Convener: Laura Paglione
Abstract: IDPs of last resort: user-centric identity - unique challenges
Tags: Guest IDP, User-centric Identity
What are IDP's of last resort, what different models are available? What can Orcid deliver and what not, and is ORCID an IDP?
Survey of IDPs of last resort
What is an IDPs of last resort? – Concept of long lived identity, protected network,
There was a situation where an IDP started offering free identities for people who needed them, though after some time some IDPs disappeared.
Sample IDPs of last resort:
ORCID is a user centric system which allows the control of information shared with organisations and people while controlling trusted relationships with organisations.
LP: interested in discussion about the user / federations where an institution manages, is related to that person, how does it work. Does it replace the version of it?
Aud: Out guest identity provider is social, we are using social media as last resort.
I.e. Yahoo, in middle income countries / Mali / facilitate deployments with IDPs.
People don't have internet access in Africa, on research side – these are mainly doctors, medical personnel, scientific research staff, laboratory, many of these people are affiliated with local institutions (universities), but even they don’t have that infrastructure ready and we help them do that / also do this research in other parts of Africa.
Q: is this sufficient for your needs?
A: it’s not ideal.
We should obsess less about the fact that we keep multiple IDPs around, the notion that Google/FB are better or worse, for some of users it’s a safety thing, allowing people the choice on what identity they want to go with – I’ve been arguing that instead of trying to pick one you should make a history of your IDPs. We have many guest IDPs of last resort, that doesn't really work in global co-operation. We have no clue about local guest IDPs of last resort and will force user of using only one.
Also: we are focused on the 80/90 percent, for some this question is life threatening / this is what you should expect from unaffiliated, we should produce a list of IDPs of last resort
LP: FB/google identity – is there expectation for switching it?
- It is a common misunderstanding that people expect unification. People are usually not comfortable with using multiple identifiers.
Participant: we should allow the user to make a decision.
If that means we have to provide a little bit of structure around the IDPs, fine.
I wonder if, over time, what’s happening when people have only one loyalty programme.
Q: wouldn't your biggest worry be the liability of a password store? How am I protecting my password store?
Q: will ORCID be an IDP?
Tricky question, we are just identifier – why is this question coming up?
How do you stop people from acting irresponsible? -- You can't!
I.e., always provide an option, don't force people into a single choice.
Q: What can ORCID deliver? What not?
Q: Is ORCID an IDP?
When people say IDP there's a lot of implied meaning, and ORCID may or may not provide all of the components that people mean. Users can log in to ORCID and ORCID will provide the service with an ORCID identifier, but it isn't suitable for access to resources that require high level security.
Added later after session: InCommon IDPoLR Working Group Final Report (targets IDPofLR for research and scholarship, not general users) is at https://spaces.internet2.edu/display/IDPoLR/IDPoLR+Working+Group+Final+Report