Soliciting new members to blog on SlipperySlopes - send mail to bds_impreza@hotmail.com for you application!

I am getting a tad worried about life in the Pacific division this year. I have not heard anything that makes me real confident that Seattle is going to get over the funk of the last couple years - and Portland, my boys, as usual are not fellas you would want babysitting your kids - good thing they are basketball players.

Again folks - check ouy one of the coolest radio stations you will find. It is public radio so you will find no commercials and they archive two weeks back of ALL their shows online and you can stream them in several formats. My favorite shows are:
StreetSounds=Seattle's only true hip hop show
Positive Vibrations = epic roots reggae and dancehall
expansions = best in electronic music twice a week.

check it out here and let me know what you think - click on stream archive to access saved programs.

Just got done sitting the trusted computing panel here at DIDW. It was Peter Biddle, Microsoft, Steven Sprague, Wave systems and Cory Doctrow, EFF. It was a good discussion - Cory talked some about the recent paper on the trusted computing - good to hear both sides as there was never really a public response by folks in the trusted computing push. Both have good points altho i just cant imagine a system without remote attestation - it just breaks down the trust model if you allow people to lie.

Digital ID World 2003

Opening Session, Phil Becker

The point of DID – the open flow of information is key – people talking usually doesn’t help break down barriers

The net is inherently hostile – you start to create a network demographic that is reflective of the world at large
Built with a naively presumed trust
Out of fear we quarantined the network with physical concepts – firewall, DMZ, etc.
Doing so cut us off from the benefits of a networked environment

Fear first focused us on security, specifically authentication and authorization and administration [AAA]
This leads to the examination of digital identity

ID management
It is all about managing actual identity data
Infrastructure to sync, delegate and automate management of identity data and flow
All about making sure the ID data is current, synced and available

Management by identity
Using ID to organize, manage and secure computing process
Allows business process and computing process to align more naturally
Releases the real promise of networked computing

Networking business process
Networking of biz processes are now possible – soon it will be a requirement and competitive advantage

Humans are networking animals
People naturally use networking to gain personal leverage capability and power
Networks form from family, tribal, school, military, etc.interactions

Management to ID
Because networking is natural, they want their computerized tools to do the same
This requires dynamic data and app integration, config, scurity and management based on ID – management by ID

Need for trust
Networks require trust to unleash the power
You cannot buy build or create trust – it can only be granted
Transparency is one of the surest paths to trust – secrecy goes against trust

Current computing infrastructure is a limitation
Separate tasks are not designed to talk to each other have created many manual steps in their admin, management and use
Security and productivity suffer – 15 % of the access codes belong to people who do not work there anymore
Reorganizing the management of computing around identity is needed

Security is only the first step
Organizing computing around ID enables security
This is a pre-req
Management by ID will allow computing to dynamically adjust

New methods
Browser taught people to the concept of discovering and networking at the document level real time
Web services and other SOA technologies are being designed to deliver the same type of dynamic discovery and networking at the application and data level
This requires management by ID

Federated ID
First big step – need to integrate the silos of ID into networks of IDs
Federated ID allows integration of ID usage without requiring the integration of ID admin, management or the IDs themselves –

Why is ID center?
As new technologies begin to organize computing in a truly networked way, they will become more aligned with business processes are

Dynamic integration of data and apps is a requirement
It is impossible to predefine all the ways people want data and apps integrated
Business will require the ability to integrate on demand once apps become building blocks
ID centric techniques are the only ones that can achieve this

Portals – virtual integration
a portal has no natural boundaries - it integrates apps and info dynamically based on user ID and immediate needs
user’s ID needs with the policies of the owners apps and data are the only organizing factors
Management by ID is the only mechanism to do so

True portability
remote access is not portability – true portability only exists when anything can go online
rights management is required to make policies portable along with data and apps – making policy portable

regulatory compliance
many new laws focus on either creating accountability of assurance – who did what with what data when?

Privacy
Privacy is about enforcing a negative – what you agree what NOT to do with data for a specific purpose
Privacy is enforced by policy will not be as trusted as much as privacy which is created structurally or architecturally

Authentication
Not an end but a means
Only as good as authentication
Combining ease of use for legit users with high strength is not easy – but critical

I just got back from the reception. Pretty good stuff. As I get older the more pepercini [sp] i eat - damn those things are good. This is a very small conference, about 500 people - but some good folks in attendance. I talked with Eric from DIDW quite a bit and the CEO for a partner company that is building on the MS rights management servies platform. Small, focused events are definitely the trend and in my opinion the most relevant - much easier to network and meet people and learn stuff. THe big shows are dinosaurs and are almost dead. Tomorrow is the panel on trusted computing - looking forward to that. Also - stay tuned here as we will likely have good stuff for our biz coming from the show. Sleep tight friends - i have work to do!

Hello from Digital ID World !

In the spirit of the conference I will keep the homebase updated, in part, with this blog. It is a great day here in Denver. Clear skies and crisp air. My old man lungs have to work a tad harder up here, but so far so good. Downstairs they are busy setting up vendor booths while upstairs preperations for the evening reception are moving along. One of my favorite things to do when traveling on business is make a run to the grocery store and stock up on snacks. CNN + RAS connection + nutter butters = productivity. :OP

Me and my little vehicle got a little lost looking for the store but all is well now.

Lots of the folks are out on the golf course right now - officially sanctioned by digital id world - hopefully peter represents us well!

Check back daily to get the latest on DIDW !