The concept of identity is evolving and so has its metaphor.
Identity is 0.0 (a driver’s license for example) relies on a trusted third party has an asymmetric relationship because the government is not aware of what i am doing, scalable because the government can produce it, it is optimal for privacy. I can also use this identity.
On the net, maybe there would be a service driven model that could be called identity 1.0.
It is context specific, controlled by a third party there is no to limited privacy, not scalable and limits trust issues.
Within the Internet, there are problems and we are missing the identity layer, there is little synergy, we are using is with a workaround model or patchwork model. Our identity is moving from one website to the next.
Identity 2.0 could use a small chip that could be a set of claims that someone makes about me. Its is an assertion of the truth of something. The subject is a person or thing represented in the digital realm. Claims are using a security token which normally travels over process, machine boundaries.
Relying party (RP): consumer of identity
Identity Provider(IP): the issuer of the identity
This digital certificate is standard and issued to communicate with virtual entities. The token is requested to buy anything online (eg. Amazon) and the e wallet is consulted on filter cards that satisfy RP’s requirements. So a token is requested, created and presented to Amazon.
This was developed by Kin Cameraon from Microsoft…
There are 7 laws of identity:
-user control and consent
-limited disclosure
-the law of the fewer parties
-directed identity
-pluralism of operators
-human integration
-consistent experience across contexts
This is not about building specification and technology, its about addressing personal business and national issues.