1 / 33

A Gentle Introduction to Higgins

A Gentle Introduction to Higgins. Paul Trevithick & Mary Ruddy paul@socialphysics.org mary@socialphysics.org. The web of today isn’t people-centered. It’s silo-centered. People go from site to site setting up accounts and pouring in stuff about themselves

jonah-saunders
Download Presentation

A Gentle Introduction to Higgins

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Gentle Introduction to Higgins Paul Trevithick & Mary Ruddy paul@socialphysics.org mary@socialphysics.org

  2. The web of today isn’t people-centered

  3. It’s silo-centered • People go from site to site setting up accounts and pouring in stuff about themselves • Everything the site learns is from people’s fingers – clicks of the keyboard or mouse • Its tedious for the user – she’s constantly repeating herself, typing in forms • It’s bad for business - people hate forms and passwords. • Low conversion rates • Shallow & stale profiles • Vulnerable to phishing Site A Site B Site C Type type, type, click, click, click. Clickety-clack, clickety-clack.

  4. There is a better way

  5. User-centric identity • What if people could register at your site without typing data into forms? Site A Site B Site C The BIG NEW IDEA Identity Selector

  6. User-centric identity • What if people could register at your site without typing data into forms? • And what if you could issue customers a membership card to your institution that doubles as a login credential? Site A Site B Site C Identity Selector

  7. User-centric identity • What if people could register at your site without typing data into forms? • And what if you could issue customers a membership card to your financial institution that doubled as a login credential? • And what if your customer could link her profile to your card and never need to fill in forms again? Site A Site B Site C Identity Selector

  8. Introducing Higgins

  9. Higgins Higgins 1: a species of Tasmanian long-tailed mouse 2: an open source identity selector and interoperability framework being developed IBM, Novell, Oracle, CA, Google, Parity…

  10. System components Diagram courtesy of the Burton Group

  11. Higgins promises….A consistent user experience across contexts based on i-cards

  12. i-cards Managed What the DMV says about you. Personal (aka self-issued) What you say about you. Relationship [under development] What you and Best Buy say about you right now.

  13. Users have many digital identities… • eCommerce (e.g. Amazon, eBay) • Social Networking (e.g. LinkedIn) • Book club • Family • Banks • Mutual Funds • eGovernment • Healthcare System • Corporate Directories • Professional networks • Dating networks Buddy Lists Websites Communities of Interest Enterprise Apps • Second Life • Croquet • WOW • SharePoint Email or IM Virtual Spaces You

  14. …each in its own context (“silo”) • eCommerce (e.g. Amazon, eBay) • Social Networking (e.g. LinkedIn) • Book club • Family • Banks • Mutual Funds • eGovernment • Healthcare System • Corporate Directories • Professional networks • Dating networks Buddy Lists Websites Communities of Interest Enterprise Apps Email or IM Virtual Spaces • Second Life • Croquet • WOW • SharePoint You

  15. These i-cards are managed by an identity selector Something that works on behalf of the user (citizen, patient, consumer). Really.

  16. The identity selector can run here. (Microsoft CardSpace™ is the first example of an Identity Selector. It runs on your local machine)

  17. Or here.

  18. Selector Client (browser extension /thin client) Or sometimes here AND here Selector Service

  19. Selector Service

  20. I-Card Selector User Interface Click on a card

  21. …you’re signed in. (No password required)

  22. The selector projects and protects identity attributes (identifiers, preferences, profiles, history, friends, colleagues, avatars, …) • For authentication • For personalization • Attributes can be blinded using PRIME/Idemix technology Selector Service

  23. The identity selector is powered by an interoperability framework

  24. 4 3 REI Employee 1 Second Life Selector Service 2 American Express Identity Providers

  25. Interoperability framework Higgins Browser Extension Apps Identity Providers Relying Parties Apps and Services APIs and Abstraction Higgins Framework Plug-ins Protocol Providers implement protocols for interacting with Relying Parties CardSpace OpenID RSS/Atom SAML I-Card Providers implement identity protocols and card types CardSpace Managed (WS-Trust) CardSpace Personal Higgins Relationship Token Providers implement different kinds of security tokens SAML X509 Kerberos UN/PS Idemix IdAS Context Providers connect to different identity data sources JNDI / LDAP Enterprise Apps RDF OWL Active Directory Comms Clients

  26. Interoperability requires a common data model

  27. A common data model enables linking across heterogeneous contexts. Each separate context might use a different identity system/technology!

  28. Higgins software project status • Higgins 1.0 Development done by 12/31 • Ongoing series of multi-company (Microsoft, etc.) interoperability events for the past year and ongoing • IBM and Novell have announced they will ship Higgins based products • Parity is offering to host Higgins based services

  29. Next steps – project direction • More Relying Party options • More support for Identity Protocols (more protocols and deeper support) • More platforms • Constant usability improvements to card metaphor • Authentication between user and Identity Selector • Attribute level authorization • Privacy Policy

  30. Addressing barriers to deployment • Interoperability infrastructure • Conventions • Service Providers • Awareness and Trust • A multi-disciplinary approach is required

  31. Interoperability • Common data model • API abstraction/framework • Schema mapping • #1 addressed by Higgins • #2 can be addressed using the Higgins Identity Attribute Service (aka IdAS) • #3 addressed by industry collaborations within Identity Commons and other groups

  32. Breaking down barrier to deployment Higgins activities • Creating infrastructure • Getting tools into hands of implementers and influencers • Supporting open interoperability efforts (OSIS, Identity Commons, Berkman symposia, IIW, etc.) Evangelizing • Other things we think are needed • Service providers (Identity Providers, Identity s) • Policy, conventions for managing risk

  33. Resources to get involved in Higgins • http://eclipse.org/higgins • Interoperability paper • Interoperability In the New Digital Identity Infrastructure http://papers.ssrn.com/sol3/papers.cfm?abstract_id=962701 • Project Leads • Paul Trevithick Mary Ruddy • paul@socialphysics.org mary@socialphysics.org • 617.513.7924 617.290.8591

More Related