Andre Durand

Discovering life, one mistake at a time.
Subscribe

Archive for September, 2005

IDG Partners with Digital ID World

September 23, 2005 By: Andre Category: Ping Identity

We (Digital ID World) today announced a partnership with IDG, which we’ve been working on for the past two months. It will allow us to significantly accelerate and expand the conference, both domestically and internationally. From our little interaction to date, IDG is one quality outfit, and I’m pretty excited to work with them to accelerate awareness around the centrality of identity to computing and security. Here’s an exerp from the announcement.


=====


 


Digital ID World and IDG World Expo Join Forces


Premier identity event reaches new plateau in serving the identity industry


 



FRAMINGHAM, MA, September 23, 2005 – IDG World Expo, the leading producer of world-class tradeshows, conferences and events for technology markets, and Digital ID World, Inc. today announced that the two companies will work together to make Digital ID World even more valuable and relevant for the identity community. Digital ID World®, the premier identity industry event dedicated to digital identity technologies and solutions, is scheduled to take place in Spring 2006.


 


“Our May 2005 event was a watershed moment where both attendees and vendors saw the power and value of this event, and they wanted it to grow and expand in new directions,” said Phil Becker, founder and conference co-chair of Digital ID World. “To better serve this community, we are joining forces with IDG World Expo, giving us the capability to be very responsive to the demands of this rapidly growing industry. We now have the tools to make this event even more impactful and valuable for vendors and attendees, while continuing our tradition of vendor-neutral industry advocacy.” 


 


Digital ID World will combine the identity industry expertise of Phil Becker, Founder and Conference Co-Chair of Digital ID World, with IDG World Expo’s expertise as a world class event producer. IDG World Expo will manage all aspects of bringing the audience and vendors together, while Digital ID World, Inc. will continue to organize the strategy, develop the conference content and communicate with the identity industry leaders about the direction of the event.


 


Digital ID World provides business executives and IT managers with an exclusive conference opportunity to interact with thought leaders, developers and providers of identity solutions. With real world deployment case studies focused on the enterprise and presentations covering identity-based technologies, standards, business processes, Web services security and RFID, Digital ID World offers superior networking, in-depth information and practical advice.


 


“Phil Becker founded Digital ID World in 2002 to help foster and grow the identity industry, and this industry is moving to the next stage of its evolution, in large part because of his diligent efforts,” said David Korse, CEO, IDG World Expo. “We’re excited to work with Digital ID World to help enterprises and vendors who are harnessing identity technologies and solutions.”

What Privacy and Cave Men Have in Common

September 16, 2005 By: Andre Category: Life

The networking of everything-to-everything is a death march.

 

In the quest to have everything instantly accessible, personalized and convenient, we intertwine ourselves (our identities) into network, the network and we become one (i.e. we become ‘known’ to the network).

 

If we want privacy, we might just need to revert to being cave men. Less the bats, they had privacy.

Platt’s Law of Assertions

September 16, 2005 By: Andre Category: Ping Identity

In a meeting the other day, we were musing about the consequences of assertion life-time value, noting that most PKI-like assertions were ‘long-lived’ and SAML assertions were optimized for ‘short-lifespan’.


Darren Platt made a comment which stuck in my mind when he stated that ‘shorter assertions, when the infrastructure is capable of handling them, will always be used over longer assertions.’.


I’ve not had time to analyze the trends with which assertion life-time values are declining, but it occurred to me that this statement is quite profound, in a Moore’s Law sort of way.


We live in a world of long-lived assertions ‘tokens’ (assertions of identity), both physical, and in the case of PKI certs, digital (think of VeriSign’s SSL Certs). The lifetime of these assertions in many cases is measured in years. I suspect over time, as new infrastructures arise to deal with these assertions, such as federated identity infrastructures capable of building and receiving SAML assertions, the gates of accessibility will become increasingly tied to ‘real-time’ policy enforcement.


While this thought has not been completely flushed through, I’d like to refer to this as Platt’s Law of Assertions, which simply put, states that “shorter assertion lifetimes will always prevail over longer assertion lifetime values, given the infrastructure to deal with them is in place.”

Digital Reputations

September 16, 2005 By: Andre Category: Ping Identity

I wrote this over 3 years ago, but don’t think I ever posted it to my main blog.

===================================================

Anatomy of a Digital Reputation

Tue, Apr 30, 2002; by Andre Durand.

The notion of a digital reputation first came up in my discussions with
Phil Becker, editor of Digital ID World about three months ago. Ever
since then, I’ve grown in my fascination over the concept of
reputations, what they are and how a digital reputation might mirror
reputations in the real-world.

Reputations are both deep and complex at the same time, in one instance serving to amplify reality (“…she was larger than life.”) and in another instance oversimplify it, (“…he’s amazing.“).
Reputations are not limited to people, but can and do apply to groups,
organizations, companies, countries, governments and even objects.

Having a good or positive reputation can serve to make your life easier, (e.g. “…of course I trust you, your reputation precedes you.“) just like having a negative reputation can work against you, many times in ways that you’ll never even realize (e.g. “…his
resume looked like a perfect match, but when I inquired others who knew
him, I found he had a poor reputation as a team player, so I didn’t
hire him.
“)

But what is a reputation and how might a digital reputation affect you in the future?

First
of all, a reputation is not something that’s internal to you. Yes, it’s
YOUR reputation, but you don’t have a reputation with yourself per-say.
Reputations only really exist within the context of your interactions
with others, and therefore, a reputation can be viewed as existing in
the space between you and others.

While a reputation can be
thought of as distinct, separate and external to us all, they are
inextricably linked to us, and don’t exist outside of the context of
their owner for which they refer. In some instances, a reputation can
become so independent from us that they ‘take on a life of their very
own.’ In these cases, reputations can actually drive how we act, rather
than how we act dictate our reputation. For example, sometimes we find
ourselves acting in uncharacteristic ways, many times unconsciously,
just to support an external perception amongst others of who we are
that is no longer true to our being.

A reputation is comprised
in part by what we say and what we do over some period of time and in
some particular context of an interaction with others. As an
individual, I might never know all of the different facets of my
reputation, just as others might also never know every aspect of my
reputation. Needless to say, reputations are important to us all
because they affect us in very tangible ways, serving to make our lives
easier or more difficult, depending on whether they are positive or
negative.

The reason we care about our reputations is two-fold:
1)
our reputation is often tightly coupled with our sense of self-worth,
serving as an external reflection of who we are, or who we wish to be
and
2) our reputation can precede our physical being, serving to
‘open doors’ or generally make our lives more convenient or to close
doors, in which case we are blocked from doing something or going
somewhere, and we might never know why.

At any moment in time,
our reputation is nothing more than a snapshot of our historical
interactions with others. If the snapshot supports what we say about
ourselves, then our reputation is positively amplified (R+1). If the
snapshot contradicts what we have said about ourselves, then our
reputation is diminished (R-1).

As reputations baring any
weight and credibility are only built over time, it’s difficult to
truly circumvent their creation. This is often why we learn early the
value of ‘borrowing’ a reputation. Namedropping is nothing more than an
attempt to place oneself in the positive glow of another’s positive
reputation, hoping that it will make our life easier in the process or
gain us access to something which we would not normally have access to
on our own. How many times have you specifically gone someplace with
someone who you knew was bearing the credentials and reputation of
being ‘well-connected.’ (e.g. “I’m good friends with the owner and he always let’s us in for free.“)

Reputations
are likely the most important quality enabled by identity and I believe
that digital reputations will likely become the core and central reason
why individuals will choose to have a digital identity in the future.

eBay™
uses a simplified version of digital reputation to allow individuals to
quickly see whether or not a buyer or seller is trustworthy in their
ecommerce transactions, but what if the concept of a digital reputation
was expanded to encompass all facets of ones identity. The reason this
is important is that I may be completely trustworthy within one context
and completely untrustworthy within another. Let’s examine the
attributes of a reputation.

Attributes of a Reputation

What You Say
To begin with, many people believe that a reputation can be created by
what they say about themselves. Bragging is in essence nothing more
than a naïve attempt to short-circuit the creation of a positive
reputation, often eliciting the exact opposite, which is a reputation
that he/she is insecure. Of all the ways to create a reputation,
telling people what they should think of you is both the weakest and
carries the least amount of weight in the real world. That said, what
you say about yourself can serve to amplify a positive opinion of you
if it is consistent with your actions (in their experience). Likewise,
what you say about yourself can negatively impact one’s image of you if
it is inconsistent with their experiences with you.

What You Do – “Actions speak louder than words
embodies this attribute of an identity. Nothing serves to more quickly
establish a reputation than ones actions. When we say, “…what they say and what they do are two different things,”
we’re really making a profound statement about ones reputation, namely,
‘you can’t trust what they say, because in our experience, they don’t
follow through.’ One’s perceived actions, combined with ones words,
constitute the foundation of a reputation.

What’s Public
– Certain elements of our reputation are public, that is, generally
known by us (the owner of the reputation) and by others who know us. I
know that many people think of me as creative and honest, two elements
of my reputation that I consider positive attributes. Because I view
these elements as positive and because I’m aware of them, I work hard
to reinforce them by saying and doing things which are both creative
and honest. Generally speaking, we work to reinforce positive elements
of our reputation and diminish negative ones. If I knew that I’d been
branded a ‘tight-wad’ when it comes to paying my bar tab, I might
over-pay in the future to counteract a negative impression of my
reputation as being generous.

What’s Private
Certain facets of my reputation are private, and will never be known to
me or others. Individuals who choose to create a new identity are doing
nothing more than running from their reputation. The same way that
individuals might attempt to conceal their past and reputation from
others, others might also feel compelled to conceal elements of our
reputation from ourselves. While many of us are aware of some of the
negative attributes of our reputation, we will likely never be aware of
all of them, and as a result, we’ll never actually know when and where
our future has been walled in or blocked off because of them.

What Context
– Lastly, while in real life and in every day conversation we do in
fact attempt to summarize an individual’s reputation (e.g. “…she’s an amazing person.“),
the fact is, our reputation is contextual and it is quite possible for
me to have a positive reputation in one area of my life with individual
A and a negative reputation in another area of my life with individual
B.

The Digital Reputation
While historically
reputations have been a somewhat vague and subjective, in the digital
world they are likely to become more objective, binary and long-lasting
(all the reason to take them seriously). Biologically, time is a
built-in eraser, allowing us to forget and move on. In the digital
world however, where memory is cheap and caching the norm, our
reputations are likely to become more persistent, at least in the areas
in which the law has not intervened (e.g. driving tickets are erased
every three years and bad credit every seven). Probably more important,
in the digital world, our various reputations which are today
disconnected are likely to become more connected, if not by us, then by
others. Think this is far fetched? Don’t think for a second that my
reputation as a frequent flyer is not in some way connected to my
reputation as an individual who rents cars when I’m out of town, and
that’s just the beginning.

The fact is, systems specifically
designed to create and track our digital reputations do in fact exist
today. They are disguised as cookies, packaged as awards programs and
renamed to convenience time-savers. As individuals navigating an
increasingly complex and interconnected world, our slime-trails spell
money to the private sector, and control to the government sector. As
the digital reputation is an off-spring of digital identity, ensuring
that we maintain control in how they are built, used and accessed is
essential to our future as a free society that holds dear our right to
privacy.