A few weeks ago I joined Facebook (after much resistence). Facebook sucks you in, making it so easy to give up bits of information about yourself, many times without even realizing it. It occurred to me that I’m leaving pieces of my identity everywhere.
Last night I took a stab at listing out the various entities that know me, regardless of how they know me. The list is overwhelming. It quickly became apparent that to develop a comprehensive list was not feasible. What I ended up with was a good all around representation. I then generalized it to include things not solely pertaining to me as an individual (e.g. I’m an immigrant, I can never have govt clearance).
With all the talk of identity and claims federation, this was a good way to step back and at least understand the problem space a little better. I’m sure there are other such diagrams out there but the benefit for me was to go through the process of drawing it rather than take one off the shelf.
Here’s the diagram, it turns out there are bits of us EVERYWHERE!!! Click for a larger view [LINK].
I’ve tried to group the entities (blue) by function or core competency(green). It could be inferred I suppose that similar entities would require similar forms of assurance around the claims they’re willing to accept. For example, to establish an XBox Live Gamertag doesn’t require the same degree of assurance around identity as opening a bank account. But on the other hand, Digg might be quite willing to accept my Facebook ID.
In theory these entities could share Identity Providers. I believe we’ll start to see this quite soon in the social networking space most likely through OpenSocial.
Ultimately, Identity Providers themselves will begin to exchange claims although it’s questionable if this is an appropriate model.
This is by no means a complete model. I worry that I’ll never be able to effectively manage all the pieces of me that I’m absent-mindedly handing out.