Internet Identity Workshop 12
At the beginning of May 2011, the SMART team attended the Internet Identity Workshop in Mountain View, CA. This was a great opportunity to present our work and to discuss it with other people from the community. The team scheduled to give three presentations and a demo of the newly released SMARTAM application. During our presentations, we talked about User-Managed Access (UMA) and SMARTAM (an UMA-based Authorisation Manager).
We described the current situation and explained why protecting online resources with the UMA protocol is a better solution over the existing ones. We mentioned our OAuth Leeloo and UMA/j framework. We showed how it fits into identity management and social networking. We discussed the flow of the protocol using our system – host, authorisation manager and reguester applications. Acting both as Alice and Bob, we showed how to control data (yes! YOU should be in control of YOUR data). We also described our user interface (UI) of the Authorisation Manager and presented the UX Research Study that we conducted some time ago at Newcastle University. Plus we had a lot of fun meeting and listening to other people. We received a lot of feedback that we greatly appreciate!
Along with presenting our own work, we also attended presentations by other contributors. We attended the Google’s presentation on their Identity Toolkit. An avant garde login solution allowing the user to choose their favourite identity profile such as Gmail, Yahoo or AOL account. Google Identity Toolkit (GIDT) is a free component for web developers, for those who ask their users to login with their e-mail and password.
Yahoo presented their Relying Party experience piloted at Flickr – a step in work on OpenID single sign-in. As a Relying Party, if you turn on your Yahoo account for OpenID access, Yahoo will allow users to register at different OpenID parties with their Yahoo account. It will simply assert to any OpenID-enabled application that you are who you claim to be at Yahoo. If the user has a Yahoo account, they suggest the user link the OpenID account and the Yahoo account.
Apart from technical presentations there were also a few discussions on the concept of identity and personal data. Venessa Miemis led a talk on Identity as selective pressure on biology. The discussion was devoted to the awareness that the data we produce is held by other parties, such as the government, banks, insurance companies and we pressume this information is private and protected. We’re generating our digital identity along with our context of space and time. Our private chats with friends, as well as shopping habits are stored and hosted somewhere, yet we don’t really access that data. The importance is if we realize how much is revealed, and whether by privacy we mean protection of sensitive data or rather concerns how vulnerable are our secrets.
Personal Data Ecosystem’s team was wondering what’s the state of today’s personal data. The discussion was if it is stored and controlled with accuracy. Participants were discussing if the data is transparent while it is passing between different hosts as well as what are the rights of data owners. In conclusion the necessities for the future were defined, as there is a requirement to conduct more user research, finding methods for data visualization. All participants agreed that trust frameworks are essential to establish relationship among technology, law and data management.