Home

THE IDENTITY MANIFESTO

Helping to evangelise a more hygienic digital identity landscape.

WHY?

AN INTRODUCTION

 

 

 

Everyone has a digital identity - hopefully they still have control over it.

 

Access to most online services today, will require a digital identity. At its most basic, that could be a username and password. At its most complex, a huge array of attributes, containing highly personal data, preferences, history, associations and more.

 

Organisations are struggling to come to terms with the vast spectrum of digital identity demands being thrust upon them.

 

The Identity Manifesto aims to provide a simple framework upon which identity and access management programmes can be compared.

WHAT IT IS

12 Point Plan

 

Many of the early 20th century manifesto's - inspired by the likes of Filippo Tommaso Marinetti's "Manifesto of Futurism", take only 10 to 12 steps in order to gain a utopian mindset.

Dynamic Living Thing

 

The Identity Manifesto is a living organism. Like most technologies, it must adapt to stay relevant. This initial introduction is there to be challenged and changed.

Community Owned

 

Whilst conceived and created by an individual, the manifesto should be owned by you - the technical identity community - through absorption of the best ideas and contributions.

THE MANIFESTO

 

 

 

#1. A Digital Identity As Currency

A digital identity is a valuable object and should be treated like currency that can be applied to a person, a physical object or a piece of data

 

#2. A Container for Multiple Attributes

A digital identity can be made up of multiple attributes from different sources, but must contain at least one unique attribute for each specific domain the identity operates in

 

#3. Cohesive, Modular Relationships

A digital identity will have static and dynamic relationships to other identities, things, services and data, which should be defined by clear interfaces, that are modular and cohesive

 

#4. The "Coincidence of Wants"

There must always be an economic "coincidence of wants" with respect to the providing of identity attribute data to a service provider, API or application

 

#5. Consistency of Systems

An identity authentication or authorization system must operate consistently for different users, devices and contexts

 

#6. Persona Representation

An identity could be represented by many different personas, where a persona is a collection or subset of attributes, bound to a single identity by a shared attribute, with a persona potentially represented by a device

 

#7. Identity Data Ownership

An identity must have a data owner, with that owner having full control of what attributes it discloses to other services, with an explicit ability to revoke previously disclosed attribute data, whilst also knowing which systems currently hold identity data

 

#8. Identity Data Custodianship

An identity can have an attribute custodian and that custodian must uphold the confidentiality, integrity and availability of the data at all times

 

#9. Broad Spectrum Analysis

An identity authentication or authorization system should make decisions based on data other than that of the identity

 

#10. Transparent Implicit Sharing

Implicit sharing of identity attribute data, must be transparent to the data owner - If A shares to B, B cannot share to C without transparency to A.

 

#11. A Right (or not) to be Forgotton

Before an identity is created, transparency surrounding a right (or not) to be forgotten must be made to the identity data owner

 

#12. Modern Open Standards

An identity authentication, authorization or storage system must be based on modern open standards wherever possible

Created By: Simon Moffatt - 23rd July 2016

 

Last Updated: 14th October 2016

 

Reviewed By: Scott Forrester, Brad Tumy, Paul Walker, Zia Hayat, Andy Hall

 

Inspired By: Kim Cameron's 7 Laws of Identity & The 12 Factor App.

© Copyright 2016. All Rights Reserved.