Proposed Topics IIW10

Federation

 * Federated Identity
 * Federated Directory Services
 * governance & risk allocation in federation
 * evolving identity federation
 * Distributed Identity Management
 * Making decentralized identity work.
 * OIX trust frameworks, XDI personal data stores
 * Using DNS and ENUM for Identity Management (delegation/management to end-user with federative framework)

Verification

 * Identity Assurance
 * implementing higher levels of assurance
 * Where voice biometric-based Authentication might fit with ID mgt.
 * Verification of identity using telco-grade data in real time.
 * Identity Proofing on the Web

Portability, Privacy, VRM

 * Supporting sharing
 * Portability Policy and the Legal Layer; Portability effects on Privacy
 * privacy aspects.
 * Data openness and privacy
 * Innovative ideas for the protection of users in identity systems
 * Avoiding Treating Digital Identity as Property
 * VRM

Schizophrenia

 * How many identities does a user want?
 * How many identities does a user want?
 * Faceted identities, Alter-egos, Design, Presentation of Self
 * Global Domination

OpenID & OAuth

 * OpenID Foundation Plans for 2010
 * OpenID RP at Google
 * OAuth WRAP 2.0
 * Corporate OpenID, OAuth
 * OpenID, OAuth, PortableContacts
 * OpenID, OAuth
 * OpenID, OAuth
 * OpenID, OAuth, Identity

Protocols

 * APIs for information about people and companies
 * Activity Streams
 * Salmon
 * XRD provisioning and dashboards, Salmon for reputation networks
 * User-Managed Access
 * The Open Web stack for The Small Business Web
 * Web (in)security
 * NASCAR for Sharing (OExchange, XAuth, WebFinger, and a Personal-Discovery Use-Case)

Clients

 * active clients
 * Active Clients
 * Identity in the Browser
 * identity in the browser, openid connect, activity streams

IaaS

 * service provider contract mgmt & identity
 * Other disciplines that inform identity, Identity management services market
 * maybe health/med
 * The need for accountability, transparency, and open competition in trust frameworks
 * E-identity as a two sided market

Money

 * Not sure, maybe about online payments
 * Financial data sharing, single sign on
 * International OpenIdentity Alignment
 * Open Researcher & Contributor ID (ORCID) http://orcid.securesites.net/

Government

 * vrm for government
 * possibly enum, idm @ government, semantics

Federation

 * evolving identity federation
 * How decentralized identity can work.
 * current status of distributed identity interaction
 * how to implement cross site identity/authentication without confusing the * out of users

Trust

 * Accountability, transparency, and open competition in trust frameworks
 * attribute trust issues
 * Mobile commerce, building trust, better user experience
 * authentication, pape, oix

Privacy

 * what are reasonable privacy expectations for social networks?
 * Interweaving technical and policy promises
 * Intersection of Identity and privacy
 * User experience, privacy
 * privacy, trust, and reputation related to internet identity

Ownership, VRM, Portability

 * Who is thinking about Identity, Privacy, and taking control of our Digital Property together?
 * VRM
 * Data sharing
 * data ownership
 * personal data management/exchanges; privacy concerns; single-sign-on options like openID
 * consent, context, user expectations
 * New techniques in slavery
 * Claims management

IaaS

 * how are identity management services being sliced and diced?
 * How identity standards and technologies are progressing towards business as well as personal use online
 * consumer identity management, business case for idm
 * Financial and location identity
 * How to structure EID service propositions for 1) persons/entities and 2) relying parties
 * Managed Shib Service

OpenID & OAuth

 * How mobile application on open id technologies can coexist
 * infocards, OAuth, openid, enum
 * OpenID v.Next, OpenID/WRAP convergence, AX 1.1/2.0
 * Hybrid onboarding
 * OAuth futures, next-generation claims-based identity
 * openid v_next
 * Enterprise adoption of OpenID
 * OpenID v.Next, Hybrid Protocols, IDIB
 * Latest on OpenID, profile exchange tech, VMS
 * Why is OpenID failing in the market vs. Login with Facebook?
 * OpenID v.next, personal data stores
 * online payments, future of OpenID & OAuth
 * How open identity standards, such as OpenID and OAuth, might be married effectively to telco-based solutions
 * Adapting OpenID+OAuth for provisioning, licensing, and billing
 * UMA, OAuth directions, Activity Streams
 * oauth wrap, open graph api, @anywhere
 * OAuth 2.0, Openid hybrid, WRAP
 * OAuth WRAP, WebFinger, Salmon, XMPP
 * conformance; heterogeneity; OAuth vs Mutant OAuth vs XAuth
 * User-centric in the enterprise, openID. OAuth 2.0, XAuth/auth, user centric use cases; IDPsof the future
 * OAuth, UMA, OpenID v.next, OpenID CX
 * Protocol Convergence

Clients

 * Desktop/heavy clients
 * multi-protocol selectors
 * The further adventures of Action Cards...

General

 * I want to understand the community that attends IIW.
 * Forthcoming solutions for internet identity management
 * dial in on state of the art
 * Why Identity matters
 * Face to face meetup
 * contacts and developments
 * Cross promotion
 * identity

Trust

 * What makes an identity partner trusted and what can a trusted identity partner do with user behavior data and still maintain trust?
 * User understanding of trust characteristics
 * trust framework (do we need a 4 party system?), verified claims and contract exchange
 * trust and reputation models for identity systems

User behavior

 * Just how active users are in managing their info
 * What must an IdM do to ensure that users own their own identity?
 * How user can claim their own identity?
 * How much process can we throw away and still get UCI benefits?
 * how do we get regular users to know how to express their identity online?
 * How user can claim their own identity

Ownership

 * How to make user-centric identity separate from URL management/ownership
 * How can our identity be verified online contextually without giving up control of our Digital Personal Property to third parties?
 * profile rights

Privacy

 * Creating user-centric privacy policies
 * Managing personas and privacy
 * "user experience, privacy, ""social"" implications, semantics, branding, …"
 * managing privacy, getting the defaults right
 * How will users be able to link to their friends' identities without violating their friends' privacy?
 * User centric protocols – how does it all fit together; privacy issues, assurance levels and user centric ID
 * What are the scary risks associated with the explosion of personal data available?

Government

 * can government 2.0 work without user centric identity?
 * What infrastructural support has tobe in place in order to enable gov2.0? (and some more)
 * Why is slavery abolished
 * international legal implications
 * International Open Identity Alignment

OpenID & OAuth

 * How will OpenID begin to support strong auth scenarios?
 * OpenID discovery, multiauth
 * OpenID v.Next
 * How to adapt OpenID for business/employment identities
 * OAuth, WRAP, OAuth 2.0, and UMA

Other protocols & clients

 * Decoupling protocol for interactions and message format: PubSubHubbub
 * Such a tiny box! Browser ID support, automatic account management discovery, webfinger, XRDprovisioning, activitystreams...
 * Universal Login eXperience
 * claims dictionaries, personal data stores

Other

 * Developer simplicity
 * How to support sharing

Phone

 * Provisioning
 * digital identity and phone identification

Structure, Standardization

 * organization structures that promote the adoption of Open Identity
 * When is the right point to standardize this stuff?
 * Will an open or a defacto standard end up solving the internet identity problem?

Business

 * How to use identities for a broad range of services?
 * how to explain and sell to the business
 * How to survive 2010

General

 * What are you doing to make decentralized identity work?
 * Transportability