Edit: the piece is publicly available now!
-
Edit: the piece is publicly available now!
Together with @shibacomputer and Benjamin Royer, I wrote a detailed research note on the topologies of digital identity systems (siloed, centralised, federated and user-centric) and how thinking derived from topological determinism, common in technical communities, obscures how digital identity systems operate in practice.
To understand the threats of digital identity, we must shift from rigid models and describe the topologies of digital representations as they truly are, rather than as they are purported to be.
Expect surprising twists and turns: DIY identity portability techniques turn siloed identities into centralised ones which allow attackers cascading access; platformisation turns federated identities into centralised ones and de-facto user-centric identities might be more likely to emerge from siloed models rather than user-centric ones. It's a mess. But one we have to reckon with.
https://newdesigncongress.org/en/note/2024/spheres-of-identity/