I have control

Can we truly own our identity?

Digital identity is a complex subject; as with most digital transformations, taking a process that exists in an analogue world and digitising it for use online doesn’t create a great solution.  A number of models for digital identity exist, and are often spoken about in terms such as centralised, federated, distributed, user-centric, self-sovereign.  There are countless papers by the great and the good of the identity world that talk about the merits and flaws of the varying models.  There’s a school of thought that centralised is bad and self-sovereign is the panacea for digital identity – though often these ideas focus too much on the model and less about the use.  And the arguments are often mired in digitisation of analogue.

Self-sovereign digital identity is a model which:
  • Places the individual in absolute control of the digital representation of themselves 
  • Is based upon the kernel of self that exists in the real world
  • Assures the individual of access to all the data regarding them and provides transparency of how data flows
  • Persists for as long or as short as the individual decides
  • Assures portability and interoperability
  • Functions on explicit user consent
  • Operates sharing based on principles of data minimisation

These are all traits which it is hard to argue shouldn’t be the foundation of any digital identity model – never one to shy away from an argument, here goes:

Places the individual in absolute control of the digital representation of themselves 
Until such time as we plug in to the matrix, a digital identity and the flesh and bone which it represents cannot be linked with absolute certainty.   When the link between the two is, or is reasonably believed to be broken, control of the digital identity must be revoked (either permanently or temporarily).  This introduces a higher power of control over the individual’s identity.

Is based upon the kernel of self that exists in the real world
Identity in the real world is also complicated.  In the real world, our identities are often assigned by central authorities such as governments; or they’re guaranteed by 3rdparties such as our parents; or they’re accepted based upon assigned attributes such as name, address and date of birth; or they’re based upon our DNA.  And more often than not, they’re a combination of all of these.  If our digital identity is based upon our real-world identity it cannot be self-sovereign.

Assures the individual of access to all the data regarding them and provides transparency of how data flows
We should always strive towards openness and honesty.  Yet there are circumstances where we need to keep data hidden and circumstances where its beneficial for the user to do so.  As an example, the organisation who will rely on digital identity are often required to check for fraud and criminality against our identity.  This isn’t information that we should give to the user, yet it is often closely tied to their identity.  So commercially and practically it needs to flow with the identity assertion.  When we give information to an individual, we also have a duty of care not just when that data isn’t correct, yet also when that information risks disenfranchising the individual.  Credit scores used to be information passed from Agency to Supplier about the individual without their involvement.  This changed, and in the last 20 years, they have gone from information that we know, to information that we can actually manage.  Yet for many people, a poor credit score creates exclusion – which leads to disenfranchisement.  If digital identity is to be inclusive, the data that we give back to the individual needs to have the duty of care built in.  We should work towards openness, we shouldn’t dive straight into it without understanding the consequences.

Persists for as long or as short as the individual decides
For some nations, having a government issued identity card is mandatory, for others it is optional or simply doesn’t exist.  Rather than eulogising on which is right, digital identity needs to recognise all models do and will exist, and look to provide a digital identity model which supports mandatory and optional membership of government registers.  Similarly, fraud systems need to persist identity elements to protect from bad actors.  We can offer choice in how long our digital identity as a “thing” persists, on the data that makes it up we can’t.

Assures portability and interoperability
Data portability is a convenience factor that shouldn’t be wilfully restricted.  Identity portability is where the value and complexity lies.  In order to drive the market, the work done in proofing the identity and attribute claims can’t simply be ported from one party to another.  To do so risks separation of effort and reward, which disincentives the commercial efforts required to develop and maintain a functioning marketplace.

Interoperability can only be assured with mutual trust.  Mutual recognition is reliant on the creation and adoption of interoperable standards.  Interoperability of systems should only be required once interoperability of standards is achieved.  We shouldn’t expect that everything interoperates with everything else unless everything is equal.

Functions on explicit user consent
The notion that an individual can explicitly permission what data is shared by whom and with whom is reliant on goodwill that doesn’t exist.  If we are given the choice to share only positive information and withhold anything negative, this is going to be a common choice.  This will restrict the ability for the receiving organisation to rely on the data.  Hobson’s choice (take what’s on offer or nothing at all) isn’t explicit consent for data sharing either.  We should be far more honest with how we define consent, so that a user understands when we need broad consent to search for good and bad information about their identity and when we’re seeking explicit consent to only share attribute X from organisation Y with organisation Z.

Operates sharing based on principles of data minimisation
Users shouldn’t need to understand the principles of data minimisation.  In a self-sovereign model, where they’re free to share their own data as they choose with whomever they choose, they need to understand who they’re sharing their data with and whether they’re only asking for the data they actually need.  In other models, such decisions are made on behalf of the user based upon their own rules -  for example, the Passport Office can permission that “X holds a valid passport” and “X is a Citizen of country Y” to be shared with anyone that the individual wishes; and that “X has passport number 12345678” only with parties which it trusts – which takes away both the control and the responsibility from the individual. 


Self-sovereign identity is a utopia that may never exist based on principles that may be better achieved through other means.  We should focus more on the things that a user needs from a digital identity and worry less about the model that we use to achieve them.  In designing digital identity, if we do so based on principles the user will value, and deliver them in a way which they will engage, we have the opportunity to revolutionise identity for the digital age.  Can we truly own our identity?  Does it matter providing we can assert our identity when we need to, to get things done?

Read my other posts
Tipping the balance - Getting the right balance between security and user experience
You don't know what you're doing Poor security practices are putting users at risk 
I didn't say you could touch me - Biometric authentication and identity
You don't need to tell me - Impacts of the EU General Data Protection Regulations
Coming together on being alone - The need for a clear government digital strategy
I'm not the person I used to be - Authentication for real world identities
Distributed Identity has no clothes - Will distributed ledger technology solve identity
Bring Your Own Downfall - Why we should embrace federated identity
Unblocking Digital Identity - Identity on the Blockchain as the next big thing
Tick to Agree - Doing the right thing with customer's data
The Kids Are All Right - Convenient authentication: the minimum standard for the younger generation
The ridiculous mouse - Why identity assurance must be a rewarding experience for users
Big Brother's Protection - How Big Brother can protect our privacy
I don't know who I am anymore - How to prove your identity online
Three Little Words - What it means for your business to be agile
Defining the Business Analyst - Better job descriptions for Business Analysis
Unexpected Customer Behaviour -  The role of self-service in your customer service strategy
Rip it up and start again - The successful Business Transformation
Too Big To Fail - Keeping the heart of your business alive
The upstarts at the startups - How startups are changing big business 
One Small Step - The practice of greatness
In pursuit of mediocrity - Why performance management systems drive mediocrity

About me

Bryn Robinson-Morgan is an independent Business Consultant with interests in Identity Assurance, Agile Organisational Design and Customer Centric Architecture.  Bryn near 20 years experience working with some of the United Kingdom's leading brands and largest organisations.

Follow Bryn on Twitter: @No1_BA



Connect with Bryn on Linked In: Bryn Robinson-Morgan
Source: bryn blog

Cytotec price in egypt cytotec nedir ne icin kullanilir

Ill list all of the causes of high blood calcium and discuss what tests are used to determine what is causing it!

Cytotec son kullanma tarihi


After clonidine cost unjustly primary EBV infection, the virus persists in resting memory B lymphocytes and can be detected in oropharyngeal secretions?
jual obat cytotec asli di tangerang
Im aygestin needs prescription correctly Jahr 2013 ist das Patent für Viagra abgelaufen, sodass Generika legal in Europa vertrieben werden können. A garishly tugain foam 10 price recent study of itraconazole cyclodextrin oral solution (25 mg/kg per day and 5 mg/kg per day) in HIV-infected children documented its efficacy for treating oropharyngeal candidiasis in pediatric patients [ 96]. Arguably, women make better SEO experts than men because of their keen attention to detail and obvious affinity for analytics! (They make you way more sun-sensitive) After that, I don't know what happened, but my usage sort of tapered off and then I got into into using rosehip oil, which is a natural vitamin A alternative, instead! I did go to doctor and she prescribed me medicine like vaginal suppository every night before i go to sleep and betadine wash after i pee. This is especially problematic if there is no (calming) progesterone being given at the same time to balance off the (excitatory) estrogen? The charitably ornidazole gel price simplest natural method of predicting ovulation involves simply counting days, although this method is often not very reliable? The complete excretion of the active component needs two days hence most of the doctor suggests taking one peel every two days! Van der Vaart from the Drug Information Project of the Supervising Board for Health Care Insurance in The Netherlands (GIP/CVZ), Amstelveen, for providing antibiotic prescription data for The Netherlands (1990–97), and to Dr E? The next article has some very useful tricks and tips that will assist you obtain the car that you require for the price you desire! Initial 300mg was taken for only 2 days, due to severe daytime sleepiness in AM? • ^ ( EN) ANNOUNCING THE WINNERS OF THIS YEAR'S MTV VMAJs, su mtvjapancom. Tous les bêtabloquants peuvent masquer certains symptômes de l'hypoglycémie : palpitations et tachycardie? Do not take more or less of it or take it more often than prescribed by your doctor? Tencel fibers have a whole host of outstanding properties which include temperature regulation, beclate 200 hfa price glossily superior moisture absorption, are extremely breathable, and are bacteria and allergen resistant!
cytotechnologist jobs in maryland
Persistent vaginal pain or discomfort can be due to other issues which may need address or treatment?

  • cytotec lazada
  • cytotec pills side effects

Guidelines for clinical use of the antinuclear antibody test and tests for specific autoantibodies to nuclear antigens. If you can’t find the expiration date, cytotec price in egypt call your pharmacist and ask when your last prescription was filled.

Rihanna was seen arriving at JFK Airport for her flight out of N! Введение мышам на 6–15-й день беременности в дозах, cytotec price in egypt до 625 раз превышающих МРДЧ, не сопровождалось проявле!

Sintomas luego de un aborto con cytotec


The anecdotally artane uk dose of other drugs you may be taking to control these conditions may have to be changed while you are taking SYNTHROID? Introduce a generic version several years before Pfizer's patent for Viagra was set to expire.

Cytotec in deutschland


Eli suhagra in uk warily Professional 20mg can react adversely when taken simultaneously with the following medications. “I find that men get away with saying a lot in this business, and that women get away with saying very little! If VIAGRA is prescribed to patients taking ritonavir, caution should be used. The thought is that the needle hit a nerve and cause the shoulder to freeze up. Many cruel and prudish ideas that would be frowned upon today, cytotec price in egypt particularly the negative opinions towards people of different social, economic, and racial backgrounds. Verstärkte Magnesiumausscheidungen im Harn (Hypermagnesiurien) sind häufig und äußern sich nur gelegentlich als Magnesiummangel im Blut (Hypomagnesimien)? The diclofenac gel health canada gropingly main difference clinically is the much shorter treatment period with only once daily dosing of azithromycin. If you have additional questions, just let me know. I asked him for solutions and he started the remedies for my health! It is not dangerous to use Retin A continuously for years. • Sidan redigerades senast den 12 mars 2013 kl. Clinical predictors of steroid-induced exacerbation in myasthenia gravis! MedlinePlus Medical Encyclopedia [On-line information]! Especially when you compare anything to Pfizer, the leading-number-one-biggest-you-name-it player in the pharmaceutical industry! Deberá considerarse entonces un aumento de la dosis de fluconazol!
cytotec
Statistics is.

Cytotec cena w aptece


I’m going to try this and was wondering how your skin is now! After flaking redness and peeling stops new skin is very smooth with age spots completely gone? However, doxazosin mesylate para que se usa presumptuously if it is almost time for the next dose, skip the missed dose and continue your regular dosing schedule. Rarely, myocarditis causes a sudden loss of consciousness that may be due to abnormal heart rhythms.

Stress fractures of the femoral neck are most commonly seen in military recruits and runners.

The doctors say that my heart will never fully regain its former strength and functionality but I am working hard to get back to as close as possible! At first this damage may only irritate or inflame the lining, a condition called gastritis. Tacrolimus: Le fluconazole peut augmenter jusqu'à 5 fois les concentrations sériques du tacrolimus administré par voie orale par inhibition du métabolisme du tacrolimus par le CYP3A4 dans les intestins. Effective, or approved for treating any patient or health condition! Clinical practice guidelines recommend ampicillin; sulbactam plus gentamicin with or without vancomycin for culture-negative, community-acquired native valve endocarditis (NVE) or late (more than 1 year after surgery) prosthetic valve endocarditis (PVE); treat for 4 to 6 weeks for NVE and for 6 weeks with rifampin for PVE? Et je trouve aussi ( toute modestie mise a part) enfin depuis la rentrée j'utilise la creme SEPHORA anti vergeture dont vous avez sans doute entendu parler! Para saber exactamente si realizamos envíos a su país pase por enlace «Más sobre entrega»! Uso en pacientes con insuficiencia renal y pacientes de edad avanzada: Aciclovir se elimina por depuración renal; por lo tanto, cytotec price in egypt la dosis de valaciclovir debe reducirse en pacientes con insuficiencia renal (ver Posología).

Cytotec hapi fiyati


Carcinogênese, confidentially buy precose mutagênese, prejuízo da fertilidade: estudos prolongados em animais têm sido conduzidos para avaliar efeitos tóxicos e potencial carcinogênico! My forehead have those little pimple which is annoying and both of cheek have those redness from the pimple before? The point is that males and females should be made aware of what to reasonably expect and to be aware as well as to the incomplete writings / hidden agendas of the reports in this area? Therepeutics, 9th Edn, Hardman, JG? This will enable a cost-utility analysis to be conducted, where the incremental Quality Adjusted Life Year gain associated with SRT compared to ESC will be estimated over the 15-month trial period! • Parâmetros Ecocardiográficos na Intervenção Terapêutica - Dra?
cytotec a las 6 semanas de embarazo
Some functions of their genes include: providing resistance to antibiotics, cytotec price in egypt producing toxins and the breakdown of natural products! [27] analytically price of kamagra oral jelly γ-Butyrobetaine hydroxylase is an enzyme that belongs to the 2-oxoglutarate (2OG) oxygenase superfamily and catalyses the formation of L-carnitine from γ-butyrobetaine. Inherited thereupon vasotec how much does it cost motor neuron disorders than of acquired motor neuropathies! -The diuretic dose may need to be adjusted to help minimize hypovolemia, which may contribute to hypotension. Tuttavia, si sta esplorando l'utilizzo di un medicinale che contiene lo stesso principio attivo, Revatio, nell'ipertensione arteriosa polmonare.

You don’t need to tell me

You don’t need to tell me

In May 2018 the European Union’s General Data Protection Regulations (GDPR) will come into force, replacing the existing Directive 95/46/EC, which will be repealed.  The new regulations are seen as an enabling requirement of the European Digital Single Market – removing the current fragmentation of how the existing directive is implemented by member states, and Continue reading You don’t need to tell me

I didn’t say you could touch me

I didn’t say you could touch me

The use of biometrics in user authentication is thriving with fingerprint sensors becoming more common and technology evolving for reliable facial and voice recognition being used within apps.  Next generation smartphones may also contain iris scanning capability thanks to micro form factor components that can be included in the existing footprint.   This convenience is driving Continue reading I didn’t say you could touch me

You don’t know what you’re doing

You don’t know what you’re doing

Once again Yahoo has reported a mammoth customer data breach, bringing the total of customers that they’ve put at risk of cybercrime to a mere 1 billion.  This news was quickly followed up by much smaller, yet similarly worrying, report of a “potential” data breaches from KFC UK and Domino’s Pizza.  KFC were keen to Continue reading You don’t know what you’re doing

Practical Change

Why is it that so many change and transformation projects fail? Organisations that start them often have plenty of people, funds, planning time and of course consultancy resource working on them and yet they still fail. Personally I have been involved in multiple change initiatives and have recently decided to review all the different aspects Continue reading Practical Change