Last week I attended the fourth meeting of the Identity Ecosystem Steering Group (IDESG) in Santa Clara, California. I was very excited to see the momentum that’s building behind this group, which is doing important work that will define the technical underpinnings of how our identity information is shared in both the public and private sectors for years to come. Its work will have a significant impact on our privacy and security in our roles as both individuals and employees.
The main goal of the effort is to define a set of rules – a framework – that enables enterprises to securely exchange user identity information online. This information will include whether a user has logged in for Single Sign-On, as well as user profile information for access control and account provisioning. A framework of standards, technologies and techniques is required to enable the interoperability of the numerous identity systems and approaches taken by the different enterprises participating in the ecosystem. I will explain why this is required in an upcoming post.
Progress to date is that the group has been formally organized (more work than you might think) with a leadership group, committees formed around key areas (e.g. privacy, security, user experience, industries), clearly defined objectives, and liaisons to other groups doing related work. Foundational work has begun as well, particularly in the area of defining 70 or so use cases the framework will address.
Anyone who wants to participate can get involved in helping IDESG define this identity ecosystem. A great way to get started is to take a look at the use cases defined so far – check them out here on IDESG’s wiki – and provide feedback on the ones that are most relevant to you. If you’re not sure what those may be, look for things related to how you use your identity to interact with web sites and applications.
I will be back with more updates soon. In the meantime, I look forward to seeing even more people getting involved with IDESG.