{"id":609,"date":"2009-11-24T14:05:46","date_gmt":"2009-11-24T13:05:46","guid":{"rendered":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/2009\/11\/fam09-closing-session\/"},"modified":"2009-11-24T22:51:41","modified_gmt":"2009-11-24T21:51:41","slug":"fam09-closing-session","status":"publish","type":"post","link":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/2009\/11\/fam09-closing-session\/","title":{"rendered":"FAM09 &ndash; Closing session"},"content":{"rendered":"<p>This session by Nate Klingenstein.<\/p>\n<p>Today&#8217;s Federated Identity Challenges:<\/p>\n<ul>\n<li>Scaling &#8211; especially cross-sector and cross national boundaries <\/li>\n<li>Getting the user experience right &#8211; not just in Higher Education &#8211; is going to be even harder than the challenges we face today. <\/li>\n<li>Protocol wars &#8211; new, powerful players in the area <\/li>\n<li>Levels of assurance and attribute support <\/li>\n<li><strong>Reconcilation between consumer and enterprise identity &#8211; possibly the biggest challenge<\/strong> <\/li>\n<\/ul>\n<p>&#8216;The Cardiff Giant&#8217; &#8211; a statue discovered in Cardiff (New York). Copied&#160; by P.T. Barnum (covertly) and toured. This all showed:<\/p>\n<ul>\n<li>Even a fake can be very popular <\/li>\n<li>Fake identites and indentity theft are widely recognized, growing problem <\/li>\n<\/ul>\n<p>Identity is big business &#8211; e.g. Doubleclick (acquired by Google) &#8211; serving personalised advertising.<\/p>\n<p>Universities house both applications and identities. They are the natural &#8216;home&#8217; of much user data &#8211; e.g. Courses, titles, grades. Universities also host applications &#8211; but increasingly these may not be hosted locally. The important players in Academic Identity are:<\/p>\n<ul>\n<li>Government <\/li>\n<li>Faculty <\/li>\n<li>Applications (Commercial and other) <\/li>\n<li>Users <\/li>\n<\/ul>\n<p>What do Governments want?<\/p>\n<ul>\n<li>Privacy laws and their enforcement vary wildly from country to country\n<ul>\n<li>China and the EU offer useful (and possibly polar opposite) examples <\/li>\n<li>A situation that needs careful balancing if there will be meaningful enforcement <\/li>\n<\/ul>\n<\/li>\n<li>We need recognition of the social importance of trust &#8211; some evidence that trust in financial markets drives economic properity? <\/li>\n<\/ul>\n<p>What do Faculty want?<\/p>\n<ul>\n<li>Good learning resources and tools <\/li>\n<li>Students undivided attention (possible issue with using external tools e.g. social networks to deliver teaching material) <\/li>\n<li>Freely circulated intellectual property? <\/li>\n<li>Stronger intellectual property rights? <\/li>\n<\/ul>\n<p>What do Commercial Applications want?<\/p>\n<ul>\n<li>A userbase to monetize\n<ul>\n<li>page views, successful completion of login, high retention rates, lost of juicy personal details (hence reluctant to engage with federated access management) <\/li>\n<li>licensing fees <\/li>\n<li>Advertising is a nice plus <\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>What do Other Applications want?<\/p>\n<ul>\n<li>They&#8217;re often not sure, and would like you to help them <\/li>\n<li>Happy to be out of the usr\/pwd trap <\/li>\n<li>Varying degrees of control over the GUI and authentication process <\/li>\n<li>&#8220;Security&#8221; and &#8220;usability&#8221;, vaguely <\/li>\n<li><strong>Identity services are critical for &#8220;cloud&#8221; computing<\/strong> <\/li>\n<\/ul>\n<p>What do Users want?<\/p>\n<ul>\n<li>Studies by JISC, Yahoo!, Google and others show that to get users to use the services you offer:\n<ul>\n<li>You need consistency, consistency, consistency <\/li>\n<li>Bifurcation is confusing, particularly if there&#8217;s an email address box or user\/pass option (i.e. more than one option) <\/li>\n<li>Users have no idea what a domain is <\/li>\n<li>Even with coaching, outcomes from typing URL-based identity do not improve <\/li>\n<li>Buttons are best, but alternatives are okay <\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Users understand the difference between a professional account and a personal account, work app and personal app &#8211; and can generally select between them. Privacy and security are consistently rated as very important &#8211; especially in coutnries with weak privacy laws. However LSE study demonstrated &#8211; convenience often wins in practice anyway.<\/p>\n<p>Consumer Identity Today<\/p>\n<ul>\n<li>Facebook Connect by far the most successful\n<ul>\n<li>proprietary protocol, single identityt providers <\/li>\n<li>inducements for applications &#8211; lots of personal data for targeted ads <\/li>\n<\/ul>\n<\/li>\n<li>Twitter comes in second, followed by also-rans <\/li>\n<\/ul>\n<p>Facebook Connect &#8211; on Huffington Post, <a href=\"http:\/\/money.cnn.com\">http:\/\/money.cnn.com<\/a> (the latter only supports Facebook connect for commenting). Some interesting stats on various mechanism for logging into the Typepad blogging platform at <a href=\"http:\/\/blog.leahculver.com\/2009\/11\/log-in-or-sign-up-with-openid.html\">http:\/\/blog.leahculver.com\/2009\/11\/log-in-or-sign-up-with-openid.html<\/a><\/p>\n<p>Convergence between Educational Identity and Consumer Identity &#8211; It&#8217;s already happening! How soon will your students ask for a &#8216;Facebook Connect&#8217; login to your VLE?<\/p>\n<p>The level of assurance gravitates towards the lowest common denominator &#8211; often basically an email address that doesn&#8217;t &#8216;bounce&#8217;. Social Networks include a large level of assurance, as you have lots of people &#8216;vouching&#8217; for you (although questions about how much this is worth, it definitely isn&#8217;t worthless). Maybe &#8216;strongly vetted&#8217; ID is not what Universities should try to provide. Instead we may want to focus on the attributes:<\/p>\n<ul>\n<li>Consumer identity world is rapidly realizing that attributes are key <\/li>\n<li>Need to solve problems like attribute aggregation <\/li>\n<li>Attribute plumbing from the campus to the consumer Identity Provider &#8211; Google is trying the business modle <\/li>\n<\/ul>\n<p>If consumers opt for Facebook, perhaps this is an opportunity for Universities to stop worrying about the &#8216;discovery&#8217; problem &#8211; even if we worry about the implications of Facebook managing this instead.<\/p>\n<p>Preparing for those futures:<\/p>\n<ul>\n<li>Be protocol-agnostic\n<ul>\n<li>OpenID support in the Shibboleth IdP is a good start <\/li>\n<\/ul>\n<\/li>\n<li>Expectations and functionality are driven today by commerce and consumer identity\n<ul>\n<li>Users unlikely to exert change <\/li>\n<li>Faculty will use the best tools available <\/li>\n<li>Commercial applications like money <\/li>\n<\/ul>\n<\/li>\n<li>Discovery is the real control point &#8211; if you present a &#8216;Facebook Connect&#8217; button at this point, users will click it\n<ul>\n<li>No single right answer <\/li>\n<li>eduID or similarly branded login &#8211; this is contentious issue <\/li>\n<li>Some people want to stop buttons or dedicated discovery entirely <\/li>\n<\/ul>\n<\/li>\n<li>Proactively contemplate partnerships with the other identity sources <\/li>\n<\/ul>\n<p>Current course excellent &#8211; we are doing most of the right things &#8211; even if for the attributes and policies alone which is 9\/10 the effort and value<\/p>\n<div style=\"padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px\" id=\"scid:0767317B-992E-4b12-91E0-4F059A8CECA8:f25938fa-198d-4de1-a431-833267e1821b\" class=\"wlWriterEditableSmartContent\">IceRocket Tags: <a href=\"http:\/\/blogs.icerocket.com\/search?q=fam09\" rel=\"tag\">fam09<\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>This session by Nate Klingenstein. Today&#8217;s Federated Identity Challenges: Scaling &#8211; especially cross-sector and cross national boundaries Getting the user experience right &#8211; not just in Higher Education &#8211; is going to be even harder than the challenges we face today. Protocol wars &#8211; new, powerful players in the area Levels of assurance and attribute [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[37],"class_list":["post-609","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-fam09"],"_links":{"self":[{"href":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/wp-json\/wp\/v2\/posts\/609","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/wp-json\/wp\/v2\/comments?post=609"}],"version-history":[{"count":2,"href":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/wp-json\/wp\/v2\/posts\/609\/revisions"}],"predecessor-version":[{"id":611,"href":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/wp-json\/wp\/v2\/posts\/609\/revisions\/611"}],"wp:attachment":[{"href":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/wp-json\/wp\/v2\/media?parent=609"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/wp-json\/wp\/v2\/categories?post=609"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.meanboyfriend.com\/overdue_ideas\/wp-json\/wp\/v2\/tags?post=609"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}