Fire Fox and Identity in the Browser

ReadWriteWeb reports this week:

Decrying redirects and iframes, Raskin tells of a brave new world where an in-browser button that defies navigational difficulties allows for something closer to true identity portability than we’ve seen yet:Identity will be one of the defining themes in the next five years of the Web. Nearly every site has a concept of a user account, registration, and identity. Searching for “sign in” on Google yields over 1.8 billion hits. And yet, the browser does nothing to make this experience better save for some basic auto form filling. The browser leaves websites to re-implement identity management, and forces users to learn a new scheme for every site… Your identity is too important to be owned by any one company. Your friends are too important to be owned by any one company.

Finally! They said it!

Comments in reaction to the ReadWriteWeb post highlight Information Cards & CardSpace are not mentioned – I point out in my comment that the work is all connected ant pointed to the IIW conversations about Active Clients attended by all.

Aza open their post with this paragraph:

Identity will be one of the defining themes in the next five years of the Web. Nearly every site has a concept of a user account, registration, and identity. Searching for “sign in” on Google yields over 1.8 billion hits. And yet, the browser does nothing to make this experience better save for some basic auto form filling. The browser leaves websites to re-implement identity management, and forces users to learn a new scheme for every site.

They make these key points following the images they have (you should check the images out)

• Identity is part of where you are, and what you are looking at (Amazon looks different depending on if you are signed in or not). That’s why we put it in the URL Bar.

• For most sites, you’ll probably only have one identity, so login will be a single click or automatic.
• Putting verbs into the navigation bar isn’t new. See Taskfox.
• To increase visibility, webpages should be able to make a Javascript call that opens the login/signup bubble.
• For webpages that want to own the login-process, the account creation simply acts as the ultimate form-fill. For those interested in the evolution of the idea, you can see an early mockup with comments as well as Alex Faaborg’s similiar mockups.

They also make this point…

Chris Messina and others has been advocating for a model which follows the Facebook Connect lead: a single verb, to connect. Once connected, you decide exactly what information to share in an asynchronous manner. Unfortunately this bleeds information — your name is known to all websites which which you connect. We’d like to explore what a connect metaphor in combination with the ability to remain anonymous but connected means.

I agree with the firefox folks. Having a way to do verified anonymity is essential.

“Selective Disclosure” is the name for technologies that do this.

The firefox team should check out Stefan’s U-Prove Technology that may be released shortly by MSFT that acquired it over a year ago -

(seems like Stefan killed his blog when he moved to MSFT..mmm..anyways.)

Firefox folks invite people to get involved here.

Missing: Privileged Account Management for the Social Web.

This year at SXSW I moderated a panel about OpenID, OAuth and data portability in the Enterprise. We had a community lunch after the panel, and walking back to the convention center, I had an insight about a key missing piece of software – Privileged Account Management (PAM) for the Social Web – how are companies managing multiple employees logging in to their official Twitter, Facebook and YouTube accounts?

I thought I should also explain some key things to help understand conventional PAM then get to social web PAM in this post covering:

  1. regular identity management in the enterprise,
  2. regular Privileged Account Management in the enterprise
  3. Privileged Account Management for the Social Web.


1) IdM (Identity Management) in the Enterprise

There are two words you need to know to get IdM and the enterprise: “provisioning” and “termination“.

a) An employee is hired by a company. In order to login to the company’s computer systems to do their work (assuming they are a knowledge worker), they need to be provisioned with an “identity” that they can use to log in to the company systems.

b) When an employee leaves (retires, quits, laid off, fired), the company must terminate this identity in the computer systems so that the employee no longer has access to these systems.

The next thing to understand is logs.

So, an employee uses the company identity to do their work and the company keeps logs of what they do on company systems. This kind of logging is particularly important for things like accounting systems – it is used to audit and check that things are being accurately recorded, and who did what in these systems is monitored, thus addressing fraud with strong accountability.

I will write more about other key words to understand about IdM in the enterprise (authentication, authorization, roles, directories) but I will save these for another post.

2) Ok, so what is Privileged Account Management in the Enterprise?

A privileged account is an “über”-account that has special privileges. It is the root account on a UNIX system, a Windows Administrator account, the owner of a database or router access. These kinds of accounts are required for the systems to function, are used for day-to-day maintenance of systems and can be vital in emergency access scenarios.

They are not “owned” by one person, but are instead co-managed by several administrators. Failure to control access to privileged accounts, knowing who is using the account and when, has led to some of the massive frauds that have occurred in financial systems. Because of this, the auditing of logs of these accounts are now part of compliance mandates in

  • Sarbanes-Oxley
  • the Payment Card Industry Data Security Standard (PCI DSS),
  • the Federal Energy Regulatory Commission (FERC),
  • HIPAA.

Privileged Account Management (PAM) tools help enterprises keep track of who is logged into a privileged account at any given time and produce access logs. One way this software works is: an administrator logs in to the PAM software, and it then logs in to the privileged account they want access to. The privileged account management product grants privileged user access to privileged accounts [1].

Links to articles on PAM, [1] Burton Group Identity and Privacy Blog, KuppingerCole, Information Security Magazine.

3) Privileged Account Management on the Social Web.

Increasingly companies have privileged accounts on the social web. Dell computers has several for different purposes. Virgin America, (they link to the account from their website – thus “validating” that this is their real account), JetBlue, Southwest Airlines, Zappos CEO, (employees who twitter), Comcast Cares (Frank Eliason) (interestingly comcast on twitter is blank).

Twitter is just the tip of the iceberg – there are also “fan pages” on Facebook for brands. Coca-Cola, Zappos, NYTimes, Redbull, Southwest, YouTube Channels, Dunkin’ Donuts, etc, etc. on thousands of other platforms and yet-to-be-invented services.

These are very powerful accounts – they are managed and maintained by many employees around the clock and are the public voices of companies.

I have yet to see or hear of any software tools to enable enterprises to manage Social Web privileged accounts. How are companies managing access by multiple employees to these accounts?

Is there software that does this yet?

Is anyone working on these kinds of tools?

Leave your comments here or tweet with me @identitywoman

SSN’s can be guessed

This just in from slashdot:

“The nation’s Social Security numbering scheme has left millions of citizens vulnerable to privacy breaches, according to researchers at Carnegie Mellon University, who for the first time have used statistical techniques to predict Social Security numbers solely from an individual’s date and location of birth. The researchers used the information they gleaned to predict, in one try, the first five digits of a person’s Social Security number 44 percent of the time for 160,000 people born between 1989 and 2003.

This is from the Wired coverage:

By analyzing a public data set called the “Death Master File,” which contains SSNs and birth information for people who have died, computer scientists from Carnegie Mellon University discovered distinct patterns in how the numbers are assigned. In many cases, knowing the date and state of an individual’s birth was enough to predict a person’s SSN.

“We didn’t break any secret code or hack into an undisclosed data set,” said privacy expert Alessandro Acquisti, co-author of the study published Monday in the journal Proceedings of the National Academy of Sciences. “We used only publicly available information, and that’s why our result is of value. It shows that you can take personal information that’s not sensitive, like birth date, and combine it with other publicly available data to come up with something very sensitive and confidential.”

Basically it means we shouldn’t be honest about our date of birth and home town on Facebook (or any other social network) or we are making ourselves vulnerable to discernment of our SSN’s. I wonder if they can figure out mine? I received my as an adult when I was attending college in California.

I decided to poke around and see what Facebook had up about Identity Theft. I did find a link to this study that created a profile by “Freddi Stauer,” an anagram for “ID Fraudster,”.

Out of the 200 friend requests, Sophos received 82 responses, with 72 percent of those respondents divulging one or more e-mail address; 84 percent listing their full date of birth; 87 percent providing details about education or work; 78 percent listing their current address or location; 23 percent giving their phone number; and 26 percent providing their instant messaging screen name.

Sophos says in most cases, Freddi also got access to respondents’ photos of friends and family, plus a lot of information about personal likes and dislikes, and even details about employers.

Facebook users were all too willing to disclose the names of spouses and partners, with some even sending complete resumes. One facebook user divulging his mother’s maiden name—the old standard used by many financial and other Web sites to get access to account information.

Most people wouldn’t give this kind of information out to people on the street but their guard sometimes seems to drop in the context of a friend request on the Facebook site, O’Brien says.

According to Sophos, the results of what it calls its Facebook ID Probe has significance for the workplace as well as personal life because businesses need to be aware that this type of social-networking site may pose a threat to corporate security.

I have tried to search the Facebook blog to see what they have to say about identity theft and apparently they haven’t mentioned it.

IIW & Identity Community Bumps in the Road

This is cross posted on the IIW blog .

When we first started meeting (the early “seedling” meetings of community) at other people’s conferences, there were Microsoft people, Liberty Alliance/SAML people, Shibboleth implementers, user-centric folks (OpenID, LID, sxip, i-names/xri), big idea folks (Doc Searls), etc. We met for a couple of hours at a time and knew there was common ground, but knew we needed more time to really understand each other: to have more of a shared language and develop enough strength in the relationships in the community to work together. We figured we needed to have more time to meet together, so we convened the Internet Identity Workshop. That first event was amazing and quite formative – kicking off the conversation that would lead to OpenIDv2 via Yadis. Kim Cameron presented his 7 laws of identity that have become foundational to community thinking and introduced the idea of information cards and selectors; much work is now happening around this.

Soon afterward Brett McDowell the ED at Liberty Alliance approached me and Phil about having an Internet Identity Workshop (IIW) next to (the days following and in the same location) an upcoming Liberty Alliance meeting. We thought this was a great idea to create more space for people to meet about user-centric identity technologies and issues. When Microsoft got wind of this, boy did I get an earful – they felt that the neutrality of IIW would be totally compromised if it came to be that closely associated with Liberty Alliance (remember Liberty Alliance was originally formed by Sun and others in response to Microsoft Passport).

IIW had provided a forum for anyone working on user-centric identity technologies to come together without anyone making an “agenda” for the meeting or creating a “technology road map.” Literally anyone who came could put a subject on the agenda on the day of the event. All parties did want to increase dialogue and cross-pollination among the groups, and we found a way through by jointly (IIW and Liberty Alliance) producing what we named the Identity Open Space (we also said we would be open to co-producing with others who asked – we did two with Digital Identity World). It was in Vancouver Canada and Kim Cameron along with several Microsoft folks along with many in the user-centric community attended and because it was the two days after a Liberty Alliance meeting many Liberty people were also there, and it was a good event that moved the industry forward.

Right in the middle of getting this worked out – I on a personal level had a very intense experience being caught in the middle – a giant trade association on one side and Microsoft on the other. We (me, Phil, Doc, Kim, Brett) managed to navigate this as a community and do the right thing and we became stronger as a community for having done so.

We continued to have IIW’s every 6 months and in 2006 it was clear we were going beyond just IIW and needed a community home/container to connect community efforts and provide common services (blogs, wikis, bank account for doing common work like holding events). We held a series of conversations and decided to create a community organization, drawing on an existing one, Identity Commons – the community liked the purpose and principles approach for bringing people together. As a codition of brand transfer to a our nonprofit organization we worked on our version of purpose and principles. There were some delays in actually getting the organization legally formed and the brand transfered, but in 2007 we were an official organization: a network of organizations, initiatives, and projects all working on different aspects of a people-centric identity layer of the web. There are several places you can read about community history and background around Identity Commons. I wrote “What the heck is Identity Commons?”.

Next fall we are hosting our 9th event. Many things have move forward significantly in the community – OpenIDv2, OAuth, Venn of Identity paper, OSIS Interop, Concordia use-cases, Information Card evolution including Augmented Browsing with Action Cards, Portable Contacts, Open Social, OpenID/OAuth hybrid, Activity Streams, Distributed Social Networking, Discovery particularly XRD. So what has made IIW work so well in fostering the kind of collaboration and innovation that has emerged from it?

  • We have kept the space free: no one has the ability to buy time at the conference.
  • All ideas are welcome: there is no committee controlling the agenda, so politics about what is “on the agenda” or “not” just doesn’t happen.
  • It is a working workshop to solve real problems, move technical projects forward and discuss interoperability among them.
  • We put attention towards creating the space for relationships between people to form naturally over time and thus enabled trust to grow.

Personal Anchor on the Web for Digital Identity – CC Images

I got a request for the images I posted in “Personal Anchors on the Web for Digital Identity” from David Larlet to use in a slide presentation in France. I decided to open them up and post them here.

Below are versions with english text and a version without english text.

[Read more...]