Single Signon, OpenID, Federated Identity, Usercodes/passwords are all forms of credential based identification. Credential based identification is built around the idea of creating a representation of a person that is stored as a credential. A person can prove who they are by accessing and delivering this credential to a relying party. This form of identification will not disappear overnight, but it is likely to be replaced with identification based on a person’s presence and a record of past behaviour. This means there is no need to have Identity Providers because the person provides their own identity by visiting websites. It also means that a person can give themselves a different persona when they identify themselves to a device.
Using a person’s presence to announce their identity combined with context based identification derived from past behaviour, creates a system with silos of information that will increase security and help maintain a person’s privacy
This approach will get a boost with the introduction of FIDO (Fast IDentification Online) and other methods where a person establishes their connection with physical devices and proves themselves to the devices. When a person has proven who they are to a device, websites can remember the interactions that the device, and hence the person, has with the website. These interactions can be stored such that only the person controlling the device can link activity across different websites.
Websites who break the rules can be punished by being partially disconnected from the system. A person who breaks the rules can also be partially disconnected.
This structure creates a set of nodes about a person. The person decides which nodes to connect into a web and the person decides how many different webs of nodes they will create. Each web of nodes becomes a different persona. Nodes can be connected by a person visiting websites in order and deciding whether to connect the nodes. Similarly each person can decide who else can view information at any particular node.
This means systems can be built where everyone has their own set of permissions and their own set of links between data. These permissions are easily understood and it is easy to understand the way the links are made.
The system can be viewed as an individual’s own memory system for Internet experiences where each person is unique because each person has their own individual Internet Memory.
The implications of the approach are many. How they will all play out is difficult to imagine. One thought is that the totality of all the interconnected individual memories means that the memories of every person who connects to the Internet contributes to the totality of human Internet memory. We can give permissions so that this information can be mined and the results given to us all. This makes big data very big indeed.
As we will be able to erase our memories, reorganise them – but not change them – we will be able to get machines to help us make sense out of our Interactions in comparison to others.
There are exciting times ahead.