DIDW: Higgins Framework
Came in a bit late…
Trends:
Productivity is achieved through the integration of people with business process
Need to preserve privacy
Information about individuals is growing in different silos
New framework for IdM that is user-centric
Enables dynamic, automatic capture of people information from disparate information repositories
Facilitate integration with diverse identity management systems
Ease management of identity, profile, reputation and relationship…
IdM has poor tooling for developers. Higgins uses only one API and has plugins to CardSpace, OpenID, RSS, XRI, LDAP, etc. Other connectors can be written since this is open source
For end users, they get consistent user experience using visual “i-cards”, Privacy-enabled claims to share only what is needed (and protect private information)
They also get personal information “link and sync” services
- remembers passwords, fills in forms
- links and syncs your info across silos
- gives you more control over your personal data
End users get an Identity Metasystem
- Identity attribute service to federate this information between multiple systems and silos
They also get privacy and move from attributes to claims. Attribute is bank balance = $100K, claim is bank balance is > 20K. [SJC: Claims seem far more privacy friendly]
For enterprises they get integrated identityt, profile, reputation, and relationship information across and among complex enterprises.
Enterprises also get privcay there as well. Give users the ability to control more of their info. Employee satisfaction.
Implementation. Targets for 1.0
Packages for RPM and Debian: Suse, Red Hat, Debian, Ubuntu
OSX
Windows
Eclipse plugins
Protocols: WS-*, OpenID-H, LDAP, RSS-H
Language bindings
Java, C (core components)
PHP, Python, Ruby (relying party enablement)
Industry Collaboration
Higgins enables Interoperability, Privacy, and a user-centric foundation
Moderation Portion Begins
Phil Becker - moderator
Q: How is this related to eclipse?
A: Started out looking for tooling for identity information and the core data mapping information, CardSpace as a back end. Then started to look at various platforms and how to get CardSpace to work on multiple OSs.
Phil: So you have the developer framework / plugins, open source client piece, and service layer.
Q: Does this achieve CardSpace compatibility? Or CardSpace + extra stuff.
A: Yes, same user experience.
Q: Are there still obstacles on the IP front now that MS has opened up things from an IP front?
A: The MS announcement was great, but there are still some possible IP obstacles.
Q, Audience: What is version 1.0? How do you go from release to getting in front of the end user.
A: We’re working with the platform vendors, good cooperation from Linux folks, we’ll release the CardSpace equivalent client but also the underlying libraries to make your own version of this thing.
Q, Audience: We have 5,000 applications built around identity being in a corporate directory. If we want to move this directory out of the way to put some smarter federation-enabled service in between the app and the directory. What does the enterprise do here?
A: Working to implement plugins for Higgins, allowing consistent view-pulling this information together.
Q, Audience: Trusted chips are on PC motherboards now, how are you going to use them?
A: TPM is definitely something we want to use to acquire data. It would be a context provider like other systems. Token server could also store keys there as well.
Q: IAM, ISVs are both vying for the same customers but things are challenging because you need to pick on IAM vendor which locks you in. Or I could build in a SAML based middleware layer. What I hope is that Higgins gives a path to abstract things from a given IAM, ISV vendor. Does this seem reasonable?
A: It does exactly what you are describing. App developers have to code to specific LDAP, AD, etc. to do authentication. If the app developer supports higgins, then plugins can map this functionality to nearly anything.
Q: What about Jazz in Java?
A: Yes there will be a Jazz module.
Q: Developers may not support it as they don’t do exactly what they want?
A: We think of cardspace as an application we need to support. The best way to test frameworks is to run apps from the top all the way through to see how it works. Testing 2-3 different apps for the 1.0 release. You might also imagine identity management systems based on this technology. Novell is building on top of Higgins, etc.
Q: After 5 years, Liberty is very agnostic and does a lot of what are you trying to do. Why are you reinventing the wheel?
A: This is apples and oranges. Liberty is specifications and protocols, higgins is code and APIs. We plan to work closely with Liberty and WS-*. Higgins plans to reuse Liberty stuff to the extent they can but they are market driven.
Q: Every new app has a user database. Is higgins a good thing for them to use instead of doing their own user management?
A: Yes, use Higgins and the job is easier.
Technorati Tags: identity, Identity 2.0, Infocards, higgins