btw.net
Digital Identity
last updated on January 18, 2003


US Federal
e-authentication
                                                   
Microsoft
Passport

btw.net webpages
btw.net blog posts
Introduction to Digital Identity, January 18, 2003 Point, Counter-Point & Commentary, January, 18, 2003
Implicit Trust and Digital Identity, January 10, 2003
Beyond Digital, Introduction to Nicholas Negroponte's last column in Wired, December 1998

November 16, 2002

Foiling Data Thieves How to keep a secret in the information age
By Kayte VanScoy, New Architect, December 2002
Your Money or Your Life? With the advent of digital IDs, crooks will have a choice
By Bret A. Fausett, New Architect,December 2002
e-Authentication prototype awaits e-gov projects
By Dipka Bhambhani, GCN Staff, 11/14/02
The federal government has an operational prototype of the e-Authentication gateway, one of the Office of Management and Budget’s 25 Quicksilver e-government projects, that is managing access to two applications.

Now, it’s up to the managers of the other 24 e-government projects to catch up and use the gateway, said David Temoshok, director for identity policy and management in the General Services Administration’s Office of Governmentwide Policy....

As agencies work on their e-government projects next year, GSA’s Office of Governmentwide Policy is developing a written taxonomy that will establish a process by which credential providers such as smart-card developers, biometric-systems providers and certificate authorities can link to the gateway....

Scott Loftesness Digital Identity A place to log items related to digital identity
Canadian Minister calls for debate on national ID cards
CBC News, 14 Nov 2002, Winnipeg
The federal immigration minister wants a national debate on the idea of mandatory citizenship cards for all Canadians.
Universal user IDs ease bond trading
By John Fontana, Network World, 11/11/02
NEW YORK - A consortium of the world's top financial institutions is sharing user directories so customers can enjoy single sign-on access across their Web sites in an effort that is shaping up to be a blueprint for emerging universal user identification standards.

Under a program called the Bond.Hub consortium, Credit Suisse First Boston, Goldman Sachs, JPMorgan Chase, Lehman Brothers, Merrill Lynch, Morgan Stanley, Salomon Smith Barney and UBS Warburg have created single sign-on capabilities for 15,000 mutual customers seeking fixed-income investments by joining customer identities stored in their respective directories - a concept known as federating....

Industry Briefs: Grounds for Identity
Posted on Friday, November 08, 2002 by Doc Searls
Identity became a hot topic last year, but it won't truly matter until it becomes the focus of a serious open-source project.
November 6, 2002


There are many aspects to "digital identity" and we will touch on several. One technical aspect is the process of identifying someone, establishing how they may authentication their identity to a system (computer network, website, etc) and then be authorized to access appropirate resources on that system. One key effort underway is by the US Federal Government. They are still in the define the problem and scope of solution phase. Here is a notice to a forum regarding their RFI (request for information)
E-Authentication - Making Trust Possible - Federal authentication project

Information regarding e-Authentication Policy and Technology Forum, November 21, 2002, Renaissance Washington, DC Hotel
November 5, 2002

Your ID Please, Citizen
Popular Science
What a national ID card might look like.

Data mining suggested to deter terror, InfoWorld, by Gretel Johnston

The report lays out a case for establishing a counterterrorism system that uses data mining to look for suspicious patterns within data contained not only in federal government databases, but also state, local authority and commercial databases such as those held by car rental agencies, Shinn said.

October 30, 2002

Various conversations about Identity, Security and Privacy
Perspective: The ID dilemmaBy Norman A. Willox, Jr., News.com (cnet), October 30,2002
"Despite tentative moves toward a comprehensive authentication system, debate has not yet focused on one of the most visible threats to America's national security: namely, the growing problem of identity fraud."

The accountability matrix, in Jon Udell's blog

Privacy Watch Interview: David Brin's Naked Truth About Privacy posted: 2/13/02
"In a polarized environment where opinions on privacy are simplistically reduced to 'for' or 'ignore,' David Brin’s concept of “The Transparent Society” (the title of his 1998 book) is a nimble approach that appears more relevant by the day."

The Art of Deception: Controlling the Human Element of Securityby Kevin D. Mitnick and William L. Simon
The Barnes & Noble Review
The name “Kevin Mitnick” is a Rorschach test for the digital age. To the government (and to companies like Sun Microsystems, whose Solaris source code he once appropriated), Mitnick was pure menace, marauding through computer systems that didn’t belong to him, causing millions of dollars of losses, and blazing a trail for even worse cybercriminals. To much of the hacker community, Mitnick’s a hero, unjustly persecuted by an ignorant Department of Justice: a prophet in the wilderness, warning folks who are too lazy or dumb to protect their digital assets. Perhaps you’ve seen those Free Kevin bumper stickers. After five years in prison, Mitnick’s on parole and evidently following the straight and narrow, though he’s still not allowed a web connection -- or even a ham radio license.

Even if you could care less about Mitnick personally, though, his book The Art of Deceptionis indispensable if you care about the vulnerability of your business computer systems -- or your own personal information. Mitnick presents the best discussion of "social engineering" we’ve ever seen: the art of understanding how to trick people into voluntarily handing over the information needed to break into computer systems.

October 28, 2002
Australians log off the web

Internet use in Australia, one of the most connected countries in the world, has fallen for the first time accompanied by a warning that demand might have levelled.

Market research firm Market Intelligence Strategy Centre's (MISC) index of internet usage fell three percent in the quarter ending June....

Technology to change face of ID-card process System will scan applicants to prevent fraud
By Julia C. Martinez, Denver Post Capitol Bureau, Monday, June 03, 2002
If you thought the depth of your eye sockets, the flare of your nostrils or the cleft in your chin had little to do with your identity, think again.

Those peaks and valleys make you unique to a new facial-recognition system that will begin mapping faces this fall of anyone with a Colorado driver's license.

Starting in September or October, the face-verification software will scan the face of everyone applying for a driver's license, measuring all those bumps and ridges and creating a facial template that will be stored in a database and be used to help the state attack identity fraud and theft.

Face-recognition technology will become a central security feature of Colorado's Division of Motor Vehicles, which will compare the high-tech face prints against 3.9 million photographs now in the database to prevent the same person from getting more than one license or ID card using someone else's name....


The Expanding Surveillance State: Why Colorado Should Scrap Facial Recognition in Public Places
Issue Paper Number 8-2001; October 2001
Executive Summary
“To be governed…is to be watched, inspected, directed, indoctrinated, numbered, estimated, regulated, commanded, controlled, law-driven, preached at, spied upon, censured, checked, valued, enrolled by creatures who have neither the right, nor the wisdom, nor the virtue to do so.”
Pierre-Joseph Proudhon

As a whole, we citizens routinely hand over large amounts of personal and intrusive information to the state as a matter of law.  Whether to obtain a license, to comply with the police officer who has just pulled you over, or to tell the tax man how much money we make, it seems that we are always handing over another bit of information about ourselves.

The Colorado legislature last year introduced us to the next generation of surveillance technology, facial recognition, in a nation already under intense scrutiny.

October 27, 2002

Quote of the Day

"In this economy, customers aren't buying the latest in innovative technology. Instead, they're buying only what's necessary to remain competitive without breaking the bank."

daniel acker -- bloomberg news
by Sam Diaz, Mercury News
(article is about Dell cleaning everyone's clock lately)

Creating Applications with Mozilla

"This project hosts the ongoing development for O'Reilly's Creating Applications with Mozillabook. In order to keep all of the information updated and current with the latest developments in the Mozilla community, the contents of the book have been made freely available under the Open Publication License."

"Mozilla is not just a browser. Mozilla is also a framework that allows developers to create cross-platform applications. Creating Applications with Mozilla provides step-by-step information about how you can create your own programs using Mozilla's framework. After installing Mozilla, you quickly learn to create simple applications. After the initial satisfaction of developing your own portable applications, the book branches into topics on modular development and packaging your application. In order to build more complex applications, coverage of XUL, JavaScript, and CSS allow you to discover how to customize and build out your application shell."
Commentary

It is more important than ever to improve how we spend our technology dollars. I think, however, it is more important to look at how we improve our spending to deliver services. And sometimes that may mean blending high technology considerations with low technology considerations to find the most economical and effective path over time. The technology is always a part of a larger picture, be it the Bioterrorism Reporting system we heard about today or the Smart Highways that we've heard about in the past. Some things may have "IT" in them but the purchase decision isn't an IT decision - new cars comes to mind as an example. It might be useful for us to explore where that boundary is, to ask ourselves: "What makes an expenditure an IT expenditure?"


the shift from "personalization" to individualization - build it yourself, transform it to your taste
the chasm - in the U.S.A.: 40% with no PC, 20-25% with pre-Internet era PC, 20-25% Internet era PC, 10% with broadband, always on, always connected devices.

October 24, 2002

"Even where security spending is increasing, it is from a very low base. Meta Group's survey found that most companies spend less than 3% of their technology budgets on security. Technology budgets, in turn, are typically set at around 3% of revenues. Since 3% of 3% is 0.09%, most firms spend more on coffee than on computer security, according to a popular industry statistic. The purse strings loosen only when companies suffer a serious security breach themselves, see one of their rivals come under attack or are told by auditors that lax security could mean they are compromising due diligence."
Securing the cloud
Digital security, once the province of geeks, is now everyone's concern.
But there is much more to the problem—or the solution—than mere technology, says Tom Standage
Oct 24th 2002, From The Economist print edition
DigitalIDworld interview on Shibbboleth: Identity the Internet Way

btw NEWS
© 2002, 2003 by Russ Savage (d.b.a. BTW Productions)
(BTW = By The Way)