January 14, 2005

Mediachest – Federated identity and trust

Writing about web page http://www.mediachest.com

This is not a hint about my new project by the way :) Just something I thought up whilst browsing over lunch!

Mediachest allows people to inventory their collections of books, CDs, DVDs, and video games. On top of this inventory management application is a social software layer that allows friends to keep track of their friends' collections. This social inventory tracking application extends to two degrees of separation beyond friends (friends of friends of friends). Using a zip code database, Mediachest also allows people to find other people in the same geographic area that have items in their collections that are of interest.

The potential problem with Mediachest is trust. You can setup groups and lists of friends to try and manage the trust issues, because at the end of the day you might be giving something you own to a stranger and hoping they give it back. There is nothing stopping someone registering with a fake name and email address, building up a bit of trust and then stealing someones stuff when they lend it.

However…what if it wasn't just any old person who could register. What if Mediachest and Warwick had an agreement that Mediachest would auto-register and login users who were logged in securely at Warwick. I'll not go into the details of how this works, but basically you can let a user login to Warwick (where we really do know who you are) and then essentially tell Mediachest who you are. Because of our agreement and the technology that ensures you can't cheat, Mediachest trust us to tell them who is logged in.

This means that you could perhaps automatically join the Warwick group on Mediachest just by logging into the Single Sign On system at Warwick. Then when you borrow something or lend something, you really know who you are dealing with.

Because of the standardised way the identity can be federated, Mediachest or any other 3rd party could very quickly create an agreement with Warwick or any other standardised party. The other big advantage is that you never actually login and give a username and password out to Mediachest, so you have one less login to worry about, which is always nice.

The barriers to entry for using and registering this new service are also much lower because you don't have to go through such a length registration process.

Now, some people will no doubt worry about the privacy implications of this. It is important to note that this does not involve giving a hugh database of all our users over to Mediachest or any 3rd party. All it means is that we will confirm to Mediachest that a user is securely logged in and give them your name and perhaps email address, nothing else.

I really think this is the way forward, and lots of other people do to because there is a lot of work going on out there around this area of identity management.

This is all theory by the way and is not currently implemented either by Warwick or by Mediachest. This is also kind of what Athens is all about.

- 2 comments by 2 or more people Not publicly viewable

  1. Steve Rumsby

    Just because you know who somebody is doesn't mean you are guaranteed to get stuff back if you lend it to them, does it? Even if they are affiliated to Warwick in some way. Would we have to deal with that issue before people would be happy with such a system, or is it just not that big a deal?

    14 Jan 2005, 14:33

  2. Indeed, just because you know who someone really is, doesn't mean you can trust them. But it does mean you are better equipped to make the trust decision.

    14 Jan 2005, 14:36

Add a comment

You are not allowed to comment on this entry as it has restricted commenting permissions.

January 2005

Mo Tu We Th Fr Sa Su
Dec |  Today  | Feb
               1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30


Search this blog

Most recent comments

  • One thing that was glossed over is that if you use Spring, there is a filter you can put in your XML… by Mathew Mannion on this entry
  • You are my hero. by Mathew Mannion on this entry
  • And may all your chickens come home to roost – in a nice fluffy organic, non–supermarket farmed kind… by Julie Moreton on this entry
  • Good luck I hope that you enjoy the new job! by on this entry
  • Good luck Kieran. :) by on this entry


Not signed in
Sign in

Powered by BlogBuilder