Archive for the ‘Players’ Category

Of various bits of networked computing identity history

Wednesday, December 20th, 2006

Someone had posted on the private-club IDworkshop@ list…
>
> If you were to look back on the entire evolution of digital identity
> systems to date, what would you highlight as some of the key milestone
> events?

And my small contribution to the resulting stream-of-consciousness thread was (essentially, i’ve edited it some)…

In terms of more recent developments in online identity in a computing context (as opposed to, say, a PSTN context), the invention of a notion of an “account” (aka identity/identifier) mapped to a user and/or department/org is one of the earliest building blocks. Note that this can apply to batch processing as well as time-shared processing (i had an account when i was doing my first batch jobs on a CDC3150). This is the paper that ostensibly began the notion of time-sharing..

R.W.Bemer, “How to consider a computer”, Data Control Section,
Automatic Control Magazine, 1957 Mar, 66-69
http://www.trailing-edge.com/~bobbemer/PUBS-1.HTM

http://en.wikipedia.org/wiki/Bob_Bemer

http://en.wikipedia.org/wiki/Time-sharing

http://en.wikipedia.org/wiki/Multiuser

Also note that in IBM TSO (time share option) users could send interactive messages to each other — this was my first personal experience with what we would today call an “IM” system.

Also in terms of IM, the first distributed IM system, in the sense of today’s AIM/Y!/Gizmo/Skype/etc, that I heard about was MIT’s Project Athena’s Zephyr, which was in wide use at MIT in the latter half of the 80’s.

http://en.wikipedia.org/wiki/Zephyr_%28protocol%29

http://en.wikipedia.org/wiki/Project_Athena

Then there was one of the first truly personal computers, the Xerox Alto (conceptualized in 1972), which was subsequently networked via Metcalfe & Bogg’s Ethernet, which then gave John Shoch and Jon Hupp the fertile ground in which to realize John Brunner’s SF prescient imagining of “worms” infesting computer networks…

http://en.wikipedia.org/wiki/Alto_%28computer%29

http://en.wikipedia.org/wiki/Ethernet

http://en.wikipedia.org/wiki/John_Brunner_%28novelist%29

http://vx.netlux.org/lib/ajm01.html

Note that within Xerox, especially in Palo Alto, the Alto was essentially a production machine. At PARC, by the late 70’s, everyone had one, even secretaries – there were several thousand of them built. Email (Grapevine) was used extensively for everything, including communicating with building facilities.

Birrell, A. D., Levin, R., Needham, R. M. and Schroeder, M. D.:
Grapevine: An Exercise in Distributed Computing“. Communications of the ACM, 25(4), pp. 260-273.

In terms of Kerberos, it was based on Needham & Schroeder’s work, published in 1978..

Roger M. Needham and Michael D. Schroeder, “Using Encryption for Authentication in Large Networks of Computers”, Communications of the ACM, 21(12) p 993.

..and which was the basis of the XNS Authentication protocol, which pre-dated Kerberos.

Oh, and in terms of Public Keys, Kohnfelder’s 1978 thesis “Towards a Practical Public-Key Cryptosystem” is predicated on Diffie and Hellman’s paper of 1976 “New Directions in Cryptography” as well as R, S, & A’s famous paper.

http://en.wikipedia.org/wiki/Loren_Kohnfelder

http://en.wikipedia.org/wiki/Martin_Hellman

http://en.wikipedia.org/wiki/Whitfield_Diffie

http://theory.csail.mit.edu/~cis/theses/kohnfelder-bs.pdf

R. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Communications of th ACM, 21(2):120ñ126, February 1978.

And of course, the above only scratches the surface of this large body of work….

Ross Anderson’s Security Research Group’s blog

Tuesday, August 1st, 2006

Ross Anderson, a founder of the field of Security Economics, who previously maintained an old-school homepage as his “blog” (similar to what I also used to do, though he did/does a way better job), is now blogging on his U of Cambridge Security Research group’s blog..

Light Blue Touchpaper

It, and Ross’ other web pages and publications (notably his book Security Engineering), are all Highly Recommended Reading.

Conor Cahill is blogging

Tuesday, August 1st, 2006

The inimitable Conor Cahill has succumbed to peer pressure and is now blogging…

Conor’s Web Log of Esoterica

Welcome Conor :)

Whodentity?

Wednesday, June 14th, 2006

Whodentity is an excellent “who’s who” compendium of players in the identity industry, by Mark Dixon.