• Search for:
• 
  This work is licensed under a Creative Commons Attribution 2.5 Canada License.

• Similar Posts

  • EduGlu is a misnomer
  • Identity Management Systems
  • scattered vs. individual publishing
  • KM is unpossible
  • Federated Identity Management

• Pages

  • About
    • Bookshelf
    • Colophon
    • Comment Community
    • Contact
    • Music
    • My (not so) Secret Identities
    • Presentations
  • Archives
  • Asides
  • Photos
  • WordPress
    • Akismet Credit Inserter
    • Post Revision Display

• My Other Places

  • Mindfulseeing.com (photoblog)
  • Flickr/dnorman
  • Teaching & Learning Centre
  • The University of Calgary

• Recent Comments

  • swyer james on Podcasting coming to Wordpress!
  • Scott Leslie on WordCamp Education Vancouver 2009
  • dnorman on WordCamp Education Vancouver 2009
  • dnorman on what should I read while offline?
  • Scott Leslie on what should I read while offline?

• Meta

  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org

I had a discussion with King Chung Huang and Paul Pival this morning, about one of King’s current research projects. He’s working on the topic of context and identity - what it would mean from both institutional and individual perspectives, if our digital identities and contexts were pulled out of the silos of Blackboard, email, and other isolated and closed systems. What would it mean if every person, group, and place has a URL, which is aware of contexts (institutional, academic, geographical, temporal, etc…) and is also able to gather and provide lists of relevant resources.

A Person would have what is essentially a profile (name, role, contact info, interests, courses, websites, etc…), a Group would describe its type (department, faculty, course, session, club, etc…) as well as lists of relevant bits of info (uses a wiki, has a Blackboard course, meets at this location at this time, has these members, etc…). And Places would describe physical locations, knowing which resources are available, where they are, which Persons and Groups are interested in the Place, as well as scheduling information, etc… (hmm… do we need a fourth primitive type of Time?)

At first blush, it felt like a “portal” problem. Set up a personal Pageflakes or Netvibes page, dropping in some relevant widgets and links. Everyone can customize their own page, and a directory could be created to help discover people, groups, and places.

But that approach loses any real meaning of the contexts. It’s just a dumb content display utility, without being aware of the meaning of the contexts of the content, or of the relationships between people, groups and places.

We talked for awhile, and came to the realization that there is a missing fundamental concept. One that describes the identity and context, and ties the relevant bits of salient info together in a way that can then be used to build novel applications.

Currently, a prof sets up a Blackboard course. They add content to the course. They add Links to various bits. But none of this stuff really knows the context - just that it’s some text that’s been pasted into a container within Blackboard. A prof could spend a lot of time and effort building up a course site in Blackboard, only to kill it at the end of the semester. (sure, it could be cloned, but again that’s context-unaware).

What if the course was just a Group, set up with its own identity and context, and aware of various bits of information. Is Called Mythical Course 301. Has Course ID of MYTHCRSE301. Has Professor… Has TAs… Has Blackboard Course… Uses Wiki at… Podcasts available at… Meets MWF 1000-1050 at ST148…

The idea that Paul came up with is that this is related to the mythical EduGlu concept, but as a necessary first step that is currently missing. Right now, there would be much manual labour to set up an EduGlu service to aggregate activity that happens as part of the practice of teaching and learning. What if we could take advantage of the contexts of Person, Group, and Place to automate that process? We could pull sets of RSS feeds into the aggregator, apply some processing, and export different formats for use in different contexts. Map views. Calendar views. Timeline views. Analysis of individual and group contributions. Interaction analysis. etc…

But, is there some tool, application or platform that is currently able to handle this abstracted concept of context - of Person, Group and Place - that can be used to create a flexible *cough*portal*ahem* to manage and display the torrents of centralized and decentralized information?

I’m connecting the dots between two otherwise unrelated items that were in my Google Reader inbox this morning.

1. Random Mind: USC Film Students Fight Back
2. Dave Tosh: Data Ownership

The first article is about students at USC Film School realizing that the copyright for their student films belongs to USC. Which means they can’t do things like post their work to YouTube, or enter them at Sundance (without first going through channels to get approval from USC). I’m assuming that USC asserts copyright over student works because there might be a chance to monetize - it is Film, after all. Are there other examples of schools asserting copyright over student works? Why hasn’t this been flagged as an issue before this?

The second article is about data ownership and privacy wrt Facebook. Facebook owns everything that goes on, and in, Facebook. Because they own the whole widget, soup to nuts, they get to control what happens to and with our data. They can decide to expose, aggregate, process, and sell our data to third parties. It’s not really a free service.

Both articles emphasize the importance of owning your content and data. In an environment where you retain copyright for your own creations (ideally, sharing with something like a CreativeCommons license), you get to decide what you can do with your own stuff. Extend that to an environment where you are in control of your own personal data (or identity). OpenID and Sxip are both steps in the right direction there.

The bottom line is, when you give up ownership of your own content and data, you lose freedom.

OpenID appears to be gaining some momentum. It feels like the right approach to identity management - let individuals control their identity in a trusted way, rather than relying on federation through central brokers. Sun Microsystems just rolled out OpenID support for all of their employees. Stephen’s been talking about this kind of decentralized identity management for years (and most recently just yesterday).

But, it’s been a bit strange in that it hasn’t been very easy to run your own OpenID server. I mean, you could go through myopenid.com to get a free hosted OpenID, but that’s just a federated, centrally hosted identity. No different than a Yahoo! or Google account. The power of OpenID is that you can/should run your own OpenID server, so you control it. It’s not a decentralized, individual identity management system if we still hand control over it to central services. We need to be running our own OpenID servers. Which means it needs to be easy to set up. Ideally one-click easy. It’s not quite there yet, but it’s getting closer.

I’d tried to install an OpenID server yesterday, and failed because DreamHost doesn’t support the big math libraries needed for encryption, and the server I was trying didn’t fall back to “dumb” mode. But, I just installed phpMyID on my DreamHost account, and it worked flawlessly. It took maybe 10 minutes, including RTFMing. Now, I have my own OpenID server, which I control, living at openid.darcynorman.net

Now, what does that get me? Initially, not much. All I’ve been able to do is authenticate on Zooomr.com using my own OpenID server as credentials. That’s pretty cool as a “hello, world!” test. And when OpenID support gets rolled into more services, I’m ready.

DreamHost, if you’re listening, this would be a great opportunity for a One-Click Install package. Rolling out OpenID server support for all of the 46 bajillion DreamHost customers would go a long way toward kickstarting OpenID adoption. I’d say Google should roll it out for GMail account holders, but again that kind of defeats the point of a decentralized identity management system, if we all use a central broker anyway…

Update: Even cleaner, now. I’ve just added the openid.server and openid.delegate elements to the head of my blog, meaning I can just provide the url “http://darcynorman.net” as my identity in any OpenID-enabled software.

Update 2: Yikes! I just went to enable HTTPS and certificate support on the openid.darcynorman.net domain, and it’d cost almost $250CDN per year to do that ($48US per year for static IP, $189US per year for the certificate via GeoTrust). There’s a minor flaw in the whole OpenID system - if the distributed servers aren’t trustworthy and secure, the system kind of falls over. An unsecured OpenID server is a bit of a magnet for packet sniffing usernames and passwords…

Update, 33 1/3: I got nervous about not having a secure OpenID server, so reverted back to using MyOpenID.com. Yes, it’s a centrally hosted distributed identity provider, but it’s secure, and by using my own URL as a delegate I retain control (so if MyOpenID.com turns evil, I’m able to very easily switch to another provider, or run my own).

I also added the handy OpenID WordPress Delegate Plugin to this blog, so it will automatically add my OpenID information without my having to remember to tweak the theme’s header.php file every time I update the theme…

I headed downtown this morning (waaaaay earlier than I'd have liked) to attend the Lexi.net Online Identity Conference. I was curious to see what an internet-related conference would look like in Calgary, having been involved in others elsewhere. I wore my NV '05 t-shirt, of course

I got downtown too early - the buses out of Tuscany go straight downtown, but the last one passes my house at 6:45. So, I had some time to kill before and after registration. What to do… I know! A photo walk down Stephen Avenue Mall!

I wound up taking over 60 photos during the pre-sunrise twilight, and after the sun came up.

What was I talking about? Oh. Right. The conference. After frostbite set in my fingertips, I headed back to the Telus Conference Centre, grabbed some caffeine, and talked a bit with some other attendees, including Wired.com writer Regina Lynn, Aaron J. Seigo, Doug aka Dr. Tongue, and a bunch of others.

The first session was on privacy and anonymity, with some interesting links. Not sure it was aimed at the right audience, though.

After that, I went to Kirstin Darguzas' session on Blogging Your Identity. Kirstin is a professional "mommy blogger" and gave a really good talk on boundaries, online identities, and what it's like being a full time blogger (doesn't sound like as much fun as one would think).

Next up was Janine Warner, talking about Virtual Images - finding out what's available about you online, and how you can take control of it. Very interesting talk, with links to a few tools I hadn't heard of before. I gather her usual audience is more CXO-oriented, so some of the strategies may not be needed by us mere mortals (I'm not about to pay $120 for a company to research what's online about me - this blog likely does a good enough job of drowning out anything I don't know about )

During the lunch keynote session, Heather "Dooce.com" Armstrong told the back story of her blog, how she got fired (yeah, she deserved it ;-)) and how things are much better as a result. I was very interested in her descriptions of personnas and boundaries. What's off limits? What's fair game? She's much more willing to blog about her family than I am, which is fine since they seem to be relatively comfortable with it (aside from Jon's squirming at some of the stories). The lighting backdrop during her talk was mesmerizing/distracting, with fluid Fire and Ice rolling up and down the wall behind her and onto the ceiling. Very cool. But distracting.

Jon Armstrong gave a great presentation after lunch about Branding. He gave a an overview of the general process of branding (initially for companies, later for individuals, mostly about Apple ) Jon's pretty funny, and his Keynote skills were refreshing. Mostly a simplified Lessigian style presentation, marred only by the lack of a wireless controller.

I had to leave before the last session, but having chatted with Regina, I'm sure it was another good one. Sorry I had to leave early, Gina!

I was rather impressed with the conference. I was quite surprised at the international (well, binational) attendees. About half of the people I talked with were in town from the States just for the conference.

It had quite a different feel from a Northern Voice (this was much more formal/traditional) but was much more intimate than an NMC or WWDC. Not a bad balance. Maybe Calgary's ready for Northern Voice YYC? The venue would be completely wrong for that, though. No wireless, for one thing. No wireless? Really? WTF. Wait - I left the laptop at home anyway I just brought my camera and a little reporter-style notepad. A much better way to attend a conference.

For some of our projects here at the TLC, we need to be able to manage identity information - traditionally, user accounts, groups, roles, etc… We’re taking a bit of time to think about a better way of implementing this, and how to use a flexible, distributed identity model.

I’ve been going through some web searches to find out what others are doing. The “version numbers” are loosely based on Dick Hardt’s descriptions (with apologies to him if I’ve misinterpreted what he was trying to say).

“Identity 1.0″

• centralized repository - institutional directory…
• LDAP
• OpenLDAP

“Identity 1.5″

• federated/centralized repositories - institutional and trusted shared directories…
• SunOne Access Manager and SSO (and some Identity Management whitepapers from Sun)
• Liberty Alliance
• SAML (and OpenSAML)
  • Shibboleth (implements OASIS SAML 1.1)

“Identity 2.0″

• distributed repositories
• Sxip (Simple eXtensible Identity Protocol)
• OpenID - distributed identity tied to services that respond to URLs
• LID (Lightweight IDentity) (wiki)
• Infocard (more info) (part of Vista/WinFX)
• Credentica

Any glaring omissions? I’ll be editing this post as I go along (I’ve got the info in our TLC wiki, but that’s behind an Identity 1.0 login)

While Evan was “napping”, I took a few minutes to check in on my blog. Took a look at recent referrers and Technorati links, and found a reference to Tarina - a Finnish blog. Cool. So, I checked out the blog, and found a link to a very compelling presentation on “Identity 2.0″

Dick Hardt, founder and CEO of Sxip Identity, gave a keynote at OSCON 2005. Initially I was more interested in the description of his presentation style - described as “Lessigian”. I’d never heard this term before, so was curious. Turns out Lawrence Lessig uses a pretty kick-ass presentation style, with very simple slides in sync with his talk. No bullet points, just words (and occasional images) reinforcing what he’s saying.

Dick’s presentation was extremely interesting, partially because of the Lessigian style, partially because of the sense of humour, partially because of the content, and partially because the streaming technique used made me feel like I was right there with him in the audience.

I’ll be reviewing the presentation several times. Some of the concepts he touches on would apply just as easily to “learning objects” as to “identity” - silos vs. walled gardens vs. federation vs. open etc… I’ve also subscribed to Dick’s blog. I should have done that right after Northern Voice 2004, since Sxip was a sponsor and was/is doing some interesting stuff.

Oh, and I must be a little less mature than people give me credit for. I can’t stop giggling about someone named “Dick Hardt”. Grow up, D’Arcy… So, kids, it really does pay to check referrers to your blog. There’s no telling what little gems you’ll turn up!

Update: Looks like Sxip is about to roll out a new product/service/standard(?) for sharing identity across weblogs in an attempt to combat comment spam. The new tool is called “Sxore” - they have it running in beta on a handful of blogs, and it is scheduled to be available for WordPress and MovableType in the fall of 2005 - hey! that’s pretty soon!

Update 2: More info about the Lessig Style of Presenting.