The hottest thing in higher ed is MOOC. And one of the hottest MOOC platforms is Coursera.

Keyboard image

Wikipedia keyboard image

There are couple of challenges the MOOC movement is about to run into:

  1. How do we know that the person submitting a test is the same person she claimed to be before? Identity proofing in a self-declared identity environment is not trivial. MOOCs are by definition open
  2. If we want to make money, we better be able to give credits (or badges, or certificates, or a university degree, or something similar). Solutions include test submission with identity proofing.

Then comes the scary part: Coursera offers a Signature Track, where you as a student get identity verification, verified certificates and sharable course records. This is innovative and new. And the way they do it scares me because of the implications for the student and for other services online (biometric unique typing pattern). There is a Signature Track Guidebook with more details

The unique typing pattern is used to identify your work

“Signature Phrase, a biometric profile of your unique typing pattern. Every time you submit coursework, you’ll easily authenticate your identity by typing your Signature Phrase.”

If this is really workable, I am not sure I want to use any cloud service (like WordPress for this blog, or Gmail) where I type in text. Selling the unique typing patterns for their 2.8 million learners would, however, probably fund the company for the rest of its natural life. It also opens a whole new game of trust issues for any of us using online services. So far the typing part is only available on PC/Mac, and not on tablets

Hopefully I am wrong to be scared.

We need to find a better way to do identity proofing.


An interesting presentation on  design criteria for social web sites, with discussion of how the multiple facets of identity are not supported in most online social networks.  The presentation is interesting both from the directly applicable design of groups/roles and the discussion about how to handle attributes and information flow within social web sites.

At the same time we see an interesting uptake in the use of social web sites and channels to discuss (and cut the lead time of scientific discourse) things like Analysis of Vinay Deolalikar’s recent preprint claiming to prove that P != NP.

SURFnet published a video on how the Dutch research network is proceeding with its innovative Collaboration Infrastructure project COIN.  This work is a synergy of federated identity, social networking and collaboration tools.

The past two weeks I have had an iPad with me. We are doing some tests on how to use ebook readers for education. Testing, after all, needs to be done in realistic environments, like by the coffee table and in bed.  The device is not yet available in Norway, which makes some of the user interfaces weird because the AppStore does not work.  Applications have to be downloaded to a special account at a PC and then transferred by iTunes to the device.  The iPad is a cool gadget, and my sons really want one (mommy, I wish we had one for real that we could share).

On to the login:

  1. You do not log in to the iPad itself.  It is open for anyone with physical access.  Yes, it can be closed, but I operate with default.
  2. You do desperately need an iTunes account.  Without iTunes, the device is worthless.
  3. A normal person cannot change iTunes accounts without damaging major stuff (iPad, arteries, marriage).  It is just too difficult, and you end up cursing.
  4. You need accounts all over the web to access content, even if much of the content works through App Store.  Examples of accounts I ended up with after a few days: iTunes (see 2), various wireless networks (including eduroam), Amazon (to use the Kindle app), email, gaming accounts (not linked to the App Store, so this worked in Norway), twitter, Feide (for federated login)

The short summary

iPad is a portal, with iTunes as its portal framework, and a beautiful user interface.  It suffers all the usual portal problems

  • There is only one world view
  • The portal operator locks you in
  • The portal operator  can lock you out
  • Authentication is a mash-up of various solutions, with issues about reusing login

The usual portal advantages include a coherent user interface, a business model that is defined by the portal operator and apps added according to guidelines.

Watching YouTube on the iPad rocks.  Some of the apps are just beautiful (epicurious, New York Times), and the weird size makes sense for something sitting in your lap.

My son wanted one iPad that we could share in the family, but the iPad is a personal device, where sharing is not intended.  This is partly a result of the iTunes business model, and partly a result of the “tweak and download apps until I cry”-attitude the user is lured into.  Or the last could be just me, running wild in the hope of getting better stuff.

I am concerned about the lock-in of the iTunes business model.  Free speech in society is often measured by how much smut we are willing to put up with, and the iPad apps are smut free.  On the other hand, a quick search yielded a number of web based iPad-friendly porn sites.  You can take free speech out of the regular apps, but the users route around it.

Sharing, withholding and delegating sounds like advice from Management 101, a first introduction to getting things done.  In the case of identity management, there are some hard cases to crack

  1. Sharing metadata: getting information about the right identity provider to the right service provider, as needed
  2. Withholding information about technical detail from the end user, while giving enough information to make informed choices.  One aspect of this is seamless discovery service, where the before mentioned identity provider information is available when needed, without prompting the end user to input something
  3. Delegation of rights.  I may wish to delegate rights to my husband or to a process running on my behalf (webmail should be able to check my mail account via IMAP, even if IMAP is a non-web protocol)
  4. Aggregation of information about me from multiple Identity Providers, while keeping my privacy and giving a user friendly interface to managing my own information

The discussions on these issues have tended to get into complicated corner cases and some heavy protocol elephantiasis.  The simple and elegant design of OAuth gives some hope, as people start experimenting and throwing connected ideas around.  An example is Andreas’ draft work on attribute aggregation.

Simple is good. Testing various ideas helps us sort out how the issues above prevents us from solving some of the use cases

  • Grandfather wants access to e-learning platform, needs to check on school work and see if grandson handed in assignments.  Depends on delegation of rights from parent.  Depends on discovery service to sort this role from the primary role as professor at university.
  • Parent wants to delegate limited rights to supervise schoolwork to grandfather.  Depends on attribute aggregation from multiple sources, as parent-child relation is independent of authentication method.  Depends on seamless discovery service, since this must be possible for all parents.
  • Integration of Web2.0 applications without total mesh coupling.  Depends on withholding information to preserve privacy, and delegation of rights to several process keeping track of social network updates.
  • Universal access to web sites, while preserving privacy.  Getting information about disabilities (sensitive information) to adjust web sites to end user needs.  Depends on aggregation of attributes from multiple sources and delegation of rights.

The issues need to be solved for user centric identities, organization centric identities and federations.  We are not there yet – but the space needs watching.

Trying to wrap my head around the concepts introduced by Kim Cameron, Kai Rannenberg and Reinhard Posch in Proposal for a Common Identity Framework

Kim Cameron is blogging about definitions for a common identity framework, explaining the concepts behind the paper.

Their definition for user centric is interesting

User-centric: Structured so as to allow users to conceptualize, enumerate and control their relationships with other parties, including the flow of information.

The work in Feide on consent, consent management and revamping user interfaces falls nicely into this definition. When the goal is to give users control over their relationship and give them tools to conceptualize the existing relations, we ended up with the federation Innsyn. I do not fully understand what is implied by “enumerate relationships”, but assume that this is similar to the consent management. It is interesting to note that user centric solutions can be achieved both on the client and server side of the traditional server-client model for services, but in order to do server side user centric solutions, the user must be given tools on the server side.

Another interesting concept in the paper is that not all assertions are true (but all Cretans are liars?)

It is key to the document that claims are assertions by one subject about another subject that are “in doubt”. This is a fundamental notion since it leads to an understanding that one of the basic services of a multi-party model must be ”Claims Approval”. The simple assumption by systems that assertions are true – in other words the failure to factor out “approval” as a separate service – has lead to conflation and insularity in earlier systems.

Being able to sort out assertions into claims and credentials may help us think clearer about the security needs. In psycology we learn that children will know the difference between true and false at the age of three-four, but in this case the security community has taken a few more years to sort out the issue. I wonder what that says about the maturity of our understanding?

Why are we spending effort on walling off bigger and bigger spaces on the Internet, and giving everyone a federated ID when what we want is more social media: sharing information, participation and communication?  This question was posed today by one of the participants in Det Digitale Trøndelag (e-collaboration for the public sector in Trøndelag).

Why is identity a necessary part of building the social media?  Social media (and web 2.0) is social because we have the ability to share information using different relations and services.  Relations to other people is normally dependent on identity services to function.  Facebook uses the consept of “friends” to select who gets to see your information, where Twitter use the “follow” function to determine what appears on you personal tweet.

The Internet part of life gets bigger and more interactive.  Transcending the passive consumer status requires the ability for both people and computer systems to read, write, collaborate and determine relevance.

People Computer Systems
Read Data import
Write Data export
Collaborate Exchange data, establish secure communications
Discover information Capability negotiation
Determine what is relevant Personalization, authorization
Trust Security

Dr. Mikael Linden announced today:

My doctoral thesis “Organisational and cross-organisational identity management” was presented for public examination on the 28th of January at Tampere University of Technology. The thesis is now available in pdf:

Thanks to professor David Chadwick for being available as a pre-examiner of the thesis and doctor Diego Lopez as an opponent in the public defence.

I send my congratulations to Mikael.  His work on identity management and federations has been a great inspiration for the developements I have been involved in the past 8-10 years.