Identity: It is the Network
The idea of identity as a service and identity federation is almost 10 years old. Happy birthday, identity people. If the protocols have changed a bit from SAML to WS-Federation, CardSpace and, OpenID, the vision of identity as a service has predominantly stayed the same. That is a good thing. Vision alignment inexorably drives technology convergence in the end. On the application, single sign and attributes exchange across identity providers and relying parties still dominate the use cases. Yes, after all this time, our show off moment is still a login demo! In the meantime, my content friends are wooing customer and analysts with HD quality movie streaming to the desktop. What is wrong with that picture?
What we need is a new demo. Jokes aside, there may lay a critical observation. Although an interesting feature, the brutal truth is that SSO is no killer app. Of course, the implications of a shared login are not to be underestimated. User convenience, increased trust and stronger security are important. Bien sur, reducing all these cool new technologies to access control is an unfair characterization. OpenID's user centric paradigm that puts consumers in charge of their identity may well be the foundation to a massive rethink of today's Internet services. As big as these ideas may be, however, no one in the industry has really been able to translate them into killer consumer services. Rarely does new technology succeed unless the experience and benefits it enables outweighs the status quo by an order of magnitude. So, If we truly aspire to mass deployment, we need to provide more value to consumers. We definitely need to go much farther than access control and attribute exchange.
Maybe, it is also time to take a lesson from the Web 2.0 movement. For the most part, the true innovation of Web 2.0 has not been to create new applications. Instead, it has been to re-invent the old ones. What is the main difference between oFoto and Flicker albums, Internet Explorer and Del.icio.us bookmarks, Geocity and MySpace homepages? The difference is social interactions and the community surrounding these services as a fundamental tenet of the application. This bears the question whether identity 2.0 should be more about enabling social interactions across services. In many ways, the portability of my social graph and interactions across sites may be more attractive to consumers than the sole portability of a login name and account information. Enabling social graphs across all wide variety of Web applications strikes me as a fundamental primitive of identity management. Interestingly enough, there have been recent discussions around creating interoperability around social networks. Certainly, open standard could be essentials and VeriSign would love to foster that work within the technical community. Beside, I just cannot wait to get a new identity demo!
The idea that social graph management is essential to identity leads to a second question. What will the new identity platform look like? In the world of the cloud OS, will CardSpace, OpenID or Higgings define the next identity layer? There again, we may have to look elsewhere. These open protocols are only at the beginning of their adoption curve and are still neglecting the need to enable social interactions. Facebook, on the other hand, already has 30 millions users. With its proprietary APis, FaceBook is all about enabling social graphs across new applications. The joke in the valley is that unless you use FaceBook APis, you cannot get funding these days. Don't laugh. Developers are flocking to FaceBook and for a good reason. It is a true identity network and the network is a compelling platform. Can you imagine the possibilities of social interaction embedded in the browser and the operating system? Maybe that is why the guys from Redmond are rumored to camp in Palo Alto (passport 2.0). After all, being the identity service for the network OS is much more strategic than being the service of choice for high-schoolers. If you have not played with FaceBook and see digital identity as critical to the Internet, you have not seen anything yet.
With is home grown APis, but APi noneless and with its focus on social graph, FaceBook may well be the closest model to what identity 2.0 platforms will look like. It is up to us to take notice and recognize the value of social graphs that work across applications and services. On the Internet the best protocols do not necessary win, but the best networks do. Yes, we need a new identity demo and the best part is that this time, my friends may even get it!
