Friday, May 01, 2009

Identity Mapping

 got to thinking the other day about my online "presence". I do the Facebook thing, the Twitter thing, the LinkedIn thing and I have a .tel domain now!

Some of these "things" talk to each other. Twitter feeds Facebook and Plaxo, for example. I thought it would be quite cool to try to map these services to show the linkages (and it was more difficult than I thought). I haven't included Flickr, Trip IT, Friends Re-United and probably a whole host of other services that I use but here is the current map:

I pulled together this map not by merely recalling the services that I use (although I could've done that quite easily with this particular map) but rather by taking a look at my Password Safe datbase and going through the various accounts I have. My Password Safe now has 257 items in it and I know there are some accounts missing!

257 account details. Whatever way you cut it, that's a lot of accounts. Thankfully, I only know the password to a couple of services (and have never known, and probably will never know my Facebook password, for example). I rely almost entirely on Password Safe to access my online accounts.

And here's the issue... So paranoid am I about losing my Password Safe database that I have it copied from my desktop PC to my Mac Mini (on a nightly backup). It is synchronised with my 8gb Freecom USB disk. It is then synchronised with my two laptops (one personal and one work) and it is copied to a secure location on a server I have in a data centre.

So, my precious information is stored in a number of locations. That's a few opportunities for the baddies to try to get it from me. What are the options, though?

Well, of the 257 accounts that I have, hardly any of them support some kind of federated security model. It is true that I can log in to some services using my Google ID or my Yahoo ID, but not many. OpenID? Again, hardly any of my service providers support this. In fact, it seems that I have THREE amazon accounts - one for purchasing; one for Affiliation and one for Amazon Advantage! (I may have an amazon developer account for their API, but can't remember!)

So managing my identity is a fairly manual process just now. Not the case, necessarily, for big corporations who can throw a Sun, Oracle or IBM Identity Management solution at their various data repositories. Could these tools be used "in the cloud" for web users? Would I want to pay for that? Could I host IBM Tivoli Identity Manager on a server on the net, build some connectors to the major websites (such as Facebook, Twitter, Google & Yahoo) for managing accounts? Could I, host a reverse-proxy on this internet-facing server which would provide me with a web-based single-sign on solution to these services?

Technically? Everything is possible. Is it likely? Not a chance... well... not yet. Too many companies are trying to gear themselves towards offering this terrific opportunity to be the master of identity related data but you've got to question why any organisation would want to do it. For your benefit? Not likely.

Maybe I'll build an IdM service just for me :-)