SocialNet Profiles as Trusted Sources

From IIW

This discussion was centered around the concept of a self-asserted social network profile becoming a trusted source of identity data to identify one-self online.

Taking a typical profile, like one at facebook with a picture and "controlled" set of friends/acquaintances (the opposite type being MySpace or some other site that is more anonymous and discovery-based), what is needed to convert this to something more trusted, much like off-line gov't documents like SS# or DL#'s?

This discussion centers around what additional process/steps/data can make this type of data more trusted so that others can rely on it.

The first part of this was to discuss the pro's and con's of using such data for identity data. Future discussions will move into how.

Down side

  • Self asserted
  • implicit friend relationship only
  • Lots of weak link, no strong links
  • No barrier to registration (except Networks)
  • Is this a real human?
  • No authority
  • New Data Sources

Plus Side

  • Groups can serve as "web of trust" to provide self-enforcement
  • Newtork analysis can provide threat protection
  • Data quality "potential" is high due to better aligned with people's relationships
  • FOAF can confirm "human" via:link-backs
  • No authority

Future thoughts: 1) Are certain profiles more trusted as is (i.e., facebook vs. Myspace) 2) Would social networks ever be considered IDP's? 3) If so, how would they be qualified? Per what standard? 4) What is needed to take a given profile on a given 'approved' site and migrate to something trustworthy? 5) Can this be done without an authtority?

Kevin Trilli