During the late 90s, the acronym NGI meant “Next-Generation Internet.” NGI was popular among futurists and planners of research programs as the starting point for conjecture on the evolution of an Internet-centric world. Over the past 10 years, this 90s NGI dialogue has undergone an extreme makeover.
Today, the NGI acronym is used to mean something rather different: Next-Generation Identity. The new NGI describes a rapidly evolving and expanding array of new identity management capabilities. This NGI transformation says a lot about some fundamental shifts that have taken place over the past decade and provides insight into where significant network developments are now heading.
The multi-decade quest for a common network “glue layer” found a solution in the Unknown Document 4430 and its relatively ubiquitous deployment across the global network infrastructures, albeit with minimal security or access control. At the same time, commercial wireless networks, multi-functional handheld devices, and other peripherals have resulted in the anywhere/anytime/anything revolution now underway. With ubiquitous objects and IPTV thrown into the mix, the sweep of the services and challenges gets even more expansive. The entire ensemble is now a collective global vision dubbed the Next-Generation Network (NGN).
If this new world of NGN is to reach its full potential, it is trusted next-generation identity management -- the capacity to manage and authenticate online identities -- that must emerge and become ubiquitously deployed. Without effective, trusted identity management, open public communication network infrastructures could not support public sector needs. In addition, the users who depend on them would be massively susceptible to vulnerabilities that include large-scale network attacks, abuse, fraud, and a litany of crime.
Toward Next-Generation Identity
Next-generation identity is inherently much more complex than the deployment of an IP network layer. First of all, what is needed is an “Identity Plane” that cuts across all layers up to the application level, rather than just one layer. In addition, there are enormously diverse arrays of identity providers and federations -- vetting credentials, identifiers, attributes, and reputation products with very different assurance levels -- for which seamless global discovery and interoperability are major challenges. Given the stakes, however, next-generation identity is not an option.
Some of the required technical solutions for next-gen identity already exist as proven, widely deployed platforms. For example, X.509 digital certificates, hierarchical domain name spaces, and out-of-band trusted signaling planes were created a generation ago. The first two have been massively scaled to high availability levels by companies like Verisign Inc. (Nasdaq: VRSN), with features added to enhance trust in certificates.
Important new three-party global identity management models developed by industry collaborative bodies have already seen innovative implementation platforms. OpenID, for example, enables more flexible exchange of identity information to meet enhanced assurance levels. Seamless roaming and IPTV are all helping drive these developments as well. The International Telecommunication Union, Standardization Sector (ITU-T) Focus Group on Identity Management recently released the equivalent of a set of blueprints for next-generation identity.
It will take time to put all these next-gen identity capabilities in place -- especially on a ubiquitous global level. With value propositions that revolve around trust and privacy, national security and public sector mandates, and provider revenue assurance and secure financial transactions, next-generation identity is a key to the Internet’s evolution and is a market sure to maintain strong, sustainable business growth.
— Tony Rutkowski, Vice President for Regulatory Affairs and Standards, VeriSign
>From your perspective, is there a logical endpoint for this process?
Recursive pursuit of trust levels only take you so far. As Larry Roberts raises with respect to routing, there may be some effective limits on the ability to support the necessary levels of identity management to achieve the extremes of nomadicity using contemporary platforms. The risk - benefit ratios become too great. Some compartmentalization for critical infrastructures may be a good thing.
Thanks for a great snapshot of the staggeringly complex identity challenges for NGN. From your perspective, is there a logical endpoint for this process?
Even if all we humans are all barcoded, aren't we still confronted with the teeming masses of un-secured bots who are doing their best to do our bidding, but sadly, they can be corrupted and used for malicious ends...so they need to be identified before accessing network services, etc. A whole new species of bot-verifiers would be deployed to ensure that remote agents are bona-fide.
Of course these bot-verification services could also be corrupted...add recursion...
Where does it stop in the big new NGN?
Cheers,
JB
(really, it *is* me, and I mean no harm in this post..ask any robot...)
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Social media has been with us for a decade -- but employer policies and the law are anything but firm about the most appropriate usage of this powerful tool.
Businesses often struggle to decide which domain to use. When it comes to purchasing a domain name, you have plenty of extensions to choose from, ranging from .com and .net, to .me, and even .mobi. But which one should you pick?
I've been writing about how the next evolution of the Internet might just be an advertising revolution, and how corporate IT can stay involved as the enablers and providers of the technologies that make this possible.
In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The automotive website uses propensity modeling to target ads and customer registration forms, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
Email This
