Tuesday, December 18, 2007


Just in case you stumble across this site either looking for me or Identity Management in general, my blog is now at http://www.davenesbitt.com

Tuesday, October 25, 2005

The Lords and the Liberals all hate the UK ID Card

The good thing about having an unelected second chamber is that debates on important issues such as the UK ID Card can take place without party politics having too much sway. The House of Commons may still be stuffed with enough New Labour career politicians to ensure the flawed ID card bill gets pushed through, but at least the nonagerians over the road still have enough nous to see the bill for what it is. As reported in Silicon.com, their Lordships have some serious concerns for our privacy.

The good old Lib Dems, meanwhile, with our Liberty their prime concern (and scoring points off Labour far from their mind, of course) have launced a website dedicated to opposing the ID Card. Will it make any difference? I doubt it, but I like it all the same.

Thursday, October 20, 2005

Sophists and Cynics

I did intend to stay away from philosophical debate and concentrate on more practical aspects of IdM, but consistency has never been one of my strong points.

As anyone who has visited the UK will know, what our radio waves lack in diversity, they can occasionally make up for in terms of quality of content. BBC Radio 4, in particular, often has some highbrow programming that, if you can stand Melvin Bragg or Andrew Marr, can temporarily provide you with some enough borrowed intellectual ammunition to convince others that you are both intelligent and erudite. So here we go...

Radio 4 today had a programme about The Cynics, that wacky bunch of ancient Greek philosophers who lived in barrels and fornicated in public in an effort to convince other ancient Greeks that the good life was the natural life. Chief amongst them was Diogenes, who, it is reputed, first coined the phrase "cosmopolitan". For an ancient Greek, the most important aspect of their identity (can you feel the tenuous link to IdM already?) was where they came from: which city they were a citizen of. When two Greeks met, the first question they asked of the other was "where are you from?". Diogenes, when challenged in this way, would respond "I am a cosmopolitan" - in other words, "I am a citizen of the cosmos, and the importance you place on an individual's city of origin is trivial and irrelevant." And that's a bit like the challenges faced by today's IdM systems, isn't it? (Or if it isn't then my analogy and credibility, if I ever had any, die here - so stick with it for a moment longer.) Whilst in the private sphere of work-related identity transactions we might be content to allow our original location to derive our entitlements in other locations - as in a simple trust between two identity providers - in the public sphere such concepts are insufficient. We, the users, need to be considered as cosmopolitans - citizens of the virtual cosmos, carrying our identity with us, and being given entitlements based on who we are, not where we have come from. If I understand Kim Cameron's Laws of Identity correctly, this may even accord in some way with Law 4: A universal identity system must support both "omni-directional" identifiers for use by public entities and "unidirectional" identifiers for use by private entities. On the other hand, it's entirely possible that I'm cynically seeking to align myself with an Identity Giant such as Kim in order to gain authority I don't have. In doing so I'm following a long established tradition - the original cynics themselves were happy to feed off the scraps from the tables of the great and good. In fact, they were often referred to as "dogs" and fed on bones. Diogenes himself took this a step further by allegedly peeing on the legs of those who laughed at him. So be warned.

Sticking with philosophical analogies, I picked up an interesting piece of sophisty (in the modern sense of the word, suggesting an invalid argument composed of specious reasoning, not having anything to do with Platonic discourse) from the UK's Home Secretary, Mr Charles Clarke - the man tasked with pushing the contentious ID card bill through Parliament. As reported by Silicon.com, Mr Clarke stated that the advent of the ID Card will "provide an effective mechanism to tackle crime, to reduce identity fraud and to improve legitimate access to services. I believe that it will not remove civil liberties but will give an individual greater control over his identity." Whilst the first three points he makes are arguably valid, it's the last one that makes my hair stand on end. Having your ultimate digital ID contained within the bowels of a Guvmint database will "give an individual greater control over his identity". Eh? Say what? Only a Minister could make such a statement and expect us to swallow it. What's next? Oceania has always been at war with Eurasia?

Wednesday, October 19, 2005

Microsoft warns ID cards pose massive security risk

Just seen this in the Silicon.com newsletter. As an old-fashioned liberal, I'm idealogically opposed to ID cards in the first place, but more than anything the thought of my ultimate digital identity sloshing around in the chaos of a Guvmint IT project fills me with deep existential dread. I've seen those Sci-Fi movies where the person is wiped from the evil Guvmint database and ceases to exist. That'll be all of us over here, that will.

Tuesday, October 18, 2005


If you're going to Microsoft IT Forum in Barcelona next month, be sure to come along and see me waving my arms around and drawing indecipherable pictures on a whiteboard during a "Chalk and Talk" session on "Integrating SAP Identities into the Microsoft Environment". More details to follow.

I'll also be at Thames Valley Park on the 10th November doing a seminar on SAP User and Access Management with MIIS, and again on 1st December doing a generic Identity and Access Management with Microsoft one.

Rebirth - again

I haven't written much about Identity Management since I stopped doing the DIM Report newsletter and writing for Digital ID World, and joined Oxford Computer Group. This is partly because I've been deeply involved in some IdM projects, but mainly because I've been too damn lazy. But now seems as good a time as any to start up again.

I won't be writing much in the way of deep thoughts about Identity - there are plenty of people doing that already - but instead taking the view from the coal-face and sharing some practical lessons learned deploying Microsoft Identity Integration Server (MIIS) into various organizations over here in the UK and Europe.