Curated by: Luigi Canali De Rossi

Tuesday, October 26, 2004

Distributed Identity Management On The Web? Sxip

Distributed Identity Management On The Web?

"The right identity management solution for the web will address the needs of all the participants involved.

Websites of all sizes should be able to participate freely, and no one organization should have too much control.

That is, users should be able to have control over their own data.

There is an increasing demand for identity management solutions that offer high levels of privacy and audit trails.

Regulations in many countries require that organizations prove customers have consented to the use of their personal information.

To address this requirement, consent needs to be at the foundation of any identity management platform. Additionally, since the solution must work for the web as a whole, it must be as scalable as the web itself.

The Sxip Network-- a cooperative, public identity network running an open protocol-- grew from efforts to build a balanced solution that meets the requirements of the entire online community.

In order for a user to maintain a persistent identity across the web, there must exist a central authority mapping globally unique identities to sites that are authoritative for them-- just like the central DNS the Internet relies on.

Beyond that, a great deal more centralized control is undesirable.

In recognizing these two factors, the Sxip Network is architecturally different from existing identity management protocols, the same way the Internet itself is different from the private networks it has come to replace.



"Like any network, the value of the Sxip Network increases exponentially with each new member, creating a "virtuous circle" that feeds on its own success.

The Network grows over time as websites that want to be at the center of their users' web experience become Homesites.

As more and more web users get Sxip Network accounts, it makes sense for any site who wants to provide visitors with easy registration and one-click login capacity to become a Membersite.

When visitors who don't yet have a Homesite learn how many Membersites offer faster logins, they will create personas at trusted Homesites.

The Sxip Network makes it easy for sites to keep user information current. With the Sxip Network, Membersites are able to easily ask for user properties with every session without needlessly inconveniencing the user. The user can select to be prompted for the release of any property, only prompted for updated properties, or not prompted at all.

As a side benefit, because a Membersite can request data from the Homesite each time the user visits, it no longer needs to store the user's information locally. This is a feature for sites that wish to minimize their exposure to security breaches and liability for identity theft.

User privacy is increased, as users have the opportunity to choose quickly and easily which personal information to give out and which to keep private. Finally, when data is released, an audit trail can be kept regarding who received what data, when and under what agreement.

Sxip is a simple, secure and open platform for true digital identity built on open standards and supported by open source tools.

Everything That Microsoft PassPort Isn't, and more: Sxip.

Excerpted from: The Sxip Network Overview
Version 1.0.4 Dick Hardt, Isabel Walcott:
September 23, 2004

Robin Good Recommends -
Reference: [via Stephen Downes] [ Read more ]
Readers' Comments    
blog comments powered by Disqus
posted by Robin Good on Tuesday, October 26 2004, updated on Tuesday, May 5 2015

Creative Commons License
This work is licensed under a Creative Commons License.




Real Time Web Analytics