Identity Landscape

= Introduction =

The Identity Landscape is a community project to create a shared living "map" of the Internet identity space -- the projects, technologies, and standards that are coming together to create an interoperable identity layer for the Internet.

Note: this page is currently a placeholder for the outcome of presentations and discussions at the Internet Identity Workshop to be held in Mountain View December 4-6. In the meantime, feel free to add any content you feel would be appropriate to building an identity landscape.

A lot of the material in the next three sections was taken, with permission, from the blog article of Johannes Ernst at http://netmesh.info/jernst/Digital_Identity/who-is-what-in-identity.html.

= Groups, Communities, Projects =

Bandit
Open-source project that builds a set of loosely-coupled components for Authentication, Authorization, and Auditing. Initiated by Novell. http://www.bandit-project.org.

Concordia
Recently initiated in the context of the Liberty Alliance (see below), Concordia will initially focus on use cases for multi-protocol interoperability. Concordia is legally part of the Liberty Alliance, I believe, but there are some talks (though no actions yet) to charter it under the Identity Commons. http://projectconcordia.org.

DataPortability.org
The purpose of this project is to put existing technologies, techniques, policies and initiatives in context in order to facilitate translation, education, advocacy and ultimately implementation of data portability. http://dataportability.org/

Higgins
An open-source project currently part of the Eclipse Foundation that develops multi-protocol software components. For example, the Higgins project is developing open-source information card selectors similar to Microsoft CardSpace for other platforms. http://www.eclipse.org/higgins.

Identity Commons
The Identity Commons is an industry association for the collaborative development of the technical, social and legal aspects of a user-centric identity layer on the internet. Many of the other initiatives listed here are chartered as working groups in the Identity Commons. Some of them are formed to accomplish a specific objective and disband shortly thereafter. Others are expected to keep going for a long time. You're already here.

Identity Gang
The Identity Gang is an invitation-based mailing list and public wiki bringing together most of the movers and shakers around identity. Operating as Working Group of the Identity Commons. http://identitygang.org.

IETF
A technical standards body for internet protocol standards. No identity-related work is currently performed there, but there are several related activities. http://www.ietf.org.

ITU-T Focus Group on Identity Management
The ITU is a technical standards body for telecommunications-related protocol standards following international standardization processes. The objective of the Focus Group is to facilitate the development of a generic Identity Management framework, by fostering participation of all telecommunications and ICT experts on Identity Management. http://www.itu.int/ITU-T/studygroups/com17/fgidm.

Kerberos Consortium
Just recently created, the MIT Kerberos Consortium intends "to establish Kerberos as the universal authentication platform for the world's computer networks.". http://www.kerberos.org.

Liberty Alliance
An industry association for the development and promotion of federated identity standards. Established in 2001, it has focused mostly on intra and inter-enterprise scenarios. http://projectliberty.org.

Oath
Organization and technology standards to define open authentication protocols. for universal strong authentication on many kinds of devices and networks. http://www.openauthentication.org.

OASIS
A technical standards body for structured information standards. The development of XRI, XDI and SAML identity protocols resides here. http://www.oasis-open.org.

OpenID
OpenID is a community and a set of user-centric identity protocols, facilitated by the OpenID Foundation. OpenID is also chartered as a working group in the Identity Commons. http://openid.net.

OSIS
Organizes and harmonizes the development of software components for the internet-scale identity system by focusing on specific interoperability use cases, and demonstrating these multi-vendor scenarios at public events. Organized as a working group of the Identity Commons. http://osis.netmesh.org.

PRIME
European research project to develop a working prototype of a privacy-enhancing identity management system. https://www.prime-project.eu.

Shibboleth
Part of the Internet 2 project, Shibboleth is an open-source project that provides Web-based Single-Sign-On. http://shibboleth.internet2.edu.

VRM
Initiated by Doc Searls at the Berkman Center at the Harvard Law School, the Vendor Relationship Management project is a community-driven effort to support the creation and building of VRM tools. The VRM project is expected to be chartered under the Identity Commons. http://cyber.law.harvard.edu/projectvrm/Main_Page.

W3C
A technical standards body for web standards. No identity-related work is currently performed there, but there are several related activities. http://www.w3.org.

XDI.org
A non-profit governing the XDI and XRI infrastructure. It also holds the XRI and XDI intellectual property. http://www.xdi.org.

= Conferences=

Digital Identity World
The main identity trade show and conference in the United States.

Identity Open Space
A series of "unconference"-style events produced by Kaliya Hamlin, Doc Searls and Phil Windley, in association with other events such as Digital Identity World. See also Internet Identity Workshop.

Internet Identity Workshop
A series of "unconference"-style workshops produced twice a year by Kaliya Hamlin, Doc Searls and Phil Windley. It is the primary face-to-face gathering of the various individuals and groups working on user-centric identity. It operates as Working Group of the Identity Commons.

IDtrust at NIST
Annual conference at NIST in Gaithersburg, MD (D.C. area). Originally a PKI academic workshop, it has morphed into a more general identity symposium. Attendees consist largely of representatives from higher education and government (both domestic and foreign). http://middleware.internet2.edu/idtrust.

= Protocols, Technology =

Yadis
Meta-data discovery framework for identity services. Now required for OpenID implementations, but useful for many other applications as well that need to discovery services from URLs or other identifiers. http://yadis.org.

= Items to Place =

This is simply a starting list of items in alphabetical order to place on the map (taken from a thread on the Identity Gang mailing list).

It's now what's left after the above.


 * i-names and i-numbers
 * OpenPGP
 * Tor

See also


 * http://openliberty.org/wiki/index.php/RelatedProjects

= Other Maps/Lists =

On the Identity Gang list, Ashraf Motiwala recommended the following:


 * http://docs.safehaus.org/display/HAUS/Id+OSS+Map is a map of identity Open Source projects.
 * http://identityaccessmanagement.blogspot.com/2005/05/vendor-list.html is a list of vendors in the identity space.

More maps


 * http://www.xmlgrrl.com/blog/archives/2007/03/28/the-venn-of-identity/ is by Eve Maler and the Liberty Alliance
 * http://identity4all.blogspot.com/2005/11/topology-of-identity-standards.html is a draft of standards and their inter-relations