Articles of Federation

I've been thinking about personal identity and how it gets shared around the Internet and other parts of life. Certainly, Eve Mailer from SUN has been thinking about this a lot lately, having done presentations at Burton Group's Catalyst, Gnomedex and other events. She's taken to using Venn diagrams to explain the relationships between forces in digital identity management. These diagrams really started me thinking about how one's own digital identity really reaches out into one's every day business.

This got me to thinking about what happens when we try to control how our identity is shared. Certainly there are things going on like the Liberty Alliance, Higgins project, chi.mp, and CardSpace. But before this can happen there has to be an agreement, even a contract that states what one will choose to share and how that information can be. Many people have mentioned that this is what makes this so hard. Heck, I'll go further. It's a mine field, in a world filled with data losses, identity theft, and outright fraud.

On BPuhl's Blog, there are some interesting comments on the steps involved to Federate. There's a similar posting regarding the policies and background that needs to happen here, as well.

The Liberty Alliance has gone so far as to come out with a document that serves as a framework for digital identity agreements.

We all see a need to have these protections on both the identity and service provider sides, plus in a retail setting, the user him/her self needs separate protections. Until we can come to an easily deployable solution for this protection, federated identity faces some big challenges.