Open Standards Forum 2008 - Security Challenges for the Information Society, 30 September - 1 October 2008, Ditton Manor, Near London

Friday, 3 October

WEDNESDAY PROGRAMME / THURSDAY PROGRAMME

*subject to change


Forum Programme (Day 3)

8:30 Coffee & Registration
  PLENARY SESSION: CURRENT STATE OF FEDERATED TECHNOLOGIES
Session Chair: Ronny Bjones, Microsoft
9:00
Current State of Federated Identity Standards and Implementations
Global businesses that have embraced a distributed approach for their applications, workforce members, and vertical industry value chains have a growing need for federation and other identity management standards. Current economic conditions demand more administrative and user efficiency, as well as improved end user experiences. Products and standards continue to mature as customer requirements evolve over time, but the emergence of federation based services is one of the more interesting recent developments for the industry.

Keynote Speaker: Gerry Gebel,
Vice President and Service Director, Burton Group Identity and Privacy Strategies

9:30
Relationship Cards: Security + Society

As Bob Blakley, VP of Identity and Privacy Strategies at the Burton Group said recently, "Relationship is the context which protects the security and the privacy of identity information." This summarizes one of the most promising new developments in Internet security and privacy: relationship cards (r-cards). R-cards combine information card technology with user-controlled identifiers such as OpenID and OASIS XRI and open standard data sharing protocols such as OASIS SAML and XDI. This combination promises to bring a new level of security, privacy, and usability to Internet relationship management.

Speaker: Drummond Reed, Technical Advisor, Cordance Corporation
9:50
The Stakeholder Perspective: Findings from the Privacy Summit Series

Federated systems are inherently multi-party... but the stakeholder set is broader still. We used a series of round-table discussions to find out what obstacles that introduces, how to address them, and what issues are likely to remain. This session will look at simple tools for reconciling the different stakeholder perspectives, and consider some identity and privacy challenges for the future.

Speaker: Robin Wilton, Corporate Architect - Federated Identity, Sun Microsystems and Liberty Alliance
10:10
Building " One Size Fits All" Identity Systems — Possible or Fantasy?

When building an identity system on the scale of the Internet we need to address many properties. Without these properties, a large scale identity system is likely to fail. The identity system needs to address the challenges we encounter on the Internet, as well as the challenges enterprises encounter when federating. Microsoft developed the "Identity Metasystem" to address these properties. In this session we will focus on three important properties: security, privacy and interoperability. We will discuss the security and privacy properties of important components such as CardSpace. We will dig into the interoperability properties of standards such as WS-TRUST.

Speaker: Ronny Bjones, Security Technology Architect, Microsoft Corporation - CATM
10:30 Break
  FEDERATED TECHNOLOGIES: DIFFERENT VIEWS & SOLUTIONS  SESSION (CONTINUED)
Session Chair: John Bradley
10:50
Higgins: The Identity Framework

Almost all online activities: sending emails, filing tax declarations, managing bank accounts, buying goods, playing games, connecting to a company intranet, meeting people in a virtual world, etc., etc., require identity information to be given from one party to another. The abundance of different situations and types of identity information suggests the need for a flexible and user-centric identity management infrastructure. It must be flexible to support the multitude of identity mechanisms and protocols that exist and are still emerging, and the different types of platforms, applications and service-oriented architecture patterns in use. It must be user-centric since the end users are at the core of identity management: the infrastructure must empower the end users to execute effective controls over their identity information. These requirements have far reaching consequences, not only on the user-interfaces of the identity management system but also on the infrastructure itself and how it must be built. Major technology suppliers such as IBM, Novell, Microsoft, Verisign, major financial institutions, and governments are placing large bets in this area to gain advantage.This presentation provides a analysis of the business requirements and technical options for a flexible and user-centric identity management infrastructure, and outlines an open architecture for meeting these requirements. There is the strong need for all parties, including industry and end users, to agree on such a common layer, bridging the existing islands of identity management systems, and encouraging the development and easy deployment of new systems with improved security and privacy properties.

Speaker:
Michael McIntosh, Senior Technical Staff Member, IBM Research
11:10
Information Card Interoperability

Identity software producers, both commercial and open source, have been actively working together to build interoperable Information Card Software.  Michael will provide an overview of the community-driven Open Source Identity Systems (OSIS) Interop process.  He will survey some of the results achieved in the four Interop events to date, the future work still ahead of us, including in the Identity Metasystem Interoperability (IMI) TC, the extraordinary breadth of participation achieved, and some of the reasons for those successes.

Speaker: Michael Jones, Director of Identity Partnerships, Microsoft
11:30 Break
  CLOSING PANEL ON FEDERATED TECHNOLOGIES
Session Chair: Gerry Gebel, Burton Group Identity and Privacy Strategies
11:45
Where We Are Going, Obstacles, & Advancements

Panelists:
  • Drummond Reed, Technical Advisor, Cordance Corporation
  • Ronny Bjones, Security Technology Architect, Microsoft Corporation - CATM
  • Robin Wilton, Corporate Architect - Federated Identity, Sun Microsystems and Liberty Alliance
  • Michael McIntosh, Senior Technical Staff Member, IBM Software Group
  • Michael Jones, Director of Identity Partnerships, Microsoft
12:45
Forum Ends