The New Internet of Subjects Manifesto

After the Internet of Subjects Forum London (5 July 2010) Graham Sadd wrote in his blog: Violent Agreement Breaks Out at IoS Forum.

This was echoed in the final session of the 8th ePortfolio conference ( when Derrin Kent offered to invite the Mahara open source ePortfolio community to integrate the idea of separation between data, metadata and ePortfolio services. We hope that more ePortfolio providers will support this model, which should lead to greater interoperability across systems and organisations, whilst increasing control by individuals of the exploitation of their personal data. It is a path to creating true personal lifelong learning environments.
One of the next documents to be produced is a New Internet of Subjects Manifesto, based on the ‘7 IoS principles‘. It will be a response to the National Strategy for Trusted Identities in Cyberspace (USA).
A simple analysis of the NSTIC document reveals that:
  1. there is not a single reference to (personal) data storage
  2. there is one single reference to publish[ing] private information
  3. there is no reference to ‘discoverability’
  4. the word ‘relationship’ is only used 3 times
The main weakness of the NSTIC is the focus on “trusted identities” (that are no more than glorified ‘trusted identifiers’) rather than “trusted relationships.” The whole exercise looks like the effort to represent a 3 dimensional space on a single straight line: It doesn’t use any of the topographic properties of a network! In order to trust a claim by an individual that she is a British citizen, it would be sufficient to check that the server of the passport office points to the subject’s PIMS (personal information management system) while sending a message to the PIMS (the mobile phone being part of it!) to check that it is the owner of the PDS that makes the claim —and the PIMS could provide a proxy service to manage this kind of transaction, making one’s life easier.

An identity can be defined by a series of (more or less) trusted relationships evolving over time and space. It is a combination of identification of (by a third party) and identification to (a group of people sharing certain attributes).

The main limitation of the NSTIC document is that it only focuses on the identification of, and does not address a single element of the identification to. It also assumes that one needs to be identified in order to enter a transaction, while most transactions in real life do not require any kind of formal identification.
The concept of “trusted identity” in NSTIC is mono-dimensional, while the IoS concept of ‘trusted relationships’ is multi-dimensional. An identity is a (series of) relationship(s), evolving over time and space, not a static attribute. NSTIC aims at a “user-centric Identity Ecosystem”, while we aim at a “subject centric Trust Relationship Ecosystem”, where the subject can be a person, an organisation or a network. Placing too much emphasis on ‘user centricity’ contains the risk of reinforcing the asymmetry of the current system —patronising is not far.
The focus on “trusted identity” rather than “trusted relationship” is also revealing of the non-existence of Internet Subjects in the current architecture. In an Internet of Subjects, that is a space where self-asserted subjects exist autonomously, the need for the old fashion approach to identity and access management vanishes.
The IoS objective is to create a totally symmetrical system where individuals can act as identity, attribute and service ‘providers’, not just as ‘trusted users’. Of course, if we want to know that a person is a EU citizen, we will look for a proper trusted party for such an attribute, but the mechanism will be the same if we want to know whether a person is a member of a cricket club, a university alumni or a friend —or if a business client list is genuine, etc.
If you want to contribute to the Ios and the writing of the New Internet of Subjects Manifesto, you can do so by joining the IoS working group.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.