Image source : https://www.ohloh.net/p/compare?project_0=midPoint&project_1=OpenIdM&project_2=Syncope

Radovan Semančík, presents an evaluation list of some open source identity management systems including MidPoint, OpenIAM, OpenIDM, Syncope here  -

"customers are starting to realize that no vendor is stable enough to guarantee protection of their investment in IDM solution. This is partly caused by the fact that most IDM deployments are significantly customized and that there is no easy migration path from one product to the other. "Migration" of IDM deployment in fact means re-implementation from the ground up. Open source solutions provide better protection of investment - ability to stay with the same product even if "vendor" is dead. That was clearly demonstrated when ForgeRock took over OpenSSO product that Oracle abandoned. That was the first major case of this phenomenon but it is unlikely that it was the last one."

 

Drawing by Hugh MacLeod (@gapingvoid)

Orwellian utopia theory:  Google, Amazon, Apple will take over the entire world, control everything and the free market will end.

Let's imagine that :

• Nike, Sony, Ford, Samsung, AT&T, Vodafone, Paypal, HP, Visa, Coke, Nestle, BA, Intel, Microsoft, Telefonica, Band of America, Chase, Philips, Marks and Spencer, Ebay, Pepsi, Tesco, Walmat, Real Madrid, Hilton, Amex, McAfee, Oracle, Disney, Hello, News Corp, Levi, Toyota will still be valuable and credible brands who have a close relationship with customers.
• Value and supply chains will be more complex but efficient as anyone can offer terms for products and services to anyone
• Telecoms, Banking and Media are fighting a rear guard action on business models and relevancy in the value chain
• Customers can decide but there is not perfect knowledge
• Local is as important as national/ global
• Detailed insightful, explicit and knowledge about a customer is business critical
• Identity provision will become a highly regulated business with significant penalties brand and cost issues for failure
• Identity will resemble the security, access control and authentication market structures and dynamics
• Regulated market Innovation is slow, complex and costly..... innovation using "identity" is fast, dynamic and fun
• Paying for products and services is still the bed rock of a stable economic platform
• Speed of data be approaching real-time

Therefore could be possible for several other players to partner and take a leadership position

1. Telco and Bank as an identity provider
2. Brand and Bank as trusted party
3. IT company and Telco as end to end secure provider
4. Retail and Utility company as data store

Ignoring the issues of culture, business models, margin erosion, regulation, valuation, brand value, trust, free cash flow, shareholder expectation and CEO persona; is there enough left (of either business) to protect (from a partnership) or has so much already been eroded that they cannot get back……and therefore it is about building something new?

http://dickhardt.org/

Midata - access and control your personal data, this is the UK governments Consumer Empowerment Strategy for data….

The three main objectives of midata are to:

• secure broad private-sector participation in the project, with a key number of businesses agreeing to release individual, personal data to consumers
• let consumers access and use their data in a safe way
• encourage businesses to develop innovative services and applications that will interpret and use the data for consumers

Agenda 1: consumer data

 “Giving people back their data” is billed as putting the customer back in control when forming or reviewing a relationship with a vendor. Sorry but this misses the point totally and most users don’t want their data. We generate vast amounts of data in creating and consuming. You will get zero understanding our consumption patterns based on the data – you need the algorithm and the output.

Please start protecting those who want to give data but have no value as they will be left out from FREE soon as I can spot them.  Also – no-one owns data……

Agenda 2: identity

There is a need to prove things: who you are, can you pay, entitlement-by-residence and so on.

The favoured approach is that of “federated identity assurance”. Not trying to create one massive database of people information against which things can be checked, but to use information sourced from a number of existing trusted relationships, in combination, to give sufficient assurance of identity.

Ignoring the issues about what is personal data – check out Personal Data Ecosystem PDEC (I am on the board)  Identity is more than your data and is more than what you can prove -  we need to get some new words in this area as Identity is just way to confusing.  Also I don’t need to prove who I am to buy anything?

Agenda 3: open for business

Well until someone in government wakes up that this is a service play – there is no manufacturing and very low employment but high tax income – others will be ahead in the delivery of this.

….But well done to mydex who are in there competing

There are so many – here are the links

The first one is here http://www.identropy.com/blog/bid/77844/Commonly-Used-Acronyms-in-Identity-and-Access-Management

And the second is here http://wiki.idcommons.net/ID_Related_Standards

 

This is a straight cross post from Kaliya (identity woman) and link to the original…

The issue is who decides on names … this should be set in the context of who owns brands (G+), facebook pages and who had the rights to change/ amend/ delete them….

The Nymwars and what they mean: summary of my posts to date.

For those of you coming from the Mercury News story on the NymWars exploding...

I STILL have my Google+ profile suspended for using a  [  .  ] as my last name.  Prior to that I had "Identity Woman" as my last name and prior to that... before I ever got a G+ profile and since I started using Gmail and Google Profiles I had a   [  *   ]as my last name. [see the complete list of posts about this whole saga below]

It is my right to choose my own name online and how I express it.  Names and identities are socially constructed AND contextual... and without the freedom to choose our own names, and the freedom to have different names (and identifiers) across different contexts we will end up with a social reality that I don't want to live in: Participatory Totalitarianism.

The last names that I have had during my life are Young, and currently Hamlin (my soon-to-be ex-husband's last name). I plan to have a last name of my own, different from either of those, within the next few years.  I do not choose to "promote" this last name as the HEADLINE of my profile in Google - that is a representation of my professional self online.  Yes, people walk up to me IRL (In Real Life) and say "Yeah! You're Identity Woman, aren't you" - yep 

 .  It is, believe it or not, a "common" name for me as the G+ "requirements" call for. Just like it is common for BotGirl Questi to be called that when she is in that persona online. Botgirl has the best collection of articles on the web about #nymwars  and amazing art protesting what happened to her and all of us who have been suspended - comic book covers, songs re-written with new lyrics, impassioned monologs.

In the digital world "identifiers" are totally linkable across contexts - that is, different communities and contexts that would never meet In Real Life cross online with common identifiers. So if you don't have the freedom to choose which identifiers (name, e-mail address, phone number, physical address,) you don't have the freedom to keep identifiers in different contexts separate, and if you can't keep them separate, that means they are linkable.  Without that freedom, you can't explore or be a part of niche communities of interest that are not mainstream or not appropriate for some other context you also belong to. Here are some examples:

• the gambler at church,
• the "crazy" ferret lady at work
• the gardening gun lover
• being part of a minority sexual community
• proactive environmental activist working at a logging company
• being a Buddhist in a part of the country where everyone goes to church on Sunday and doesn't talk about religion because they would be ostracized  OR the other way around being a very devout christian in a part of the country where when they do inter-religious services they include everyone except christianity...and you just would rather your faith not be "public"
• going out in the woods every few weekends dressed up like knights and ladies, while being in the Army Reserve on other ones.

This freedom to have multiple personas for multiple contexts, just like the right to vote for our government in a secret ballot box, is essential for a free society. If we do not fight for and maintain these rights, we will end up with Participatory Totalitarianism.

Google+ and my "real" name: Yes, I'm Identity Woman  My first post on Google+ surprise to find my profile suspended.... I think this will all be over very soon. 

Nymwars: IRL on Google Lawns. My idea to "occupy" the lawn of Google with a colourful range of folks who want the right to choose their names.  I wrote this after I figured out a week into this that it wasn't going to end, and they hadn't just made a mistake. 

danah boyd writes a very good post on How to design for social norms (and avoid angry mobs) all about the nymwars and what is/was going on. 

August 8th Google Suspension Update - they now think I should wait for business accounts.

August 27th Let's try going with the Mononym for Google+

August 28th  Google+ says your name is "Toby" NOT "Kunta Kinte"

This post was written after watching Tim O'Reilly talk to Bradley Horowitz the manager for social at Google. In it, Tim calls users asking for the right to choose their own name self-righteous and strident.  I make a link to a classic American story, Roots, where Kunta Kinte, a man stolen from his village in Africa, taken to the United States, and sold into slavery refuses to take the name his slaveowner gives him, Toby - he is whipped until he accepts this name.  I asked Tim and Brad if Kunta Kinte was self righteous for standing up for his own name... Tim said no, but that is a self-righteous question to ask.... well, that was on Twitter and a very interesting conversation followed with several tweeters, that resulted in Tim framing what was happening as a lynch mob against Google.... you can see that in this post. 

August 29th - Is Google+ is being lynched by out-spoken users upset by real names policy?

 

Please also check out this post about "Tone and Silencing" to understand what the underlying dynamics are in this conversation and speaking up to the powers that be.

"Bonus suppression" Google runs YouTube and they took the clip of the movie scene down for "inappropriate nudity or sexual" - it has neither, it just made a dramatic point and made them look bad. In the clip Kunta Kinte is facing the camera with part of his chest showing being whipped from behind by a white man who is working for the slaveowner until he breaks. After repeating his name is Kunta Kinte when asked what his name is, he finally says... it is Toby. 

 

August 30sh - One Month of the Gag by Google. 

September 5th - Mononym officially not accepted. I am Kaliya - Google, Get a clue. 

 

Posted Sept 9th.

Potential Future: Google-Zon

With the nymwars unfolding (Nym = Pseudonym , Anonymous and other varities on this theme) this video of the Google-Zon story in the year 2014 seems more prescient then ever.

EPIC in this video stands for the Electronic Personalized Information Construct

Please watch the video on the original site; the way it was done is amazing. 

The computer writes a new story for every user (sound like the Filter Bubble?) everyone contributes and in exchange gets a cut of the revenue...

Relevant background

Who is Harmed by Real Names Policies developed by the Geek Feminism Community... prophetically I included in the response I gave to the Notice of Inquiry about governance of the Identity Ecosystem as outlined in the National Strategy for Trusted Identities in Cyberspace that I wrote, before I myself was affected.

original list from Vanessa http://emergentbydesign.com/2011/10/13/mapping-the-identity-management-landscape-29-providers/ She is looking for a list of providers to map -

1. ActivIdentity/ HID Global (of ASSA Abloy), 

2. Avatier

3. Aveksa

4. BMC (SailPoint)

5. CA Technologies

6. Cisco

7. Courion

8. Cyber-Ark

9. Entrust

10. Evidian

11. Fox Technologies

12. FuGen Solutions

13. Hitachi ID

14. IBM

15. Imprivata

16. IronStratus

17. Microsoft

18. Novell

19. Okta

20. Oracle

21. OneLogin

22. Ping Identity

23. ProtectNetwork

24. SafeNet

25. SAP

26. Siemens

27. Symantec

28. Symplified

28. RSA Security

29. VMware

and others suggested....

The OpenID Foundation http://www.openid.net

The Open Identity Exchange http://www.openidentityexchange.org

OMADA : federation/cloud idm
Centrify : unix/AD identity consolidation
Liberman : Privleged id management
CionSystem : similar to centrify
Beyond Trust : With strong Unix Root access control, similar to centrify with the Likewise technology.
eDMZ : console proxy access control to terminal based system.
RadiantLogic : virtual directory

PassWindow : card based authentication
Authentify

LexusNexus : knowledge based authentication

It’s official: Google wants to own your online identity is the article is from GigaOm http://gigaom.com/2011/08/29/its-official-google-wants-to-own-your-online-identity/ using the same Image from Kat B Photography

So Schmidt told it like it is at Edinburgh that an “identity service” unlocks the ability to do the trade and everyone goes into melt down. Why are you somewhat shocked that Google + plus  > than competing with Facebook.  As covered in numerous posts here previously, (social) signals are a critical part of Big Data but signals from real, authenticated, trusted real people with an identity means that you undertake a real "trade".

Now lets not get sidelined by Real Name policy issues and the wider political implications;  lets just focus on the "trade or barter."  You give up data for access to FREE services, but the data cannot be identified means the value is smaller than knowing who you are. If they know who you are, the balance of value is firmly with the holder. 

The issue is not about being (or becoming) an Identity Gatekeeper as that will end in regulatory quagmire and in reality you cannot own an Identity, just as you cannot demand faith, command trust or request a reputation. Therefore, lets assume a world in which there is an economy where real people have real cash who want to spend said real cash on real products and services, then knowing who you are could kind of like be helpful.

This is not about identity but is about how you trade for goods.  Image a token with your face on it, which represents your ability to trade? - called money.

Gideon Rosenblatt of Alchemy of Change posted this image a part of a longer thought blog on “Who to focus on.” It is worth reading!

One aspect of personal value and model generated from a digital footprint is so that you will know both who matters, who influences you and who you can influence.  

 

 

This follows the story of Kaliya (Identity Woman) who still can't do this 

as her Google+ Name is still SUSPENDED!!!! and doesn't have name sovereignty.  Worth reading her post on the issues

 

Nymwars: IRL on Google's Lawns.

 

We need to bring this struggle to Google IRL (In Real Life - physical, real world, meet space). Here is my thinking on why and my ideas about how.

WHY: Even women with privileged access to Google insiders and who have real name handle combinations are not getting reinstated.

 

Also read Steve Lockstep -- : http://lockstep.com.au/blog/2011/08/08/real-names-is-real-sly