Showing posts with label identity. Show all posts
Showing posts with label identity. Show all posts

11 March 2010

Microsoft Proves it Can Go Open Source

One of the technologies I am waiting for would allow me to effect transactions without giving over vast quantities of personal data. After all, what companies really need to know are: can I pay, and do I have the necessary qualities (age, residence) I claim to have. They don't need to know a vast range of irrelevant *details* about me.

Such a system exists; it's called U-Prove:

It was put together by respected cryptography researcher Dr Stefan Brands. He created a company to develop and market U-Prove, Credentica, which was bought by Microsoft in March 2008. With U-Prove, identity information can be used securely, and private data can be safely shared to those parties that need it, without leaking more information than is required.

U-Prove allows the creation of secure ID tokens, which are pieces of data that incorporate whatever information I need for a given task—but no more—along with cryptographic protection to ensure that they can't be forged, reused, traced back to me, or linked to other tokens that I have issued.

In a world with U-Prove, many existing identity management problems would go away. If my credit card company and online music service both supported U-Prove, I could create a token that allowed a single limited electronic money transfer from my card to the music company, without disclosing my name, address, or date of birth, and without that token being usable to make further purchases. Similarly, I might want to buy a computer game from an online store, the same situation as before, but this time with a twist: the computer game is rated 18+. So to make the purchase, I have to reveal my age, as well as the money transfer, to the online store. U-Prove lets me do this, but still doesn't require me to reveal my name, address, or any other irrelevant detail.

An hour-long presentation by Dr Brands describes how U-Prove works and how it achieves what it does (with even more detail available in his freely downloadable book). It builds on existing public key cryptography concepts, but adds to them the important ability to hide data. Normal public key cryptography is something of an all-or-nothing affair—to prove that a particular piece of data was encrypted by a particular person, you need to know the data. U-Prove allows that proof to take place without revealing all the data.

This is absolutely brilliant. There's just one problem: you can't use it in practical situations, because it's not widely deployed. And because it's not widely deployed, nobody uses it...

So, how do you break that vicious circle? Easy - you make it freely available to encourage uptake - and that's just what Microsoft has done:

It is for these reasons that Microsoft has released its U-Prove SDK using the open source BSD license. Source code is available in both C# and Java, and the technology is covered by Microsoft's Open Specification Promise. This is a irrevocable promise by Microsoft that the company will not assert any claims against anyone using the technology that relate to any patents covering the technology. By releasing the technology under a permissive license, and by making a legally binding agreement that patents covering the technology will not be used in legal action, the company hopes that there will be no barriers to using the system for both service and identity providers.

It's really great to see Microsoft taking advantage of open source in a *good* way; it's just unfortunate that the accompanying Open Specification Promise has a big loophole that makes it pretty useless for consideration by serious free software projects.

Now, if Microsoft were to place all the relevant patents in the public domain....

Follow me @glynmoody on Twitter or identi.ca.

03 September 2009

UK: Bye-Bye Biometrics

I missed this during the summer lull, but that handy invention, Twitter (in the form of Oliver Morton), has alerted me to this stunning take-down of the UK's Identity & Passport Service's plans to place biometric systems at the heart of its service:

Here at the end of the review, the adventitious question arises of why do politicians and civil servants all over the world continue to advocate the use of biometrics when the evidence simply doesn’t support them? There is no answer. Their behaviour is inexplicable.

One thing is clear, though, and that is that biometrics cannot deliver. Identification is not feasible. Verification is laughably unreliable. And the flat earther David Blunkett is wrong. So is Tony Blair when he says that “biometrics give us the chance to have secure identity”. And so is Gordon Brown when he says that biometrics “will make it possible to securely link an individual to a unique identity”.

The scale of the institutional fantasy which constitutes the NIS is grotesque. Biometrics cannot underpin the NIS and so, by IPS’s logic, the NIS cannot underpin the “interactions and transactions between individuals, public services and businesses”. Safeguarding Identity is a false prospectus – no properly managed stock exchange would allow its shares to be listed. The NIS is guaranteed to fail.

Assuming the many figures quoted in this detailed analysis are correct - and I have no reason to doubt that they are - I feel positively cheerful at the prospect of the total and utter collapse of this ill-advised and ill-thought-out scheme. It seems that the awesome laws of physics, if nothing else, will protect us against the awful laws of this demented and delusional government.

29 April 2009

The Retreat from ID Cards Has Begun

This is significant:

Senior cabinet ministers are privately discussing a plan to scrap the Government's £5bn identity cards programme as part of cuts to public spending, The Independent has learnt.

Once such people start talking about it, even the most timorous will soon pluck up the courage to express their views; quickly we'll reach a classic tipping point when the majority hold the view that ID cards make no sense from any point of view.

But there are always some who remain prisoners of their delusions:

Your article of 28 April on ID cards is simply wrong on two fundamental points. The Government is committed to introducing ID cards.

Er, why would that be Jacqui?

ID cards will provide the public with a single, simple and secure way for individuals to prove their identity and safeguard their personal details – protecting the community against crime, illegal immigration, and terrorism.

Oh, I see. Why don't we just look at those, eh?

a single, simple and secure way for individuals to prove their identity

Well, no, it won't do that unless ID cards become compulsory for *every* occasion when I have to prove who I am. Now, that may be coming, but until then I'm still going to need to prove who I am by logging in to online services, or showing my library card. Is she really suggesting that the ID card replace *all* of those? If not, it will simply *add* to all of the other proofs that I need. ID cards only make sense if they satisfy a vital new need to prove who we are - for example, when stopped by the police in the street....

safeguard their personal details

How on earth does a centralised database "safeguard my details"? The ID card certainly doesn't - it's just a bit of plastic with a chip in; and as anyone who's been in computing for more than a couple of months knows, bringing data together in any way makes it less secure, not more. So what on earth is she rabbiting on about?

And as for

protecting the community against crime, illegal immigration, and terrorism

these were all debunked ages ago as the UK government desperately shopped around for some kind of justification for ID cards. It won't stop illegal immigration and it certainly won't stop "terrorism".

It hard sometimes to work out whether Ms Smith actually believes the nonsense she spouts, or just believes we're stupid enough to believe her. Either way, news that her colleagues are rapidly placing clear water between themselves and her deranged ideas on this one is welcome indeed. (Via OurKingdom.)

04 January 2008

17 December 2007

Google Profile Keeps a Low Profile

Google Profile is with us, just about:

A Google Profile is simply how you represent yourself on Google products — it lets you tell others a bit more about who you are and what you're all about. You control what goes into your Google Profile, sharing as much (or as little) as you'd like.

And here's the sting in the tail:

Use multiple Google products? Soon your Google Profile will link up with these as well.

In other words, despite its ultra low-profile launch, Google Profile will be the nexus of everything you do on Google.

Eeek.

16 April 2007

Open Web Initiative

What is Open Web?

Open Web is a collection of technologies and standards that enable individuals to disclose their identity, feeds, activities, friends, and social networks, while preserving their ownership over this information and enabling them to keep their privacy.

What is NOT Open Web?

Anything that is proprietary, locked in in format or provider is NOT Open Web. Open Web is about open, extensible, and license free standards.

In short this is a collection of technologies and open standards that enable individuals to disclose their identity, feeds, activities, friends, and social networks, while preserving their ownership over this information and enabling them to keep their privacy.

Sounds good to me. (Via Vecosys.)

14 April 2007

Where in the World Are You?

Talking of Google's growing power:

Once again ... the average person has NO idea they are now going to have even more records kept of every place they have marked or annotated, and when they did it. Google continues to gather even more information about you ... who you are ... what you do ... where you do.

(Via weaverluke.)

04 April 2007

It's (Open) Party Time!

For anyone in Swinging London 2.0 next Wednesday, the place to be is the Open Rights Group party:

It will be a night of public domain and openly licensed music, remixed visuals and free culture goodie bags, with an uber-geek raffle which includes the opportunity to be written in to Cory Doctorow's next book, or receive a signed keyboard from our patron Neil Gaiman. Danny O'Brien, who founded the ORG pledge, will be speaking.

And if you were wondering,

The Open Rights Group is a new and fast-growing NGO focused on raising awareness of issues such as privacy, identity, data protection, access to knowledge and copyright reform.

All things that are likely to be dear to readers of these pages.

13 March 2007

Opening Our Eyes to OpenID

Sign-ons can be a real pain, as you are forced to create ever more accounts at sites. A single sign-on is the obvious solution, but getting everyone to agree on a standard is hard. So it's particularly good to see that OpenID is not only taking off, but an open standard to boot.

Here's one of the best introductions to OpenID that I've come across:

As the most basic level, your OpenID identity is a unique URL. It can be a URL that you directly control (such as that of your personal Web page or blog) or one provided to you by a third-party service, such as an OpenID provider. In that sense, a site's use of OpenID identities is no different than using email addresses as identifiers: they are unique to each user and are verifiable. But you can publicly display an OpenID identity without attracting spam.

02 September 2006

OpenID and Password Overload

Do you have too many passwords to remember? If you don't, that probably means you're using the same one or two for every site - not a good idea. If you are, you are then faced with two possibilities: writing them all down somewhere (physically or electronically) or trying to remember them all. Both approaches are fraught with dangers.

What we need, of course, is a centralised service that lets you establish your identity once, and which then handles all the tiresome details. Oh, and which isn't run by Microsoft.

Well, you could try OpenID (good name, if nothing else). It's not the only such system, but it seems to have it's heart in the right place. One to watch. (Via C|net.)

23 July 2006

The Great ID FUD

When will they ever learn?

Unlike traditional forms of identification, the VeriChip can’t be lost, stolen, misplaced, or counterfeited.

That's what the human-implantable RFID VeriChip site says. And this is what happened at the Hackers on Planet Earth (HOPE) 6 conference:

two presenters demonstrated the electronic equivalent of making a copy of an implanted RFID or radio frequency ID chip.

The point was to show just how easy it is to fool a detection device that purports to uniquely identify any individual.

So let's just do a quick recap: which technologies are available for establishing identity unambiguously these days?

Irises: nope
Faces: nope
Fingerprints: nope
DNA: nope
Implanted RFID: nope

So, tell me Mr Blair, how exactly you were going to implement this ID card system in a way that it can't be spoofed to hell?

13 July 2006

A Study in Official Openness

It is probably hard for those outside the UK to appreciate the extent of the secrecy that has pervaded public life here for centuries. The clearest manifestation of this is the pernicious Official Secrets Act, which makes pretty much anything a secret if the Government says it is.

Against this presumption that the public has no right to know anything, the passage of the Freedom of Information Act in 2000 was a major milestone, and credit must be given to the current Government for finally making it a reality. This is especially the case since it is clear that the information released by Act is proving a major embarrassment at times, thanks to both an increasingly demanding public and a commendably independent commissioner, Richard Thomas.

As the foreword to his first Annual Report makes clear, he is acutely aware of the central position that his department occupies in today's world, where there is an inevitable tension between his two main tasks: promoting openness and protecting privacy:

Never before has the threat of intrusion to people’s privacy been such a risk. It is no wonder that the public now ranks protecting personal information as the third most important social concern. As technology develops in a globalised 24/7 culture, power increases to build comprehensive insights into daily lives. As internet shopping, smart card technology and joined-up e-government initiatives reduce costs, respond to customers’ demands and improve public services, more and more information is accumulated about us. According to one estimate, information about the average working adult is stored on some 700 databases. New information is added every day. Much of this will be confidential material which we do not want others to see or use unless we say so. There are obvious risks that information is matched with the wrong person or security is breached. The risks increase substantially as information is shared from one database to another, or access granted to another group of users. Real damage can arise when things go wrong – careers and personal relationships can be jeopardised by inaccurate information. Identity theft can involve substantial financial loss and loss of personal autonomy.

The vast majority of information that is held on adults, and increasingly on children, serves a useful purpose and is well intentioned. But everyone recognises that there must be limits. Data protection provides the framework. It raises questions about where lines should be drawn. What is acceptable and what is unacceptable? What safeguards are needed? What is the right balance between public protection and private life? How long, for example, should phone and internet traffic records be retained for access by police and intelligence services fighting terrorism? Whose DNA should be held, and for how long, to help solve crime? What safeguards are needed for commercial internet-based tracking services which leave no hiding place?

All power to Mr Thomas' elbow.

01 March 2006

Higgins: Social Web, Social Commerce

Identity is a slippery thing at the best of times. On the Internet it's even worse (as the New Yorker cartoon famously encapsulated). But identity still matters, and sorting it out is going to be crucial if the Internet is to continue moving into the heart of our lives.

Of course, defining local solutions is easy: that's why you have to remember 33 different passwords for 33 different user accounts (you do change the password for each account, don't you?) at Amazon.com and the rest. The hard part is creating a unitary system.

The obvious way to do this is for somebody to step forward - hello Microsoft Passport - and to offer to handle everything. There are problems with this approach - including the tasty target that the central identity stores represent for ne'er-do-wells (one reason why the UK Government's proposed ID card scheme is utterly idiotic), and the concentration of power it creates (and Microsoft really needs more power, right?).

Ideally, then, you would want a completely modular, decentralised approach, based on open source software. Why open source? Well, if it's closed source, you never really know what it's doing with your identity - in the same way that you never really know what closed software in general is doing with your system (spyware, anyone?).

Enter Higgins, which not only meets those requirements, but is even an Eclipse project to boot. As the goals page explains:

The Higgins Trust Framework intends to address four challenges: the lack of common interfaces to identity/networking systems, the need for interoperability, the need to manage multiple contexts, and the need to respond to regulatory, public or customer pressure to implement solutions based on trusted infrastructure that offers security and privacy.

Perhaps the most interesting of these is the "multiple contexts" one:

The existence of common identity/networking framework also makes possible new kinds of applications. Applications that manage identities, relationships, reputation and trust across multiple contexts. Of particular interest are applications that work on behalf of a user to manage their own profiles, relationships, and reputation across their various personal and professional groups, teams, and other organizational affiliations while preserving their privacy. These applications could provide users with the ability to: discover new groups through shared affinities; find new team members based on reputation and background; sort, filter and visualize their social networks. Applications could be used by organizations to build and manage their networks of networks.

The idea here seems to be a kind of super-identity - a swirling bundle of different cuts of your identity that can operate according to the context. Although this might lead to fragmentation, it would also enable a richer kind of identity to emerge.

As well as cool ideas, Higgins also has going for it the backing of some big names: according to this press release, those involved include IBM, Novell, the startup Parity Communications (Dyson Alert: Esther's in on this one, too) and the Berkman Center for Internet & Society at Harvard Law School.

The latter is also involved in SocialPhysics.org, whose aim is

to help create a new commons, the "social web". The social web is a layer built on top of the Internet to provide a trusted way to link people, organizations, and concepts. It will provide people more control over their digital identities, the ability to more easily find other people and groups, and more control over how they are seen by others across diverse contexts.

There is also a blog, called Social Commerce, defined as "e-commerce + social networking + user-centric identity". There are lots of links here, as well as on the SocialPhysics site. Clearly there's much going on in this area, and I'm sure I'll be returning to it in the future.