The potential of Higgins becomes clearer if one compares the offerings of different identity management systems. InfoCard solves one of the biggest security issues on the Internet, says Dick Hardt, CEO of Sxip Identity, a firm that sells another management system, which helps users protect themselves from identity theft. “[Microsoft has] built something that’s highly isolated and secure.” But, Hardt adds, you don’t need InfoCard’s security power to move around, for instance, your Amazon DVD preferences to Netflix – that’s something Sxip software is designed to accommodate. Higgins would connect together both of these systems, so the user would be unaware of having multiple identity systems.
In order for Higgins to work well with highly secure applications, such as InfoCard, as well as in less secure environments, it needs a high level of security itself. Being an open-source application helps achieve this, says Raj Nagaratnam, chief architect for identity management at IBM. “The open source model allows for hundreds of thousands of developers…if there’s vulnerability, they will fix it and continually build the platform.”
And Higgins addresses more than just the idea of secure software for identity management, Nagaratnam says. “The reason we went to open source is because this problem isn’t just a technical issue, it’s about how end-users want to actively manage their identities. It brings in social aspects of how users want to collaborate.”
In fact, Harvard’s Clippinger expects that Higgins could eventually help people go beyond simply managing their individual identity information – and toward establishing user communities based on a framework of trusted identities. It could be similar to the way eBay allows users to create markets and communities around common interests. For instance, a person in an eBay community could share selected information with people in groups at Yahoo, Clippinger says.
Helping to develop trusted communities is an important goal of the Higgins project, agrees Milinkovich of the Eclipse Foundation, and it’s fundamental to the open-source community as well. “I think it’s very important that these kinds of identity management systems be done in an open, transparent, and vendor-neutral way,” he says. “This area of technology is far too important for individuals and society at large to be left to any one vendor. The greater the transparency, the greater the trust.”