Craig Burton Wiki - Recently Updated Pages

Craig Burton Home

gcraigburton — Sun, 12 Jun 2011 10:10:34 CDT

Welcome to the Craig Burton Wiki.

This Wiki is dedicated to creating, editing and tracking the Burtonian Lexicon.

Please feel free to ask questions and to contribute.

Digital Identity

gcraigburton — Sun, 12 Jun 2011 07:59:01 CDT

Digital identity refers to the aspect of digital technology that is concerned with the mediation of people's experience of their own identity and the identity of other people and things. Digital identity also has another common usage as the digital representation of a set of claims made by one digital subject about it or another digital subject.

Bandit Project

gcraigburton — Sun, 12 Jun 2011 07:57:07 CDT

Novell is no longer in existence. Neither is the Bandit Project.

Novell’s Bandit project is an open source collection of loosely-coupled components to provide consistent identity services.

It implements open standard protocols and specifications such that identity services can be constructed, accessed, and integrated from multiple identity sources. The Bandit system supports many authentication methods and provides user-centric credential management.

null

Anonymous — Mon, 14 Jun 2010 10:19:58 CDT

There is no abstract available for this page revision.

Micro Tagging

Anonymous — Sat, 20 Mar 2010 02:24:40 CDT

Definition
Micro Tagging is a syntax of tags used to add context to twitter-based tweets.

Details of micro tagging are forthcoming.

This is stupid. Why does it have to be twitter related? Can't it be a more generalized idea and associated with more than just twitter...

X.509

gcraigburton — Fri, 24 Apr 2009 08:45:44 CDT

X.509 specifies, among other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm. X.509 is used to encrypt the information in information cards.

User-centric Identity

gcraigburton — Fri, 24 Apr 2009 08:44:10 CDT

User-centric identity is the core of the anticipated revolution of identity verification on the Internet using emerging user-centric technologies such as information cards or OpenID.

The term “user-centric” is often confused with meaning the same as “consumer-based” or “consumer-centric.” This is an inaccurate characterization of the term.

User-centric simply means that the user is in control of which digital identity representation is to be used in a given identity requirement circumstance.

User-centric does is not enterprise exclusive. To the contrary, user-centric digital identity meets the Laws of Identity requirements of user control and choice while at the same time meeting the muster of enterprise scrutiny.

Subject

gcraigburton — Fri, 24 Apr 2009 08:42:06 CDT

Subject is a term often used to refer to the user or customer using an identity system.

Single Sign On

gcraigburton — Fri, 24 Apr 2009 08:41:07 CDT

Single sign on (SSO) is a method of access control that enables a user to login once and gain access to the resources of multiple software systems without being prompted to login again. Single sign off is the reverse process whereby a single action of signing out terminates access to multiple software systems.

As different applications and resources support different authentication mechanisms, single sign on has to internally translate and store different credentials compared to what is used for initial authentication.

Selector Based Identity Model

gcraigburton — Fri, 24 Apr 2009 08:39:54 CDT

The Identity Metasystem is defined by the use of an identity selector to store, manage, generate and interface digital identity representations—information cards—to the user and to other applications.
Since the selector model is under the umbrella of the Identity Metasystem, the model must support multiple platforms, protocols, and identity mechanisms.
Currently, there are four groups providing selectors that meet the requirements for the selector based identity model:

Microsoft CardSpace selector
Higgins Project-based selectors
The Azigo selector
Novell’s Bandit Project DigitalMe selector
openinformationcard selector

The selector based model is very difficult to spoof, phish, or crack. The selector model is very hack resistant—it has not happened yet.

The selector based model is not only cross site sensitive, but provides context across sites at the individual level.

The selector based model does not require a relying party to be aware of the presence of a selector or information card in order to derive benefits from cross site context sensitivity.

The selector model is not only accessible from the web browser, but from any application executing on the operating system platform.

Security Assertion Markup Language (SAML)

gcraigburton — Fri, 24 Apr 2009 08:36:19 CDT

Security Assertion Markup Language (SAML) is an XML based standard for exchanging authentication and authorization data between security domains. That is, between an identity provider (a producer of assertions) and a service provider (a consumer of assertions). SAML is a product of the OASIS Security Services Technical Committee.

Relying Party Proxy

gcraigburton — Fri, 24 Apr 2009 08:34:54 CDT

The relying party proxy can, as the name implies, act on behalf of a traditional relying party to provide context and benefit to the user or application accessing the web site or Internet service.

To date, Kynetx is the only relying party proxy vendor. The services that provide relying party proxy services are called Kynetx Network Services.

As it becomes understood that a relying party proxy has a much better business reason for supporting cross site context sensitive information cards, expect additional relying party proxies to appear in the marketplace.

Relying Party Awareness Spectrum

gcraigburton — Fri, 24 Apr 2009 08:33:23 CDT

It is a common misunderstanding that in order to derive any benefit for the user; a relying party must be aware of the selector based information card and fully support the selector based identity model.

This is not accurate. The identity selector can communicate with a relying party proxy and derive benefit to the user independently of the awareness of the specific relying party.

However, if the relying party is aware of the identity selector and its accompanying information cards, it can provide a richer experience to the visiting user based on the relationship of the user and the relying party.
Thus, there is a benefit ratio to the user or application based on the awareness of the relying party. This ratio is referred to as the Relying Party Awareness Spectrum.

Reification

gcraigburton — Fri, 24 Apr 2009 08:31:49 CDT

Reification is the act of making an abstract concept or low-level implementation detail of a programming language accessible to the programmer, often as a first class object.

OpenID

gcraigburton — Fri, 24 Apr 2009 08:28:59 CDT

OpenID is an open, decentralized standard for user authentication and access control, allowing users to log on to many services with the same digital identity. It is an SSO method of access control. As such, it replaces the common login process that uses a login name and a password, by allowing a user to login once and gain access to the resources of multiple software systems.

An OpenID is in the form of a unique Uniform Resource Locator (URL), and is authenticated by the user's 'OpenID provider' (that is, the entity hosting their OpenID URL). The OpenID protocol does not rely on a central authority to authenticate a user's identity. Since neither the OpenID protocol nor web sites requiring identification may mandate a specific type of authentication, non-standard forms of authentication can be used, such as biometrics, or ordinary passwords.

Live ID

gcraigburton — Fri, 24 Apr 2009 08:27:37 CDT

Windows Live ID (originally Microsoft Passport then .NET Passport, then briefly Microsoft Passport Network) is an SSO service developed and provided by Microsoft that allows users to login to many websites using one account.

Liberty Alliance

gcraigburton — Fri, 24 Apr 2009 08:26:43 CDT

The Liberty Alliance was formed in September 2001 by approximately 30 organizations to establish open standards, guidelines and best practices for identity management. It has released frameworks that address federation (since contributed to OASIS for the Security Assertion Markup Language [SAML] standard).

Laws of Identity

gcraigburton — Fri, 24 Apr 2009 08:25:31 CDT

The Laws of Identity were published by Kim Cameron of Microsoft in 2005 and are found listed on his blog. This document does not detail the specifics of the Laws of Identity but they are mentioned here because of their historical and technological influence on the state of digital identity and its future.

Kerberos

gcraigburton — Fri, 24 Apr 2009 08:23:54 CDT

Kerberos is a computer network authentication protocol, which allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. It is also a suite of free software published by Massachusetts Institute of Technology (MIT) that implements this protocol. Its designers aimed primarily at a client-server model, and it provides mutual authentication — both the user and the server verify each other's identity.

The Windows security model is based on the Kerberos security model.

Identity Provider

gcraigburton — Fri, 24 Apr 2009 08:22:53 CDT

Identity providers issue digital identities. For example, credit card providers might issue identities enabling payment, businesses might issue identities to their employees, partners and customers, governments might issue identities to citizens, and individuals might use self issued identities in contexts such as signing on to web sites.