{"id":935,"date":"2008-03-06T18:37:44","date_gmt":"2008-03-07T02:37:44","guid":{"rendered":"\/?p=935"},"modified":"2008-03-06T18:38:59","modified_gmt":"2008-03-07T02:38:59","slug":"know-your-need","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=935","title":{"rendered":"Know your need"},"content":{"rendered":"

Here's a great comment <\/a>from the smart and\u00a0witty Paul Madsen<\/a>.\u00a0\u00a0 He really his the nail on\u00a0the head with his “Know your Need” corollory<\/p>\n

In announcing<\/font><\/a> Microsoft's purchase of the Credentica patents (and hiring of Stefan's core team), Kim uses the ‘need to know’ analogy.<\/p>\n

That danger can be addressed by adopting a need-to-know approach to the Internet.<\/span><\/p><\/blockquote>\n

(For the life of me, I just cannot get Sgt Shultz's ‘I know nothing’ out of my head.)<\/p>\n

Credentica's U-prove technology promises to close off a (depending on the deployment environment, potentially big) ‘knowledge leak’ – if the IDP doesn't need to know what\/where\/why\/when\/who the user does with the assertions it creates, then the principle of minimal ‘need to know’ means that it shouldn't.<\/p>\n

Cardspace seems a great application for U-Prove to prove itself. As Stefan points<\/font><\/a> out, ‘its a good thing’ to influence\/control both client and server.<\/p>\n

Separately, I see the flip side of ‘need to know’ as ‘know your need’, i.e. entities involved in identity transactions must be able to assess and assert their needs for identity attributes. This is the CARML piece of the Identity Governance Framework<\/font><\/a>). Put another way, before a decision is made as to whether or not some entity ‘needs to know’, it'd be nice to know why they are asking.<\/p><\/blockquote>\n

I agree that\u00a0it is sometimes a positive and useful thing for\u00a0a claims\u00a0provider\u00a0to know the user's “what, where, why, when and who”.\u00a0 So everything is a matter of minimization – but\u00a0within\u00a0to the requirements of the scenario.<\/p>\n

I don't actually buy the “influence\/control both client and server” phraseology.\u00a0 I'm fine with influence, but see control as an elusive and worthless goal.\u00a0 That's not how the world works.\u00a0 It works through synergy and energy radiating from everywhere, and those of us who are on this odyssey must tap into that.<\/p>\n","protected":false},"excerpt":{"rendered":"

Credentica's U-prove technology promises to close off a potentially big ‘knowledge leak’…<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[6,17,47,11],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/935"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=935"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/935\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=935"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=935"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=935"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}