WHITE PAPERS SPONSORED PROFILES JOB BOARD WEBINAR CENTER FREE SOFTWARE BZ RESEARCH ALMSHAREPOINT EVENTS CALENDAR PRINT/PDF EDITION PRINT/PDF BACK ISSUES

SUBSCRIBE TODAY CUSTOMER SERVICE EDITORIAL BEATS GUEST VIEW GUIDE SD TIMES 100 GUIDE EVENTS CALENDAR ADVERTISING ARTICLE REPRINTS REPORT A BUG SITE MAP

ABOUT US BZ MEDIA NEWS BZ RESEARCH NEWS ON MONDAY SPTECHREPORT SPTECHWEB SPTECHCON IPHONE/IPAD DEVCON ANDROID DEVCON PRIVACY POLICY CONTACT US

HOME >> ZEICHICK'S TAKE

Zeichick’s Take: Where does identity live?

By Alan Zeichick

December 17, 2010 — I’m having an identity crisis. Please feel free to join me.

When I wake up my laptop, it asks for a username and password. Giving the right answer provides access not only to the machine and its locally stored applications and data, but also to my keychain of stored website passwords. The same is true with my smartphone: I provide a short numeric password and have access to my stored data and configured applications, which include cached passwords for e-mail and various online services.

So, you might say, on a fundamental level, my digital identity is absolutely tied to a few specific edge devices that I possess, carry around with me, and try hard not to lose.

Yet on another level, my identity lives in the cloud. Whether it’s Facebook, Twitter, LinkedIn, Google Documents, Windows Live, Netflix, Amazon.com, Salesforce.com, Dropbox, the SD Times editorial wiki, my ZTrek personal blog or elsewhere, my identity is in cyberspace. It’s accessible from any machine’s applications, via any browser and even APIs.

Therefore, my digital identity simultaneously has absolutely nothing to do with whichever edge devices I’m using today.

This thought occurred to me when meeting with PowerCloud, a Xerox PARC spinoff that’s building a cloud-based authentication system for small business networks. In effect, infrastructure devices like routers and switches are registered with the PowerCloud system, and are programmed to only allow authorized edge devices (laptops, desktops, smartphones, network printers) to connect to the LAN. It’s a clever system that not only improves network security but also simplifies network configuration.

The whole PowerCloud system is based on authenticating specific devices based on either their MAC address (for the edge device) or a firmware token (for the infrastructure device). The system doesn’t care who is using the hardware; if it’s not authorized, it can’t connect. That’s very different, of course, from how most of us view the Web, where it’s all about username and password. But it’s the way that the invisible world works. (For example, your phone is authenticated to the mobile network based on an electronic serial number baked into the phone or a removable SIM card—not based on the phone number or your unlock password.)

The best security schemes involve something that you have (a device, a fingerprint or other physical token) and something that you know (a password or pass phrase). But what does that mean for identity? Am I user “alan” on my laptop? Or am I user 132588 on LinkedIn?

Who am I? And does it even matter?

Alan Zeichick is editorial director of SD Times. Follow him on Twitter at twitter.com/zeichick. Read his blog at ztrek.blogspot.com.

Share this link: http://sdt.bz/35098

Most Read Latest News Blog Resources

Virtualization: Not just for machines anymore
Network virtualization allows multi-tiered applications to behave as though they were in a physical network

Magic announces the release of its revolutionary mobile offering for the development of business applications, with new native clients for iOS and Android platforms
Magic announced today the availability of native iOS and Android clients for its mobile enterprise application platform

Achievements and learning: Gamification comes to businesses and schools
Startup takes page from gamers by offering achievement marks to get developers more engaged in their projects

Zeichick’s Take: The handheld and the tablet, circa 1976
Texas Instruments' and Hewlett-Packard's calculators were doing things decades ago we take for granted today

Virtualization: Not just for machines anymore
Network virtualization allows multi-tiered applications to behave as though they were in a physical network

Achievements and learning: Gamification comes to businesses and schools
Startup takes page from gamers by offering achievement marks to get developers more engaged in their projects

Google talks tools at AnDevCon III
New 3D debugging tool and recent ADK changes are detailed by Google developers at the third Android Developer Conference

SmartBear rolls out new quality solution: API Complete
Software gives organizations ability to write test scripts and monitor APIs by bridging the DevOps divide

Creation
To write better software, cultivate your ability to be creative.

Slick...but who needs it?
compilr.com is a well-designed site and the folks behind it seem to have their heart in the right place. But...who needs it?

How to be a better software developer
Want to be a better developer? You won't get there by mastering an interesting language or learning a new set of APIs.

Wooing Galatea
Do yourself a favor and check out Galatea 2.2, a wonderful book by novelist Richard Powers.

Five SCM Best Practices Two-thirds of all software projects fail, according to the Standish Group’s CHAOS study. Improper usage of software configuration management...

Best Practices for Branching and Merging Patterns

Development teams often create a branching pattern, usually drawn out on a white board or in a Visio document, that is used as a model to...

Automated Error Reporting We invite you to read a short e-zine that tells you all about automated error reporting for .NET applications. This 8-page e-zine is packed...

The End of Application Redeploys Imagine that every time you wanted to write, send or receive an email, you needed to restart your computer. How much time would this take, a...

Technorati

Digg

Slashdot

Facebook

Friendfeed

Twitter

del.icio.us

EPM Live Acquires EPK Group’s EPK Suite, Enhances WorkEngine WorkEngine will get a deeper level of portfolio management, according to EPM Live

Microsoft Geneva works with third-party identity systems Web standards permit CA, IBM, Novel, SAP and Sun products to work with Microsoft's principal identity management solution, currently in beta. Geneva is the foundation of the identity and security capabilities of Windows Azure services.

WSO2 adds OpenID to Identity Solution UPDATED STORY: The open-source Web service framework provider WSO2 implemented OpenID and SAML 2.0 in its Identity Solution 1.5. The framework complements its existing information card support and has components that can plug into Apache HHTPD and Java Web servers.

Comments

01/07/2011 11:08:12 AM EST

Actually, the question is even more complicated, because computer system developers don't know what Philosophers know; which is that we need more than one identity. As I've written about at existentialprogramming.com/2007/12/clark-kent-is-not-superman.html it is not sufficient to boil down all references to a single person to a single ID, because we need different IDs for each of our different "aspects", or "personas".

United StatesBruce Wallace

Add comment

Name*
Email*
Country

Comment

EPM Live Acquires EPK Group’s EPK Suite, Enhances WorkEngine
WorkEngine will get a deeper level of portfolio management, according to EPM Live Read More...

News on Monday
more>>
SharePoint Tech Report
more>>

Download Current Issue
MAY 2012 PDF ISSUE

Need Back Issues?
DOWNLOAD HERE

Want to subscribe?

Creation
To write better software, cultivate your ability to be creative.
05/19/2012 07:40 PM EST

Slick...but who needs it?
compilr.com is a well-designed site and the folks behind it seem to have their heart in the right place. But...who needs it?
05/16/2012 12:45 PM EST

How to be a better software developer
Want to be a better developer? You won't get there by mastering an interesting language or learning a new set of APIs.
05/14/2012 12:18 PM EST

Wooing Galatea
Do yourself a favor and check out Galatea 2.2, a wonderful book by novelist Richard Powers.
05/12/2012 07:05 PM EST

The world as story
An artificial-intelligence system at Carnegie Mellon seeks to understand the world by making statements about it.
05/10/2012 06:39 AM EST

The Rise of the Brogrammer, or the Rise of the Sexist Programmer?
Women in Silicon Valley get vocal about sexist ads and campaigns that contribute to a tense work environment.
05/09/2012 03:14 PM EST