict access to any financial transactions or health care record access by requiring a digital certificate (probably on a USB fob) and perhaps with a fingerprint check (perhaps via that same USB device).
  6. Option to Use Separate Personae for Login and Payment.  In some cases, I may want to use an Internet Persona to poke around the web, do some window shopping and try things out.  I may want to log in to Amazon, eBay, Barnes and Noble or other merchants before I decide to buy.  None of these merchants needs to know my credit card information before I decide to buy something.  Therefore, I need an easy method for first identifying myself and subsequently presenting my payment method.
  7. Audit Reports.  I would like to get an online “Identity bank statement” each month or on demand, detailing the my use of PIPS service.  This would allow me to verify that all uses were legitimate and would help me determine if adjustments were needed in my profile or use of the service.
  8. Fraud Insurance.  If a privacy breach or other unauthrorized use of my Identity or credentials occur through no fault of my own, I would like to be insured against possible damages.  This would be similar to the fraud protection currently provided by credit card companies.

Of course, in order for a PIPS service to be worth much, social Networks, online merchants, government agencies and other relying parties will need to accept my PIPS profile and credentials.   But wouldn’t it be great if I could maintain one set of Identity and Profile information and have that available for consumption by any merchant or social network, according to my wishes?  I would be willing to pay a yearly fee for such a service, much like I pay certain bank fees now. Or, perhaps those fees would be waived if I maintained a certain account balance or averaged a certain transaction volume on a credit card issued by the bank.

Will something like this happen?  I think so.  Probably not in 2010.  By 2015? I certainly hope so.


The Ecstasy and Agony of Evernote

Author: Mark Dixon
Monday, December 21, 2009
5:28 pm

Evernote is an essential workhorse in my daily life.  I currently have 3,467 notes in my various Evernote notebooks, using an Evernote premium account.  I use the product multiple times every day for note-taking (I have a reputation as a prodigious note-taker), personal journal (almost daily), electronic filing (I rarely file paper any more) and as a general, all-around information repository.  I particularly like its architectural model using intelligent client applications synchronized with a server-side database.  This allows me to keep information in sync on my laptop and desktop machines (both Windows) as well as my iPhone

That is the “ecstasy” part.  The “agony” came when I installed the long-awaited new Windows client (version 3.5 beta) last week.  What I hoped would be a major improvement of the Windows client, was, instead, a deep disappointment. While I liked a few new features, such as the mixed view, the core note taking engine is still very primitive.  If anything, it was a step  backwards.

The two biggest problems are the very awkward and limited outlining capability and the complete lack of templates.  The new table feature is extremely basic.  I  submitted suggestions in all three areas several months ago, but apparently these seemingly basic functions for a product with “Note” in the name weren’t desirable enough to see the light of day.

It is very painful when I have to drop back to Microsoft OneNote to get access to a decent outlining editor, and then transfer the result to Evernote, rather than have a native capability for outlining.  For a guy who thinks in outlines, all I can say is, “Arrrgghh!”

Perhaps Evernote should open up their architecture so third parties could create plugins to provide functionality not available in the core product.  For example, the Thunderbird add-on “QuickText” provide very useful email message templating capability for a product that lacks such a feature.  Perhaps other plugin vendors could provide decent outlining and table functionality.

Here’s hoping that Evernote someday gets it right. Please!


Strategic News Service: Tech Predictions for 2010

Author: Mark Dixon
Wednesday, December 16, 2009
5:28 pm

Mark Anderson, publisher of Strategic News Service, talks about his yearly technology predictions in the following Business Week library video.    An overriding theme seems to be that consumers are demanding, and progressively getting, highly personalized, context-aware, mobile services and content. This demand driving big changes in hardware platforms, operating systems, media distribution and pricing, and network infrastructure. Much of the work I am involved with at Sun is focused directly on these major shifts in markets and technology. This whole area is rife with large, market changing opportunities.

A longer audio presentation, recorded December 10, 2009 at the Waldorf-Astoria, New York, is available. Listen to the presentation now.

Thanks to Kip Meacham for sharing the link.

Comments Off on Strategic News Service: Tech Predictions for 2010 . Permalink . Trackback URL

Mark Mail … Gotta Like that Name

Author: Mark Dixon
Friday, December 11, 2009
6:14 pm

Tonight I stumbled across a website for Mark Mail, a “free service for searching mailing list archives.”  I tried searching for “Discovering Identity” and found nine entries, two of which referred to this blog.  I suppose that means this blog is waaaaay out in the long tail of the Mark Mail economy.

But I still like the name.

Technorati Tags: , ,
Comments Off on Mark Mail … Gotta Like that Name . Permalink . Trackback URL

Federated Identity for Electronic Medical Records

Author: Mark Dixon
Thursday, December 10, 2009
2:06 pm

Many thanks to my good friend Jonathan Gershater for sending me the link to another excellent post about Identity and Healthcare.  I particularly like his illustration of using Federated Identity to facilitate trusted exchange of medical records between different medical service providers. 

A user of any (Healthcare) ServiceProvider, who has been issued a digital identity by the trusted IdentityProvider, may seamlessly interact with the healthcare providers (SPs). The user will present the digital identity issued by the IdP, the SP will verify the Identity, and the user will be granted access to the Service Provider’s application. However, based on the user’s attributes and role, the functionality available to the user will vary.  A physician may alter a medical record but only within their specialty ( a dermatologist cannot alter a prescription for spectacles). A pharmacist may view but not alter the prescription for insulin in a healthrecord.  A patient may only view but not alter their medical record.

Federated Identity for Electronic Medical Records

Comments Off on Federated Identity for Electronic Medical Records . Permalink . Trackback URL
Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.