Idea: Web based Identity Management incl. Online Schedule

Here's an idea I've had on the boil for a little while...

In the corporate computing environment, computer users (ie: all employees!) have many systems to access (e-mail, web, file systems, documents, databases, applications, etc etc etc). There is a concept of an overall "identity" for a user, which is the totality of the things that person needs to access (so security they need), and could also in my opinion incorporate all the "addresses" they have in the system. For instance, a typical user might have an email address, a messenger account or some other IM presence, a (Outlook based or similar) calendar/schedule, outlook or other system based Contacts, a piece of networked filesystem where they can store their documents, plus a profile of username/password combos (ie: accounts) in an array of systems (ie: a security profile) defining what they can and can't do in what is usually quite a heterogenous environment.

In the greater computing environment outside the corporate castle (ie: the internet), and the non-computing environment (ie: the world), users (ie: people!!!) have lives and interactions, and have these same kinds of things; schedules, contacts, email, phone numbers, files, systems they can and can't access, etc etc. But in this environment, it's anarchy, with each person having their own quixotic combination of services to which they subscribe, methods for accomplishing things, contact points ("addresses" in a broad sense), etc. Each person has, in the systems sense, a complex and unique "identity", in part chosen by themselves (like what services they use, how they use them), in part chosen by others (such as whether company X is willing to give person Y access to service Z).

This real-world identity, of which the corporate identity (for corporate employees) forms a significant part (eg: people often use their work email for personal purposes), is increasingly difficult to manage, and in some areas there is no good solution, so people are stuck with shitty ones.

For example, people now can have many email addresses, multiple phone numbers, many IM addresses, lots of accounts (hundreds sometimes!) on lots of websites each with their own username/password combo. So that approaches unmanageable, and people have to limit the services they use, or compromise security (eg: using the same username/password combo everywhere) to cut down the complexity.

As examples of "identity" components with no good solution, a person's files are an ongoing drama. You have files at work, at home, on some websites, etc, but unifying your access to them is pretty much impossible, without drastically limiting your identity (eg: only ever using the one computer). Also, Contact management and Schedule/Calendar management become an ongoing nightmare in the increasingly distributed computer environment. People have their contacts and calendar on their PDA, on their phone, on their work system, maybe at home, all trying to sync up, almost successfully.

There are partial solutions to these problems. For example, nerd keys (those USB file storage keys) are a way to move files around more easily from one environment to the next. Contacts can be coped with by restricting oneself to a primary machine (say a PDA). But these are fraught (what if you lose that nerd key, or it fills up? What if you lose that PDA?).

I think there's a space for more all-encompassing solutions. If you look at identity as a whole, all the pieces have solutions of one kind or another, but the bigger picture of managing all of that stuff is still totally out of hand.

Personally, I love a chaotic environment; orderliness crushes my soul. Also, I'm a software developer, so I swim pretty easily in the murky ocean of IT. But even with this kind of crazy personality, I still find it is becoming harder to personally manage all this stuff, and it'd be cool to solve it somehow.

Also, I find personally that I love the freedom of the hereogeneous internet, it's my favourite place in the world. The idea of being centrally managed, even by myself, really triggers panic buttons for me. So any solution that I can personally live with had better not restrict me, or it can go get f&*ked.

Urm, back to the all encompassing solution, being conceived by an anarchist...

What we need I think is some kind of representation of our "identity", a helper, that can unify this stuff enough to alleviate the burden without being restrictive.

What are the elements of the problem that needs solving? I think they are:
- We use lots of devices (phones, PDAs, laptops, home computers, work computers, library/internet cafe computers, ...)
- Some of these machines restrict us in what we can do (eg: Work machines, public machines).
- We have broad, complex "identity" profiles (all our phone numbers, web addresses, email addresses, accounts with websites, accounts at work, accounts at home, services we use) that need to be as accessible any place as any other place, where that is reasonable. It may not reasonable to expect to access your workplace's confidential computer system from an internet cafe, but it might be reasonable to expect to be able to access your schedule, your contacts, and maybe your personal files, from any access point.

Any unifying system needs to be broadly accessible. I'll assume it is primarily web based, as that will cover almost all needs. Offline access might be achieved with some kind of caching mechanism, or with special clients that talk to the system using other protocols (eg: maybe a WAP interface for retarded WAP phones), but in general I'll assume you can manage a browser from pretty much anywhere. Where you can't do that today, you will be able to in the future, and faster than ever before.. the options for connectivity to the web are growing at incredible rates.

From the preceding, a web based identity management system would need to do some or all of these things:
- Store private information, such as contacts, usernames/password, etc etc, so they are easy to lookup, or in some cases so they can be applied automatically without the user needing to retype them (like logging into a secure website using stored authentication details)
- Store a public profile, giving visitors access to details like email address, phone numbers, whatever parts of their identity a person wants to make public.
- Provide a file store, that files can be uploaded to and downloaded from. Along with clever desktop software or other similar solutions, this could turn into a synchronised store on each trusted machine (work comp, home comp, PDA) that the person wanted to nominate, and could be used ad-hoc elsewhere.
- Provide a schedule, which has the following features
- the person may update that schedule and view the schedule as required
- Other people could be given partial access to the schedule, with whatever necessary degree of granularity, so some could see part or all of it, some may be able to update it (eg: book appointments), some may not be able to access it at all
- The schedule should be able to deliver notifications to phones, PDAs, computers, etc, via protocols like email, sms, IM (?), paging (?), etc
- The schedule should be able to sync with local schedules (such as a corporate exchange users' workplace schedule) via their PC, not requiring integration by the workplace's IT people. eg: it should be able to communicate in both directions with Outlook running on a desktop PC. This may require manual action by the person, eg: opening the identity management website and logging in, opening outlook, then pressing a "hotsync" button in the website.
- The site could provide facilities such as email, web hosting, blogs, whatever. However, these are already commonly available, so it would be far more important to allow easy integration/access to external facilities. For instance, a hotmail user should be able to configure their "identity" so there is a button on their main page that says "hotmail", and pressing that button logs them into hotmail and opens it in a new browser window. Similarly with blogs, rss readers, web site editing/hosting, news posting, whatever. There are great solutions to many of the identity problems out there, and the aim here is to make them easier to manage as a whole, not to replace them.


I'm running out of steam here, and I've got heaps of other stuff to blog. I'll come back to this.

One final note: this looks like the Web Portal concepts of the 'net boom of the late nineties. It's similar, but I don't think they ever worked out why their portals would be useful to people, and desperately threw news, weather and sports info at people. Personal identity management is a strong concept online, not addressed, and can end up being an indispensable service online eventually.

Eventually *all* of our user computing will be online, and the GUI interface will be about serving up a browser and not much more. Yes, the NC dreams of the 90s will happen, are happening, they are just taking a while to come together. This personal identity management is one cap in that multidimensional arch.