Packet #2 Imagine you are working on a research paper about digital identity and issues with online privacy. Read the three information sources that follow this page and keep the CAARP model in mind as you review each source. Remember: C = Currency A = AuthorityA = Accuracy R = Relevancy P = Purpose For the third and final source you will see the address (URL) of a website. Click on that link to be taken to a website. Please review the website as a whole for your third and final source. To complete your assignment, go to: http://library.uncw.edu/instruction/UNI_library_assignment. Login at the bottom of the page and follow the directions to answer questions about each information source.

JOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY, 56(4):364–372, 2005

Received August 22, 2003; revised February 20, 2004; accepted February20, 2004

© 2004 Wiley Periodicals, Inc. • Published online 20 December 2004 inWiley InterScience (www.interscience.wiley.com). DOI: 10.1002/asi.20112

Digital objects or entities present us with particular prob-lems of an acute nature. The most acute of these are theissues surrounding what constitutes identity within thedigital world and between digital entities. These areproblems that are important in many contexts but, whendealing with digital texts, documents, and certification,an understanding of them becomes vital legally, philo-sophically, and historically. Legally, the central issuesare those of authorship, authenticity, and ownership;philosophically, we must be concerned with the sorts oflogical relations that hold between objects and in deter-mining the ontological nature of the object; and his-torically, our concern centers around our interest inchronology and the recording of progress, adaptation,change, and provenance. Our purpose is to emphasizewhy questions of digital identity matter and how wemight address and respond to some of them. We willbegin by examining the lines along which we draw a dis-tinction between the digital and the physical context andhow, by importing notions of transitivity and symmetryfrom the domain of mathematical logic, we might attemptto provide at least interim resolutions of these questions.

Introduction

In this article we confront an issue that is of immense sig-nificance to an immense range of people, from archivistsand librarians, to philosophers, historians, and lawyers. Theissue in question is how we should present, and attempt toresolve, the difficulties surrounding the identity of digitalobjects or entities; more explicitly, how we would identify adigital object as being the object it purports to be and thecriteria we would need to establish if we are to re-identify itover a period of time. Broadly expressed, our claim is thatthe normal identity criteria for identity between physicalobjects with, possibly, physical properties, fail in the digitalcontext when we are dealing with objects with a dubiousontology. We will demonstrate this failure, clarify why it isa serious problem, provide a formulation for one way of

making sense of it, and show what can be gained by thisformulation.

In much discussion of the digital environment, terms areused without any clear definition of their meaning and claimsmade with little attempt to explore technical and intellectualconstraints. As the environment matures, the preservation ofdigital objects is crucial to sustainability. Fundamental toany reuse of such entities (from reference shortly after cre-ation to examination in a hundred years’ time) is an under-standing of the nature of their identity and how that mightdiffer from the familiar physical world.

We would argue that digital objects or entities present uswith problems of an acute nature that must be resolved be-fore preservation strategies are adopted that purport to de-liver objects which are equivalent to originals. The mostchallenging are the fundamental issues of what constitutesidentity within the digital world and between digital entities.Although commentators such as Rothenberg (2000) havedrawn attention to the need for authentication from “a givenlegal, ethical, historical, artistic or other perspective”—exogenous attributes—few have been concerned with theinternal logical relations that hold between objects and indetermining the ontological nature of the object. In thephysical world, notions of chronology and the recording ofprogress, adaptation, and change are taken as read; we seekto bring these notions to the digital.

We do not pretend to provide a solution. Indeed we wouldcontend that part of the problem is a quest for instant solu-tions that took hundreds of years to evolve in the physicalworld. What we want to do is to draw attention to factors thatmake it difficult to sustain claims for authenticity borrowedfrom the physical world where well-understood forensicanalysis can detect alteration.

What Matters?

To disclose the depth of the problem, we must first lay outthe much more familiar territory of physical documents andtexts that are used to provide proof of transactions, from thetrivial purchase of a train ticket to serious matters like thedeclaration of war. Such documents are produced to certifythat transactions have taken place; that I have, for example,

Digital Identity Matters

Arthur Allison, James Currall, Michael Moss, and Susan StuartHumanities Advanced Technology and Information Institute, Room 503, 11 University Gardens, University ofGlasgow, Glasgow, G12 8QQ United Kingdom. E-mail: s.stuart@philosophy.arts.gla.ac.uk

JOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY—February 15, 2005 365

purchased a house or piece of land and that, beyond all rea-sonable doubt, it now belongs to me. It is usual that certifi-cates of this kind are drawn up in such a way as to ensurethat there can be no doubt as to their authenticity and mean-ing. A train ticket will include a date to show when it waspurchased and a number indicating where and from whichdispensing machine it was purchased. It will be printed onpaper or card of a specific size and shape, which is commonto the train operator. It will state the extent of the journey andthe conditions governing the journey. Taken together, all ofthese features allow railway officials to tell, often at aglance, that the ticket is genuine. Documents which supportmore “significant” transactions, such as the purchase of landor the birth of a child, follow similar but often more rigorousprocedures to ensure their evidential value but, like the trainticket, they have a form that can be recognized without nec-essary reference to any form of deep content. A legal docu-ment will be drawn up using a specific form of words com-mon to the relevant jurisdiction and will be certified asauthentic usually by witnesses appending their signatures,which can themselves be witnessed as authentic.

To be valid and to guard against accidental loss andforgery, many documents are engrossed in registers held bythe appropriate authorities with holographic copies held bythe other party to a transaction. The process of creating,maintaining, and caring for registers has grown up over along period of time and is designed both to obviate the riskof fraud and to safeguard the guardians themselves from ac-cusations of fraud. Entries and pages in registers are usuallynumbered so that removal can be easily detected. Alterationsare often witnessed by initials, and entries can be signed off.It is commonly accepted that the “original” document is theversion that is witnessed or engrossed—certainly not draftsor copies. Copies can be accepted as original, providinglegally binding processes for creating holographs are inplace. Registered documents can be locked up in a secureplace where they will remain until opened. Even if the micehave been busy or all the parties to the documents are dead,it is usually possible from their form to be certain of their au-thenticity to a reasonable and legally acceptable degree.

For many sensitive documents, creation and custodian-ship are separated for exactly the same reasons that front-and back-office operations are segregated in commercialtransactions. The function of the custos is to take care of thedocument as a trustee for the public good, guaranteeing thatit cannot be tampered with and only permitting authorized,supervised access, if at all. It is the duty of the custos to pro-duce the document as evidence if required and to object to itssubsequent alteration even by the creator without dueprocess. The custos usually has the expertise to recognizethe authenticity of a document from its tokens, the materialon which it is held, its form, the character of the printing orwriting, and so on, or if there is doubt, from whom to seekexpert opinion. Even today, where custodianship has beendelegated by juridical officials to archivists who insist onparticular environmental conditions for storage, the activityof securing the document has changed little since Roman

1“[A]udio quid ueteres olim moneatis amici, ‘pone seram, cohibe’. sedquis custodiet ipsos custodes? cauta est et ab illis incipit uxor.”

times; they are still physically locked away and access con-trolled by agreed procedures.

There is the abiding issue of who is to be the custodian ofthe custodian, as Juvenal in Satire VI 346-8 (Duff, 1970) sotellingly pointed out nearly two thousand years ago when hewrote: “I hear all this time the advice of my old friends: ‘Puta lock and keep your wife indoors.’ Yes, but who will guardthe guards themselves?”.1 There may not be cunning wivesor perhaps husbands trying to seduce archivists to escape,but there are plenty of cunning people keen to seduce themto get in so as to alter the record. This problem has been ad-dressed by putting in place procedures within the archivethat are independent of the documents or registers that makeinterference easy to detect when combined with the tokensfor authentication employed by the creators. The materialalone can often confirm substitution and breaks in catalogu-ing sequences removal. It is axiomatic that the custodes can-not on their own authority destroy or cancel documents andregisters, but they are required to do so and to certify that ithas been done. In other words, there has been no change infiduciary responsibility or in the way it is discharged.

There have been two notable changes in recent years: thefirst is the sheer volume of documents which now need to bestored in this way, reflecting the growth in individual rightsand expectations; and the second is the manner in which theinformation, the content of the document, is stored. All fi-nancial institutions are now expected to retain “know youcustomer” (KYC) forms that record the process of any saleof a product. Failure to do so and to follow recognized pro-cedures may result in heavy penalties. Many organizationsout of convenience have opted for electronic solutions, andmoreover, the courts have taken the logical view that a doc-ument created electronically is the “original” and not theprinted or holographic representation. This has happenedwithout considering the implications for established modesof custodianship. It is impossible to apply the concept of“locking up” with a key to the electronic environment, andthe custos should be reluctant to accept the fiduciary respon-sibility of guaranteeing that the document cannot be tam-pered with. The use of electronic devices raises serious ques-tions not just about guardianship but also about form. Forexample, the contents of a KYC form will probably be heldin a series of tables in a database and only displayed as aform for convenience. The content is only held in the formwhile it is being completed or viewed, but it can also beviewed in other ways that can include other informationabout the individual, such as their credit rating, which is noton the form but is held in the database. Moreover, the con-tent itself is not held within the database as a set of relatedcharacters but in binary code, and, what is more, the way theKYC form appears on screen is software and hardware de-pendent. This can have a significant effect, not only on theway that it appears, but also on its content.

366 JOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY—February 15, 2005

2We encourage the reader to consult Cantwell Smith (1996) in relationto this important issue.

3The conjunction of the two, rather than the former principle by itself, issometimes known as Leibniz’s Law.

4An etext of Euclid’s Common Notions is available at http://aleph0.clarku.edu/~djoyce/java/elements/bookI/cn.html

These problems are serious, with legal implications thatwe cannot continue to overlook. Without an understandingof what might constitute the identity conditions of digital en-tities, the whole concept of progress in the information age isbased on not only shifting, but sinking, sand.

Identity Matters

The Logic of Identity

Establishing the identity of physical objects in the physi-cal world has by no means proved to be a trivial task2 but, byand large, we accept as true the logical claim that if twothings, x and y, have the same properties, then they are thesame object. This principle, often referred to as Leibniz’sLaw, or the Identity of Indiscernibles, is usually expressed asfollows: if, for every property F, object x has F if and only ifobject y has F, then x is identical to y, or

The converse of the principle, the Indiscernibilityof Identicals, is formulated in a similar way:

3 By having the same properties, we meanthat they are equivalent in the strong sense of everything thatis true about x is true about y, and that x and y are intersub-stitutable salve veritate. It follows from this that x and ycould not be equivalent in all of their properties and yetstand in relation R to one another for, as Leibniz says, an in-crease in number—that there are two discernible entities—indicates a difference in properties: x and y must have atleast one property different, making it possible to distinguishthe two things as distinct.

Leibniz’s Law works well for specifying the identity rela-tion in which two objects stand in virtue of their respectiveproperties, though it should be noted that for Leibniz, twothings that are identical in every respect must in fact be onething, and that one thing would, of course, be unable to standin relation to itself. Although this is an interesting issue, itcannot concern us directly in this article.

A further notion we must appeal to if we are to have a rea-sonable understanding of identity relations between objectsis that of transitivity. Euclid explains this axiom in his Com-mon Notions4 as “Things which are equal to the same thingare also equal to one another.”

So, for example, if x � y and y � z, then it must be thecase that x � z, where the equality relations between x, y,and z are transitive. A particularly good, and very familiar,example of a transitive relation is “being an ancestor.” So,for example, if Edward is the ancestor of Fred and Fred is anancestor of Jane, then Edward is an ancestor of Jane, thoughit should be noted that in this case no equality of Edward

(5F)(Fx4 Fy).x � yS

x � y.(5F)(Fx4 Fy)S

with Fred or Jane, Fred with Jane or Edward, or Jane withFred or Edward is implied. “Being a parent” is a good exam-ple of a nontransitive relation, since Edward’s being a parentof Fred’s and Fred’s being a parent of Jane’s does not meanthat Edward is a parent of Jane’s.

So, why are the notions of identity, equivalence, and tran-sitivity important in the digital context? Well, the same ob-ject may appear in different guises and the identity of theone object being represented in different ways may not beimmediately obvious, and, then again, different objects mayappear in the same guise; they may be indiscernible by theirrepresentation alone, thus implying their identity when anexamination of the underlying properties of the objectswould reveal that they are in fact distinct. Our particularconcern in this article is with digital entities and the bit-streams of which they are comprised, and how the identityconditions for one object with another fail while continuingto appear to be met.

In mathematics, functions map a domain to a range, andwe might say, in this instance, that we have a domain: bit-streams, which we will name D, that can be mapped onto arange: representations, which we will name R. The function,in this case, will be the action of the Web browser, which wewill name b. All of which can be stated as: Wecould now define equivalence as if which would, of course, also entail that , where

This is a proper equivalence relation, which is tosay that it is both symmetric and transitive.

However, when bitstream x is acted upon to produce bx,the representation we now have might be referred to as y andnot x. We might express this as Having gonethrough this transformation we now find that to regain x byb�1 would be impossible since b�1 does not exist; there is noway to go back to the previous state of x from where we arenow. The relationship is asymmetrical and nontransitive andit would be clearly false to say of y that it is equivalent to x,for there are no conditions under which we could effect y inany way so as to produce x, but also, under our definition ofequivalence, x and y would have to be members of the samedomain, and they are not.

Here we state only that there is no inverse of b, though ifthere were some function c that maps R to D such that

which does not imply that Thisleaves us with a very curious state of affairs indeed, espe-cially because c is not an inverse of b since it cannot take usback to the bitstream x. Which is to say that, as long as theset of equivalent bitstreams has more that one member in it,the inverse function of b will not be unique, the best you cando is find a function c that maps R to D to give you some-thing that is equivalent to the original x, though not—exceptby an extraordinary chance—identical to it.

And, now by introducing the set (domain) of stylesheets(S), we can perhaps see the complexity of the situation alittle more clearly. If then

and so on. Which, even if it did entail thatis would not necessarily entail

that is b(x, s2) � b(x�, s2).x � x�b(x, s1) � b(x�, s1)x � x�

b(x, s2)S r2 � R,b(x, s1) S r1 � R,b : D, SS R,

c(b(x)) � x.c(b(x)) � x,

xS bx � y.

x, x� � D.x� � xb(x) � b(x�),x � x�

b : DS R.

JOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY—February 15, 2005 367

5Hartley Slater at http://www.utm.edu/research/iep/a/aesthetics.htm.

Before we examine this issue more fully in the sectionDigital Identity Matters, below, we will attempt to tease outthe troublesome notions of originality, authenticity, identity,and equivalence in terms of types and tokens. We intendto demonstrate that the notion of an “original” or type ofwhich its token is said to be a representation is curiouslyproblematic and even more especially so within the digitalenvironment.

The language of types and tokens is common within thediscourse of aesthetics (Wollheim, 1980), and it is from thisdomain that we will begin our discussion.

The type/token distinction has been utilized in order todistinguish art forms with “unique” objects, for example,sculpture and painting, from those where there is no singleunique object, for example, a play or a piece of music thatwill have a multiplicity of performances. When we speak ofRaoul Dufy’s Trouville we refer to his 1907 compositionusing oil on canvas and not to any of the many reproductionsof the work. It is unique, even if it does change over time dueto deterioration of the paint or restoration, the type fromwhich the tokens or reproductions are derived. But the situa-tion is not always this straightforward. To begin with, typesand tokens are slippery characters that are not forever fixedas either type or token; thus a token can become a type, andwe might say of Nina Simone’s rendition of “Feeling Good”that it is the definitive version and that any other rendition isa token of that type. Secondly, we are not always dealingwith physically unique objects. Schubert’s Unfinished Sym-phony is not a physical object, though we might want toargue that the original score is a physical manifestation of it.Finally, we can see that the usual mental/physical divisionsthat we use to categorize “objects” are not always clearly ap-propriate when we talk of performances or a digital image ofsomething, perhaps, “Lara Croft,” in virtual space. HartleySlater touches on some aspects of these difficulties when hespeaks of the differing temporality and spatiality of works ofart, but he continues, falsely in our view, to maintain that allrealizations are physical.

We must first distinguish the artwork from its notation or“recipe,” and from its various physical realizations. Exam-ples would be: some music, its score, and its performances;a drama, its script, and its performances; an etching, its plate,and its prints; and a photograph, its negative, and its posi-tives. The notations here are “digital” in the first two cases,and “analogue” in the second two, since they involve dis-crete elements like notes and words in the one case, and con-tinuous elements like lines and color patches in the other.Realizations can also be divided into two broad types, asthese same examples illustrate: there are those that arise intime (performance works) and those that arise in space(object works). Realizations are always physical entities.5

We may accept that the realization of something is atoken and that it might be physical and, we might even

6A representation of this poem may be found at http://www.luminarium.org/sevenlit/herbert/wings.htm.

accept that when we talk of the idea, of which the realizationis a token, that the idea is a type which might be consideredto be mental. However, when we talk of the bits of informa-tion that, when interpreted in a particular way, produce be-fore us an image of “Sulley” from Monsters, Inc., do we saythat the bits are the type structured in such a way as to repre-sent this particular image or token? If we do, are we to con-clude that the bits, and indeed the image, settle neatly intoour mental:physical dichotomy? These are not questions thatcan be easily resolved, and the legal implications of thisirresolvability are only now beginning to be realized.

In our quest for the “type” we are looking for somethingthat we might refer to as the original, an object or entitywhich is often highly prized and the subject of much legalwrangling. Works of art are not the only things over whichquestions of originality—and forgery—are posed. Docu-ments of all sorts go through several drafts, and sometimesan earlier draft may supersede a later one in terms of becom-ing the main text to which subsequent reference is made.Although all the drafts are considered to be “originals,” forlegal purposes the “final” version is considered to be theoriginal embodying the intention of the author(s). Suchintention may include instructions about representation as,for example, in George Herbert’s poem “Easter Wings,”6

Stravinsky’s recording of his own works, or, more mun-danely, a title deed to a property which must conform to acertain standard to be recognizably original. Scholars are in-terested in the drafts as they reveal details of the decisionsand choices involved in the process of arriving at the finalproduct. With the advent of the computer, the production ofa text has changed, since corrections can be made on-line ina way that was only possible previously by marking a paperdraft. It also becomes possible for other hands to contributedirectly to the draft, and designers of word processing pack-ages have wrestled with ways of tracking such changes anddifferences in authorship, but they are on the whole clumsyand unsatisfactory. The plotting of the development of a textis now much more haphazard than it once was, and this willhave tremendous consequences for future scholarship. Draftdocuments will be preserved, but they will not represent theevidential milestones they once did.

In the past, archivists insisted that “archives” consisted oforiginal materials, to distinguish them from libraries, whichheld objects where there were multiple copies. Roneo ma-chines and photocopies blurred this distinction, but the char-acter of the output from copiers usually made it possible todifferentiate a copy from an original. This distinction is nowlost as the computer has the ability to generate a very largenumber of copies—or, more accurately, renditions—and dis-tribute them widely. Nevertheless, if a text is to be publishedin a formal sense, rather than simply distributed, it will needto be transformed. This usually begins with sub- and copyediting, most of which is still done on paper renditionslargely to preserve the audit trail, although the alterations are

368 JOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY—February 15, 2005

transferred to the bitstream provided to the publisher by theauthor. At the same time a designer will normally also be in-volved in choosing typefaces, layout, position of illustra-tions, and so on. The production team will clear rights andarrange for tables and other illustrative material to be cre-ated. There is an assumption that these processes have beenrendered obsolete by the new technology, but that is to con-fuse the content with the creation/delivery mechanisms.Why should it be that consistency, punctuation, grammar, in-telligibility to an audience, and so on (the stock-in-trade ofeditors) is less important on-line than in a printed book?Moreover, since the resource is made available on-line, theuser simply views a rendition of the bitstream held on aserver in a form either dictated by choice or happenstance.Even if the bitstream has been dignified with an ISBN orISSN number, it does not exist like a printed book in multi-ple identical copies but only in multiple almost certainlynonidentical renditions. Across the board the bitstream is theconstant, although behaviors are not. In paper publishing thebitstream ceases to be operated on by a word processingpackage and moves to a typesetting platform which will beused to create the film for the printer. Once the format hasbeen established, no further variation is possible. This is notthe case with an on-line edition of a text, and it is this lack ofconstancy, the difficulty in locating the original document,the lack of identity between rendered texts, and the non-equivalence of what the transformation throws up that wewant to emphasize here (see Figure 1 above).

Digital Identity Matters

In the physical world, we can perceive a large proportionof the objects directly, although of course that perception isdependent on many factors, some of which are at the level ofthe individual doing the perception. In the digital world, theproblems of individual perception are overlaid by problemsinvolving variation in the mechanisms that bring the objectto a state at which individual perception starts.

In order to examine the ramifications of identity in thedigital world, we need to examine rather more closely whata digital object is. Fairly full expositions of this are to befound in Thibodeau (2002) and Garrett and Waters (1996),

where much of the existing literature is cited and reviewed.Briefly, a digital object is a bitstream: a series of zeros andones which, when taken together, encode information in aparticular format. Unlike objects in the physical world, digi-tal objects cannot be perceived directly by human observers.As we write this article in our word processing program, wesee the combinations of letters that form words only as aresult of a whole set of interacting pieces of hardware—keyboard, processor, screen, and so on—and software—theoperating system, word processing software, and screendrivers. These components interact via a set of interactingstages and processes that are neither obvious to the user norinvariant from computer setup to computer setup. The con-tent of the article, as perceived by us in the role of documentcreator, passes through these stages and processes to pro-duce representations on our screen and in our disk storage.These are summarized in Figure 1 and exert a variety of ef-fects on the bitstream to produce a highly mediated experi-ence of the digital object for the human observer. Changingany one of these components even slightly has the potentialto change the experience of the digital object.

As has already been noted, this “intermediation” of anindividual’s experience raises a number of challenges forus as a society—technically, culturally, legally, and philo-sophically.

Both the hardware and software environments are in astate of constant flux. For example, Microsoft will produce anew version of its Windows operating system and Officesuite every 18 months, and many organizations replace per-sonal computers on a cycle of less than 5 years. Against thisbackground it is fairly certain that if we wish to revisit thedigital object that holds this article in, say, 5 years’ time, nocomponent of the hardware or software environment will bethe same as its equivalent in use today. Consequently, weshould be concerned with establishing criteria that will guar-antee that the experience of the digital object will be the samein the hardware and software environment of tomorrow. Ifwe do not make this our current concern, we will encounterlegal and archival problems on a scale hitherto unknown.

Here we are referring to a coarse level of the componentsthat make up the computer system but, in addition, there aremore subtle changes possible between computer systems.Even if my colleague and I have identical computer systemswith identical operating systems, word processing software,and drivers, we are still unlikely to have exactly the same ex-perience of a particular digital object. This might be becausethe way in which we have configured our word processingprograms might be different, and we might use differentprinters, which will affect the way that the file is presentedon screen as well as the format of the printed document.

The experience of a digital object is therefore not fixedmerely by the bitstream involved, being heavily mediated byhardware and software which itself is subject to frequent andarbitrary change. We can expect poor fixity of the experi-enced digital object, and without fixity there is no way toestablish identity and notions of an original, of authenticity,and so on.

FIG. 1. Simple rendering.

JOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY—February 15, 2005 369

7A very clear account of a comparison of originals and copies in thephysical and digital worlds is to be found in Levy (2000).

Digital objects are bitstreams, as described above,whether they are digitized from physical objects or borndirectly into the digital world. While appearing to the humanobserver as being composed of a random pattern of bits, adigital object actually has a well-defined structure consistingof at least two levels: encoding and format. The encodingspecifies what groups of bits (often but not always of a fixedlength referred to as bytes) represent. The format specifieshow subparts of the digital object are arranged and what they“mean.” To the human observer, many formats and encod-ings simply have little or no discernible meaning, at least interms of the real purpose of the digital object, e.g., pictureletter, paper, and so on. Thus, if either the encoding or theformat is unknown, the information is effectively inaccessi-ble to either human or machine.

At a technical level, by examining the bitstream itself, itis possible to say whether or not one bitstream is the same asanother. But, given that human observers do not experiencebitstreams in this way, this is not going to be enough to set-tle most disputes about identity. Moreover, and as we havealready indicated, a bitstream is likely to be represented in-consistently in different hardware, software, and configura-tion environments, which leads to the possibility of “samebitstream, different perceived object.” However, the possi-bility of there being “different bitstream, same perceived ob-ject” is also entirely plausible given that there are many waysto achieve a particular screen (or printer) effect, and this is inaddition to any difference in perception as a result of featuresof any individual observer. As Lynch (1999) points out,some of these bitstreams will be more “durable” than others,and he advocates selecting a relatively durable form fromwhich other more ephemeral forms may be created usingwell-understood processes. He terms this “durable” form thecanonical form. While this idea is both useful and well con-sidered, the problems that we have experienced in movingthis document from LaTeX (a fairly durable form based on asimple format and basic encoding) to the proprietary formatrequired by the publication process, have not been trivial,especially in the area of mathematical equations.

A final set of philosophical and legal difficulties centeraround the fact that in the digital world, it is very easy to dothings that are much more difficult in the physical world. Forexample, it is very easy to make exact copies of an object;meanwhile, it is extremely difficult to detect changes madeto a copy of an object. This allows me to make an exact copyof a document that I have worked on together with my col-leagues and to make changes in such a way that it is effec-tively impossible for anyone to tell whether it is my copy ortheirs that is the original.7 In the physical world there are al-most always clues left by the copying or change processesthat allow forensic analysis to detect which is the originaland which the falsified copy. In the case of a paper objectthere are many clues to both originality and change in, forexample, inks, indentations, missing elements, torn edges,

and many other things that do not have equivalency in thedigital object nor, as yet, in processes associated with digitalobjects. Ideally we must put in place some technical measureor other procedure that will frustrate tampering or, at least,make it possible to determine when it has happened.

Given this conundrum, it is unsurprising that the accep-tance of digital objects as evidence is problematic. It wouldbe virtually possible for a court to judge whether the docu-ment with which they are being presented is even close tothat presented to one of the parties to a disagreement whileentering into a contract. More difficult still would be docu-ments relating to an individual but maintained by a thirdparty in a fiduciary function (such as case notes); such docu-ments may never be seen, at least not in their entirety, by theindividual to whom they pertain.

In the traditional paper world, although it is considerablyeasier to detect tampering in documents originating prior tothe invention of the photocopier than in later documents, it isnot to “technical measures” that societies have turned to ad-dress the problem of authenticity. The primary mechanismsfor establishing authenticity are processes and cultural con-ventions. These come in a variety of forms, such as editorialand publishing processes, form and format of different typesof correspondence, rubric and layout of forms, etc. For ex-ample, this article’s “genuineness” derives as much from theeditorial and publishing processes of JASIST as it does fromany technical measures. It is to these processes and culturalconventions that academic review boards would turn whenevaluating it, rather than whether or not some computer filehas been altered. This aspect is added to our earlier figure inFigure 2.

Recap: The Boundedness of Digital Objects

We have argued that increasingly there are problemsdefining the boundaries of digital objects; both at the bit-stream and experiential levels. Two examples serve to illus-trate some of the dimensions to this problem.

A digital object such as a Web page, when represented tohuman observers, might include hyperlinks to external digi-tal objects as a realization of, for example, references, foot-notes, or appendices, that the user of the document may fol-low, or not, at will. It might have graphical elements as linksto external digital objects (graphics) that are embedded inthe page by the Web server but which are otherwise separate.In this example, the Web server and the user contribute to adetermination of the bounds to the digital object and, as a re-sult, the experienced digital object does not necessarily havethe same bounds as the bitstream digital object—combiningas it does several distinct bitstream objects.

In the case of a (Web-based) form such as a KYC form,the digital object exists only as an experienced object thatrequests and reveals a small number of fields stored in oneor more database tables. The experienced digital object isbrought together from many discrete components for asingle transaction, never to be experienced in that way byanyone again. Increasingly, Web sites are employing this

370 JOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY—February 15, 2005

FIG. 2. Rendering, process, and cultural mechanisms.

mode of operation to provide users with a personalized Webexperience, with pages being assembled on demand usinginformation that is current at a particular time and whichmay never have been seen in exactly that way before andnever will be again. In this example, the experienced digitalobject simply never exists as a discrete bitstream object.

The challenge of proving what the experienced digitalobject was for a particular individual in the past is consider-able in both these examples. What is crucial is having someway of defining what the salient features of the experienceddigital object are; an audit trail of the processes that maintainthe component parts and the way that they have been assem-bled. In addition to our having adequate knowledge of thetechnical means by which the digital object was put togetherto enable it to be experienced, it is also essential that we havesome knowledge of the experiential context in respect ofpurpose and circumstances.

How Should We Proceed?

Thibodeau (2002) provides a good discussion of bothtechnical and other approaches to the preservation ofdigital objects, and the InterPARES Project PreservationTask Force suggests a Preserve Electronic Records model(Thibodeau, 2001) which sees the problem as being moreabout processes than technology. We suggest that devisingpurely technical measures or different forms of technologyto solve this problem would be counterproductive. Furtherlevels of technology simply add more processes intermediatedby layers of software and hardware that then stand between

the “evidence” and the parties to an agreement. Digital sig-natures, for instance, will in theory allow parties to establishthat a digital object has not been altered since the agreementwas made, but this is essentially at the bitstream level andnot at the level of the experience of the parties concerned.The situation has been further complicated by the fact thatwe require a “black box” of software to make the necessaryassertions and then we have to think of what measures wecould use to establish that the “black box” itself has not beentampered with. We suggest that there are three strands to asolution to the problems of digital identity.

As mentioned briefly above, we might think of starting bydefining the “salient features” of digital objects in terms oftheir purpose and mode of use. In this we broadly align withthe simple case example exhibited in the work of Moore,Baru, Rajasekar, Ludaescher, Marciano, Wan, Schroeder,and Gupta (2000a,b) at the San Diego Supercomputer Cen-ter. The salient features of a digital object are intended to en-sure that the object’s content and utility remain the same inspite of differing experiences of the object and will consistof those features that are essential for that object to continuebeing that object from one experiential manifestation of it toanother. One immediate advantage of this approach is that ittakes us to a level beyond having to examine the characteris-tics of a bitstream. An obvious disadvantage might be that itmakes it difficult to define more than a small subset of fea-tures in any general sense, but an example of a generalsalient feature in the case of a text document might be thatthe written characters (however encoded) should remain thesame and appear in the same order. In any particular case we

JOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY—February 15, 2005 371

might expect an author to be in the best position to providemore object-specific salient features for his/her own work;but this would only be feasible if there were tools to assist inthis, as it would be unrealistic to expect every digital objectcreator to undertake this activity from scratch. An overallstrategy might be to begin by asking more generally what thesalient features of particular types of digital object are, andto work from there. Having once defined the salient features,we would need to find ways of capturing and preservingthem, and this would require the devising of auditableprocesses that ensure that the features are not altered by thetransformations of the bitstream that are necessary from timeto time in order to preserve it within new hardware and soft-ware environments.

Processes surrounding the creation, treatment, and use ofphysical documents and other objects have evolved overhundreds of years. The digital world as we know it is barely50 years old. As the digital world slowly matures, it will ac-quire processes to support the establishment and mainte-nance of the trustworthiness of its objects. Our second strandis concerned with hastening this process. There has been atendency, particularly among technologists, to think thatprocesses in the physical world are rendered unnecessaryand superseded by the digital world. A good example of thisin publishing, where some believe that publishing as an ac-tivity adds no value except distribution of information andthat consequently the World Wide Web removes the need forboth publishing processes and publishers.8 We maintain thatprocess is, if anything, more important when we are dealingwith objects, the fixity of which is at best questionable, thusprojecting issues of identity to the fore.

In order to understand any object and its significance, theperson experiencing it must have a context to set it in. In thephysical world, some of that context is readily apparentthrough direct perception by the human observer, some ac-companies the object, either directly or indirectly, and yetmore comes from an implicit understanding of the processenvironment in which the object was created. The digitalworld is still insufficiently mature to have developed aframework for context capture and retention to be a routinepart of digital object creation and management. The thirdstrand of our prognosis therefore is the development of a ro-bust contextual environment for digital objects that is bothtrustworthy and useful.

To present digital evidence, those assessing it need to beable to trust the processes of curation, transformation, andrendering, taking the bitstream from what was actuallycreated (the content) through to what was experienced bythose involved at the time and what they are experiencingin assessing the evidence. It must be made possible for a

creditable set of salient features to be produced on demand,for a trustable set of processes to have been followed in itscreation and curation, and for the digital object to be set in asufficiently complete context for the experience of it to bemeaningful.

Conclusion

At least part of our conclusion must be that processes andcultural mechanisms surrounding digital objects, analogousto those surrounding objects in the physical world, will haveto be developed. These will rarely be one-for-one analogues,since the requirements for credibility in the digital world arequite strikingly different. The central issue is one of trust andcredibility, a theme explored in detail by Lynch (2000). Tra-ditional roles and relationships will need to be carefullyexamined in the light of a clear understanding of the philo-sophical, legal, and archival issues, with the role of digitaltrustee having to involve a very subtle blend of traditionaltrustee skills with a high level of technical understanding andcompetence. It is clear that a great deal more creativeresearch work is required in multiple areas, including: theprocesses by which digital objects are manipulated and ren-dered, the framework within which they are used, the culturalconventions that will build up over time, and the tools to helpdigital object creators to embed their “creations” in a richmetadata environment which effectively and efficiently cap-tures their “essence.” This represents a major challenge of thedigital age that we ignore at the peril of our cultural heritage.

Acknowledgment

The authors would like to thank Daniel Pitti of theInstitute for Advanced Technology in the Humanities at theUniversity of Virginia for his helpful comments on an earlydraft of this article.

References

Cantwell Smith, B. (1996). On the origin of objects. Cambridge, MA:Bradford Books, MIT Press.

Duff, J.D. (Ed.). (1970). D. Ivnii Ivvenalis satvrae XIV [Fourteen satires ofJuvenal]. London: Cambridge University Press.

Garrett, J., & Waters, D. (1996). Preserving digital information: Report ofthe Task Force on Archiving of Digital Information. Washington, DC:Commission on Preservation and Access. Retrieved from http://www.rlg.org/ArchTF/tfadi.index.htm

Levy, D.M. (2000). Where’s Waldo? Reflections on copies and authenticityin a digital environment. Retrieved from http://www.clir.org/pubs/reports/pub92/levy.html

Lynch, C. (1999). Canonization: A fundamental tool to facilitate preserva-tion and management of information. D-Lib Magazine, 5:9. Retrievedfrom http://www.dlib.org/dlib/september99/09lynch.html

Lynch, C. (2000). Authenticity and integrity in the digital environment:An exploratory analysis of the central role of trust. Retrieved from http://www.clir.org/pubs/reports/pub92/lynch.html

Moore, R., Baru, C., Rajasekar, A., Ludaescher, B., Marciano, R., Wan, M.,Schroeder, W., & Gupta, A. (2000a). Collection-based persistent digitalarchives—Part 1. D-Lib Magazine, 6:3. Retrieved from http://www.dlib.org/dlib/march00/moore/03moore-pt1.html

8This is in part a backlash against academic publishing, where acade-mics have traditionally given away their copyright to publishers in ex-change for peer review, and whose institutions have then bought backaccess to the material through costly journal subscriptions. (The SPARCinitiative http://www.arl.org/sparc/ is addressing the peer review publishingend of this problem.)

372 JOURNAL OF THE AMERICAN SOCIETY FOR INFORMATION SCIENCE AND TECHNOLOGY—February 15, 2005

Moore, R., Baru, C., Rajasekar, A., Ludaescher, B., Marciano, R., Wan, M.,Schroeder, W., & Gupta, A., (2000b). Collection-based persistent digitalarchives—Part 2. D-Lib Magazine, 6:4. Retrieved from http://www.dlib.org/dlib/april00/moore/04moore-pt2.html

Rothenberg, J. (2000). Preserving authentic digital information. Retrievedfrom http://www.clir.org/pubs/reports/pub92/rothenberg.html

Stravinsky, I. (1975). An autobiography. London: Calder and Boyars.Thibodeau, K. (2001). How to preserve authentic electronic records.

InterPARES Project Preservation Task Force Final Report (pp. 81–116).

Retrieved from http://www.interpares.org/documents/ptf_draft_final_report.pdf

Thibodeau, K. (2002). Overview of technological approaches to digitalpreservation and challenges in coming years. Institute for InformationScience, The state of digital preservation: An international perspective.Conference proceedings. Washington, DC: DocumentationAbstracts, Inc.Retrieved from http://www.clir.org/pubs/reports/pub107/thibodeau.html

Wollheim, R. (1980). Art and its objects (2nd ed.). Cambridge, England:Cambridge University Press.

EBSCOhost

file:///C|/Users/pembertona/Desktop/2b.htm[8/29/2014 9:57:42 AM]

Title:

Authors:

Source:

Document Type:

Subjects:

Abstract:

Lexile:

Full Text Word Count:

ISSN:

Accession Number:

Database:

Section:

Back

1 article(s) will be saved.

To continue, in Internet Explorer, select FILE then SAVE AS from your browser's toolbar above. Be sure to save as a plain text file (.txt) or a 'Web Page, HTML only' file (.html). InFireFox, select FILE then SAVE FILE AS from your browser's toolbar above. In Chrome, select right click (with your mouse) on this page and select SAVE AS

Record: 1

Identity Crisis.

Costa, Dan

PC Magazine. 10/15/2002, Vol. 21 Issue 18, Special section p1. 5p. 2 Diagrams, 1 Chart.

Article

INFORMATION storage & retrieval systemsCOMPUTER security

Focuses on issues related to the use of digital identity in commerce. Security of information given to web sites; Comparison betweenthe capabilities of Microsoft.NET Passport and the Liberty Alliance Project's Liberty Version 1.0; Benefits of digital-identity platforms forbusinesses.

1220

2621

0888-8507

7435445

MasterFILE Complete

INTERNET BUSINESS

Identity Crisis

Digital IDs will grease the wheels of commerce, but privacy advocates are keeping a watchful eye.There was a time on the Internet when nobody knew you were a dog, but it didn't last long. Today, most people choose to create a digital identity for sites they frequent. At themost basic level, this requires a user name and password. But keeping track of a flurry of user names and passwords is not only a hassle for Web site visitors but alsoexpensive for the businesses that run Web sites. That's why a movement is underway to build a technical architecture for identifying consumers in cyberspace—and evenemployees within an enterprise—so they don't have to prove themselves again and again.

The payoff is clear: A single sign-on service will grease the wheels of commerce. Consumers will have fewer passwords to keep track of an business can customize sites andpromotions for individual shoppers.Amazon.com, for example, recommends items to visitors based on their shopping histories. With a digital identification system in place, theentire Web could be customized for you. Yet the transition to digital identities isn't simply a matter of technology. The prospect raises more questions than it answers. Will myprivacy as a consumer be compromised? Who will own the personal information I give to Web sites? Can I choose not to participate in a digital-identity program? These issuesraise bold red flags for privacy advocates like the Electronic Privacy Information Center (EPIC) and People For Internet Responsibility (PFIR). The pressure has pushedMicrosoft into settling a case with the FTC and agreeing to be more open about its privacy policies. Perhaps the most fundamental question is raised by PFIR cofounder LaurenWeinstein: “Are the risks of a centralized information system worth not having to type in your password or credit card information?”

In this story, we provide a working knowledge of the two prevailing digital-identity technologies—Microsoft .NET Passport and the Liberty Alliance Project's Liberty Version 1.0—and explain how they will impact both consumers and businesses.

Identity VouchersThe concept of a digital identity is elastic. An identity is anything that defines who you are or who you aren't. “Digital identity refers to the set of digital information—includinguser IDs, passwords, access control lists, public-key certificates, and voiceprint patterns—that is associated with a particular individual,” says Jim Kobielus, a senior analyst withBurton Group, a consulting firm. Typically, digital-identity information is used for security—both to confirm that you are who you say you are and to authorize access to onlineapplications, services, and data.

Digital-identity information is currently scattered across the Internet in isolated databases that Web sites maintain. Unless the Web site saves your information, you must input itevery time you visit. That's a tedious process, often resulting in lost sales. In fact, at some sites, as many as 30 percent of all inquires to customer service involve forgottenpasswords.

A site running digital-identity technology must strike a difficult balance: It must easily recognize a returning visitor but not violate his privacy. That's exactly what Liberty 1.0 andPassport are reaching for. Although each takes a very different approach, they both rely on a concept called federated authentication (see the digital-identity diagram), whichautomatically vouches for the identity of all members of the federation. This is what enables single sign-on, in which you log on to one site and are automatically logged on toother sites in the federation. “Federated authentication is the ability of a site to accept an ID that wasn't set up by that service,” says Adam Sohn, product manager for Microsoft's.NET Platform Strategy Group.

On a conceptual level, Liberty 1.0 and Passport work much like automated teller machines—without the $2 service charge. Years ago, you could go only to ATMs that wereoperated by your bank. Later, you could go to ATMs within certain networks, like Cirrus, as long as your card had that particular logo. Now you can use just about any ATM outthere.

Passport vs. Liberty

EBSCOhost

file:///C|/Users/pembertona/Desktop/2b.htm[8/29/2014 9:57:42 AM]

Liberty 1.0 and Passport are the two most-talked-about digital-identity platforms. Although the two are often cast in opposition to each other, they are complementary in someways. Passport is a proprietary, consumer identity service that has been available since 1999. Liberty 1.0 is a proposed set of specifications based on the Security AssertionMarkup Language (SAML), which will serve as the foundation for future identity services. SAML is an open, XML-based standard that was developed by the Organization for theAdvancement of Structured Information Standards (OASIS).

Microsoft plans to support SAML to some degree, but Passport does not rely on SAML exclusively the way Liberty 1.0 does. That's because Passport and Liberty 1.0 servedifferent purposes and different audiences. “Passport and Liberty are apples and oranges,” says Kobielus.

Passport is a single sign-on identity service that is hosted, owned, and managed by a single company—Microsoft. That is perhaps Passport's biggest differentiator from Liberty1.0, in which participating companies such as Citigroup, General Motors Corp., and Sony Corp. own your identifying information. Microsoft originally launched Passport as a wayto identify its customers online automatically but quickly signed up other sites such as eBay and Starbucks.com. Microsoft claims that there are 200 million Passport accountsworldwide. Microsoft requires people to sign up for Passport in order to use many of its services. Actual usage is likely much lower.

Today, you need only a working e-mail address (for your user name) and password to create a Passport account. If you choose to, a Passport service can store additionalinformation about you and automatically fill in Web forms for you. At most, Passport can store 14 fields of information, including name, e-mail address, country, state, ZIP code,language, time zone, gender, birth date, and occupation. For sites that implement mobile or strong credential sign-in, the service can also store a phone number and a uniquepersonal identification number.

Passport lets consumers modify their personal information and select which information they want to share by visiting the Passport site. Although privacy advocates are opposedto one company owning all that personal data, keep in mind that your Passport identity need not be true or accurate. “You can choose to provide more profile information, andMicrosoft doesn't do anything to verify that,” says Brian Arbogast, vice president of Microsoft .NET Core Platform Services. You can also set up multiple Passports—one forshopping and another for work. To protect all this personal information, Microsoft uses Secure Sockets Layer (SSL) and the Triple Data Encryption Standard (3DES).

In April 2002, IBM, Microsoft, and VeriSign put forth a proposal for WS-Security, which OASIS is now considering. WS-Security is a standard for encrypting security data andmessages and for signing certificates. WS-Security has been gaining momentum, thanks to its ability to support multiple authentication schemes.

But for PFIR's Weinstein, focusing on technical standards and encryption provides a false sense of security. The fact that information is collected and centralized increases thechance that something could go wrong, he says. He uses online credit-card fraud as an example. “Most of the really dramatic cases of credit card fraud don't involve cracking anSSL,” he says. “They are attacks on the centralized servers that store the numbers.” Weinstein says this will be the flaw in any digital-identity system.

SINGLE SIGN-ONAlthough the Liberty Alliance does not centralize personal information, it does make sharing that information among sites a lot easier. Liberty 1.0 is a set of interoperabilityspecifications developed by the Liberty Alliance, a consortium of 95 companies including American Express, Ford, Nokia, Sun Microsystems, and United Airlines. Liberty 1.0 willsupport single sign-on and let firms automatically share account and ID information about people who shop at member sites.

Liberty 1.0 deals only with single sign-on. It will enable businesses to set up relationships with partners to accept federated log-ons. “At the heart of the v1.0 spec is the sharedauthentication,” says Bill Smith, a Liberty Alliance rep from Sun. He says this kind of authentication could be among existing business partners, such as the Star Alliance oftravel partners. “I could log on to the Hertz Web site, and it would verify I am Bill Smith, and then it could request my mileage balance from United.”

Future versions of Liberty will address the trickier problems of sharing user attributes and the delegation of authority to share identities or accounts. It is possible, for example,that Liberty could enable Hertz and United Airlines to share your credit card information, home address, and even your purchasing history.

Information within the Liberty Alliance network is distributed. Unlike Passport, the Liberty Alliance has no central clearinghouse. In order to share authentication information,Liberty 1.0 requires users to opt-in, meaning they must actively link their accounts at different sites. “Users have ultimate control,” says Bill Smith. “They can choose to link ornot.”

Also unlike Passport, Liberty 1.0 specifies that your profile information already exist within these distributed environments—United Airlines already had your name and frequent-flyer mileage. Even without Liberty 1.0, United can share this information with Hertz if it chooses to. Liberty 1.0 will simply give businesses an efficient means of sharing suchinformation electronically. With Passport, Microsoft owns all the information, but individual consumers can control how that information is used. With Liberty 1.0, individual Websites own your data.

Business BenefitsIn addition to making it easier to log on to Web sites, digital-identity services will fuel a new generation of Web services. “Whenever you have services out there on the Internetthat are interacting with each other, they need to be able to identify you in some way,” says Microsoft's Arbogast.

For example, the .NET Alerts service that Microsoft recently launched relies heavily on digital authentication. Web sites will let you subscribe to an alert that can be sent to youvia e-mail, pager, phone, or instant message. eBay currently offers this service for tracking bids. Future applications could send alerts for stock quotes, travel changes, banktransaction notifications, and highway traffic.

The Liberty Alliance is less about businesses saving money than about setting up relationships among companies. The Liberty Alliance is designed more for business-to-business dealings than with business-to-consumer transactions. “The primary benefit is to enable standards-based Web single sign-on and role-based access control,” saysBurton Group's Kobielus. “This allows e-businesses to quickly affiliate or federate their Web sites and applications.”

A simplified log-on procedure could also help companies manage the authentication of their own employees and business partners. In fact, this is one of the major goals of theLiberty Alliance. Entrust, Novell, Sun, and other companies have announced enterprise authentication systems based on the Liberty Alliance spec. “As a Sun employee, I knowwe could increase our productivity in-house if I could save the 30 minutes, or hour, every week trying to figure out what user name I need to access a certain [corporate] site,”says Smith.

Although Passport will remain firmly consumer oriented, Microsoft also plans to offer authentication software for businesses. The new Microsoft technologies, code-namedTrustBridge, will let companies share information with each other, their customers, partners, and suppliers. TrustBridge, available next year, will deliver single sign-on access toinformation from multiple companies. As a result, a “trusted” company can give its employees access to the resources of another “trusted” company.

For example, a business that outsources its accounting services could easily enable employees to go to the accounting firm's Web site and call up the latest payroll andaccounts receivable information. The two systems would share their user identity information, and employees from both companies could share applications. Meanwhile, Sunhas announced a Liberty-based corporate identification system that will compete directly with TrustBridge.

EBSCOhost

file:///C|/Users/pembertona/Desktop/2b.htm[8/29/2014 9:57:42 AM]

Legal ChallengesThere is no question that shared identity services will let businesses easily share your private information, so consumer concerns about privacy are justified. To quell consumeranxiety, the FTC is keeping a close eye on identity service providers. In August, the FTC announced that Microsoft was not clear enough with consumers about how theirinformation would be used and required Microsoft to have its Passport operations audited by an outside firm.

The infractions were relatively minor, however. For example, Microsoft advertised Passport Wallet transactions as “more secure” than ordinary online purchases when in reality,the encryption is the same. The FTC also came down on Microsoft for allowing customer support reps to access Passport session information without detailing this feature in itsprivacy statement.

Still, the agreement is a wake-up call for Microsoft, the Liberty Alliance, and other companies who plan to handle consumer information. The government seems very willing toregulate these businesses and hold them accountable to the letter of their privacy statements.

Making sense of privacy statements is up to the individual consumer. And that's no easy task, considering that the statements often run on for thousands of words and areriddled with legalese. Also, many of them can be changed at any time without notifying consumers.

In the end, the businesses running Web sites, more than consumers, will have to choose which digital-identity technology they'll support. Passport will certainly be one option,and the early success of the Liberty Alliance shows that other ID technologies will be available as well. A firm could use Passport for consumer sites and a Liberty-basedsolution for its own employees.

Rest assured, however, that consumers can still opt out of these services and manually enter their information at each site they visit. In the long run, even skeptics like PFIR'sWeinstein say that identity services will become widespread. “Once digital identity services are in place, it will be harder and harder to do things without them,” he says. Forbetter or worse.

Liberty and Passport: Head to Head

Legend for Chart:

A - Liberty Version 1.0: www.projectliberty.comB - Microsoft .NET Passport: www.microsoft/netservices/passport

A

B

Purpose

An architecture for federated identity through account linking and single sign-on

An identity aggregator that provides single sign-on service to participating sitesSingle sign-on capabilities

Works with businesses that are part of the Liberty Alliance

Works with Microsoft properties and Passport-enabled retailers

Required data

User name and password member sites may require more info

User name and password

Underlying standards

Security Assertion Markup Language (SAML)

Secure Sockets Layer (SSL), Triple DES, WS-Security

User control

Opt-in, with limited control of profile information

Opt-in; lots of control of profile information

Profile storage

Distributed throughout member sites and linked

Centralized at Microsoft

Supporting companies

95 companies, including American Express, Fidelity Investments, GM, Novell, Sun Microsystems, United Airlines, and Visa U.S.A.

Microsoft and more than 100 other companies, including Buy.com, Costco Online, Crutchfield, eBay Godiva, Monster, and The Sports Authority

Status

Proposed specification; service available by the end of the year

EBSCOhost

file:///C|/Users/pembertona/Desktop/2b.htm[8/29/2014 9:57:42 AM]

Currently available consumer service

: Digital Identity with the Liberty Alliance: When Joe makes his travel plans, the Liberty Alliance digital-ID system lets him easily visit multiple travel sites without logging on againand again, because it gives Joe the option to federate his existing user names and passwords at these sites. So far, 95 companies are members of the Liberty Alliance,

including GM, United Airlines, and Visa U.S.A.

: Digital Identity with Microsoft .NET Passport: When Joe signs up for Microsoft .NET Passport, his profile is stored on Microsoft servers, which, with his approval, share theinformation with participating Passport sites. Only an e-mail address and password are required, but some participating sites may require additional information, such as first andlast name, date, state, country, time zone, occupation, postal code, and preferred language, before they will issue a Passport. Joe can modify his profile information anytime or—

as with Liberty—choose not to participate. An optional wallet service lets him store encrypted billing and shipping information at a secure Microsoft location.

~~~~~~~~By Dan Costa

Copyright of PC Magazine is the property of ZDNet and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's expresswritten permission. However, users may print, download, or email articles for individual use.

Back

Click on the link below. Examine the website and answer the questions for “Source 3.”

http://www.internetsociety.org/