Monday, October 20, 2003

Personal Identity - who am I....

I spent some time last week at Digital ID World. I was there to be part of a panel on Web Services and Identity that focused on enterprise issues. The other part of the conference was looking at the issues of personal identity and how it related to the digital world. The danger of the identity problem is over-simplification.

The nature of personal identity is really around a collection of facts about me, with axes in time and space. At different times I have different identities, a friend, an employee, a customer, a relation etc. In different places, native, business traveler, tourist, etc. Which facts about me are both necessary and provable to determine my identity to solve the problem at hand.

I am not sure the problem can be solved by either a single device or a static set of assertions. I need to be able to reach into the network and present a set of provable assertions to define my identity and other parties need to be able to ask for a collection of assertions. Once provided the provable assertions they identity consumer needs to be able to state what they are going to do with the information, i.e. how persistent it is and will it be attached to my identity cloud.

The idea of an identity cloud that has clusters of provable facts in time and space is the mental model I am creating around identity as anything else is too simplistic.

No comments: