{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"數字身份是打開數字世界裏信任大門的鑰匙,我們不能丟失對於它的掌管權利,就如同我們不能把鑰匙交給陌生人保管一樣。"}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"我們的信任"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"前段時間,我讀過一本書《我們的信任:爲什麼有時信任,有時不信任》(Liars and Outliers),文中專門探討信任的話題,作者是布魯斯·施奈爾,出人意料的是,布魯斯並非社會學家而是一名頂級的安全專家。他的觀點是社會壓力纔是信任的起源。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"他描述了一種現象:人既想在背叛羣體中獲益,又想維持自我良好的感覺,這種矛盾或者稱爲微妙的平衡,來自於社會壓力的約束。據此他提出了四種不同的社會壓力,即道德壓力、名譽壓力、制度壓力和防護機制。這些社會壓力應用到不同的對象身上產生的效應也是不一樣的。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"比如對於公司或者個人,道德壓力和名譽壓力是最有效的——21世紀公司崇尚的社會責任感;對於政府,人數變多了,範圍也擴大了,道德和名譽的力量作用比較小,所以需要用規則和法律來約束,對於公權力也需要“把權力關進制度的籠子”,制度壓力起到了關鍵性作用;除此之外,還有防護機制,不論是物理世界的防盜門還是數字世界中各種安全技術,它們被應用在不同規模的羣體從而產生信任。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"所以說,信任起源於不同層次的社會壓力,有了這些壓力,個體的行爲纔會被約束,羣體纔可能合作,人們也就不必懷揣“誰誰亡我之心不死”而忐忑地生活。 "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"但是,在互聯網構造出的數字世界裏,人類社會苦心經營的信任似乎不那麼管用了。互聯網興起之初,有條段子盛行——在互聯網上沒人知道你是一條狗,這句話便是當時混亂局面的真實寫照。此外,諸如人肉搜索、網絡暴力、謠言(啊!fake news)這些應當被管控得當的人類迷惑行爲也在網絡上肆意瘋長。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"爲什麼數字世界裏普遍缺乏信任呢?究其原因,是身份的缺位所致。以布魯斯的理論觀之,信任源於社會壓力,然而數字世界裏的身份和社會是脫節的,因此也就無法將現實中的壓力平移到網絡上,以至於數字世界裏的信任還處於重塑和再造的莽荒階段。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/41\/411f8b3d563919848ed3a7ed8356133c.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":"center","origin":null},"content":[{"type":"text","text":"(漫畫“在互聯網上沒人知道你是一條狗”)"}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"信任的關鍵是身份"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"應對這種問題,站在現在的立場,我們很容易想到建立網絡實名制。然而實名制本質上是對數字身份的補充說明,其主要的目的是證明數字身份某些屬性的真實和有效,例如:年齡。所以,抽象來看,數字身份有兩個作用:一是區分,二是證明。區分指的是身份標識的唯一性,身份標識服務於國家人口管理制度,實行一人一號,在中國是公⺠身份證號碼,在美國就是社會保險號。證明則是有權威或者公信力的機構出具特定的證明文件,增加交往雙方的信任度以完成一定的社會行爲,比方說,出入小區時展示的健康碼便是一種證明的方式。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"數字身份依賴系統實現功能。在一個身份系統當中,一般包含了3類角色。用戶、身份提供者還有依賴方。舉個例子,當一個人攜帶介紹信前往招聘辦事處,他就是一個用戶。介紹信來自願意擔保用戶值得被聘任的人,推介者就是身份提供者。介紹信提交的對象就是依賴方,依賴方根據自身的判斷和他們對身份提供者的瞭解程度決定是否接受介紹信的請求。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/e8\/e8e1e4a2d6545464c5c781d2f3cc2f41.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"上圖便是我們對身份系統的一種簡化表述,這也是復刻了我們在現實中的生活體驗。可是一旦我們進入現實的健康碼場景當中,我們填報健康調查獲得健康碼,在出入商場時,健康碼基本是人眼掃過,並未進行機讀校驗。即便進行了機讀,依賴方也並非基於用戶提供的證明原件來做出自己的判斷。原因是在這類驗證流程中,頒發者和依賴方往往是同一個系統。如下圖所示:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/cf\/cfdcc5c69f8a22b00d52e9ce425a777f.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"頒發者和依賴方耦合勢必會產生一些問題,其中最顯著的就是出現諸多筒倉的身份系統。因爲在校驗的流程中,我們其實並非信任用戶出示的證明,而是相信承載證明的系統,"},{"type":"text","marks":[{"type":"strong"}],"text":"當信任無法透過證明的形式傳遞時,我們就得在每一處身份系統中構建出新的身份,然後讓信任不同身份系統的依賴方做出“校驗”的樣子"},{"type":"text","text":"。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"假如我們把信任看成有形的憑證,那麼數字世界裏的信任又會迴歸到現實中應該具有的形態。頒發者將信任憑證發送給用者,用者將憑證呈現給依賴方,依賴方檢查後確認憑證確實是頒發者所頒發並做最小信息披露的校驗,然後做出自己的判斷。可以看出,頒發憑證者和依賴方不必是同一個人。如下圖所示:"}]},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/bb\/bbb661173cd6d3bb37d3408025d61d21.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"而事實上,這種靈活度的轉變正是通過將“控制權”從中心化系統轉移到網絡邊緣(對等的個人)做到的。在進一步探討這種對等身份之前,我們需要了解一下數字身份演化的三種模式。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第一種模式是"},{"type":"text","marks":[{"type":"strong"}],"text":"集中式的身份模型"},{"type":"text","text":",在互聯網蓬勃發展的年代,每個網站都有自己獨立的一套身份註冊和登錄系統。用戶註冊了一個賬戶(用戶名),同時獲得了網站頒發的一份憑證(密碼)。"}]},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/6e\/6eaf507a4cabe979b7cd24929b3e12aa.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第二種模式是"},{"type":"text","marks":[{"type":"strong"}],"text":"聯邦身份模型"},{"type":"text","text":"。人們發現身份系統建立得越多,對於用戶越不友好。所以自2005年以來,企業合作開發了三代聯合身份協議:SAML,OAuth 和 OpenID Connect。如今,SSO(單點登錄)現在已成爲大多數公司內部網和外部網的標準功能。在消費者互聯網中,聯邦身份搖身一變成爲了用戶爲中心的身份。使用諸如 OpenID Connect 之類的協議,來自微信,支付寶, Facebook,Google,Twitter,LinkedIn, 等登錄按鈕現在已成爲許多面向消費者的網站的標準功能。"}]},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/5a\/5a282f04a719c446f5737aab6e5efddf.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"而第三種模式是"},{"type":"text","marks":[{"type":"strong"}],"text":"自主身份(self-soverign identity)模型"},{"type":"text","text":"。這種模型的理念是要將身份的控制權交還到用戶手中,所謂的控制權,實質上是現實中身份相關的證明或憑證所具備的便攜性和實用性。用戶可以攜帶、隱藏、披露、撤銷自己的證明,而依賴方始終能校驗證明的真實性和有效性,就像我們使用錢包裏的身份證一樣。"}]},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/f7\/f79d1da5650733ed6914dbd56f5a8816.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"小結"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"總得來說,數字世界裏的信任需要基於數字身份來建立。數字身份不只是用來當唯一標識以作區分,更重要的是用於證明。頒發證明和驗證證明是可以解耦的兩種操作,但是歸咎於互聯網日趨中心化的架構這兩者合二爲一,恰恰把最重要的用戶置於一邊,由此造成了諸多的身份筒倉。我們知道信任是可以傳遞的,這就像你的朋友將一位陌生人介紹給你,你因此對他產生了信任感。在數字世界裏,這也是可行的,而基於區塊鏈的自主身份正在解決這個問題。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"本文轉載自:ThoughtWorks洞見(ID:TW-Insights)"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"原文鏈接:"},{"type":"link","attrs":{"href":"https:\/\/mp.weixin.qq.com\/s\/Un54qN4H4HUUJ7u_xKnF9g","title":"xxx","type":null},"content":[{"type":"text","text":"數字世界裏的信任鑰匙:數字身份"}]}]}]}
數字世界裏的信任鑰匙:數字身份
{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"數字身份是打開數字世界裏信任大門的鑰匙,我們不能丟失對於它的掌管權利,就如同我們不能把鑰匙交給陌生人保管一樣。"}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"我們的信任"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"前段時間,我讀過一本書《我們的信任:爲什麼有時信任,有時不信任》(Liars and Outliers),文中專門探討信任的話題,作者是布魯斯·施奈爾,出人意料的是,布魯斯並非社會學家而是一名頂級的安全專家。他的觀點是社會壓力纔是信任的起源。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"他描述了一種現象:人既想在背叛羣體中獲益,又想維持自我良好的感覺,這種矛盾或者稱爲微妙的平衡,來自於社會壓力的約束。據此他提出了四種不同的社會壓力,即道德壓力、名譽壓力、制度壓力和防護機制。這些社會壓力應用到不同的對象身上產生的效應也是不一樣的。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"比如對於公司或者個人,道德壓力和名譽壓力是最有效的——21世紀公司崇尚的社會責任感;對於政府,人數變多了,範圍也擴大了,道德和名譽的力量作用比較小,所以需要用規則和法律來約束,對於公權力也需要“把權力關進制度的籠子”,制度壓力起到了關鍵性作用;除此之外,還有防護機制,不論是物理世界的防盜門還是數字世界中各種安全技術,它們被應用在不同規模的羣體從而產生信任。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"所以說,信任起源於不同層次的社會壓力,有了這些壓力,個體的行爲纔會被約束,羣體纔可能合作,人們也就不必懷揣“誰誰亡我之心不死”而忐忑地生活。 "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"但是,在互聯網構造出的數字世界裏,人類社會苦心經營的信任似乎不那麼管用了。互聯網興起之初,有條段子盛行——在互聯網上沒人知道你是一條狗,這句話便是當時混亂局面的真實寫照。此外,諸如人肉搜索、網絡暴力、謠言(啊!fake news)這些應當被管控得當的人類迷惑行爲也在網絡上肆意瘋長。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"爲什麼數字世界裏普遍缺乏信任呢?究其原因,是身份的缺位所致。以布魯斯的理論觀之,信任源於社會壓力,然而數字世界裏的身份和社會是脫節的,因此也就無法將現實中的壓力平移到網絡上,以至於數字世界裏的信任還處於重塑和再造的莽荒階段。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/41\/411f8b3d563919848ed3a7ed8356133c.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":"center","origin":null},"content":[{"type":"text","text":"(漫畫“在互聯網上沒人知道你是一條狗”)"}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"信任的關鍵是身份"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"應對這種問題,站在現在的立場,我們很容易想到建立網絡實名制。然而實名制本質上是對數字身份的補充說明,其主要的目的是證明數字身份某些屬性的真實和有效,例如:年齡。所以,抽象來看,數字身份有兩個作用:一是區分,二是證明。區分指的是身份標識的唯一性,身份標識服務於國家人口管理制度,實行一人一號,在中國是公⺠身份證號碼,在美國就是社會保險號。證明則是有權威或者公信力的機構出具特定的證明文件,增加交往雙方的信任度以完成一定的社會行爲,比方說,出入小區時展示的健康碼便是一種證明的方式。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"數字身份依賴系統實現功能。在一個身份系統當中,一般包含了3類角色。用戶、身份提供者還有依賴方。舉個例子,當一個人攜帶介紹信前往招聘辦事處,他就是一個用戶。介紹信來自願意擔保用戶值得被聘任的人,推介者就是身份提供者。介紹信提交的對象就是依賴方,依賴方根據自身的判斷和他們對身份提供者的瞭解程度決定是否接受介紹信的請求。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/e8\/e8e1e4a2d6545464c5c781d2f3cc2f41.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"上圖便是我們對身份系統的一種簡化表述,這也是復刻了我們在現實中的生活體驗。可是一旦我們進入現實的健康碼場景當中,我們填報健康調查獲得健康碼,在出入商場時,健康碼基本是人眼掃過,並未進行機讀校驗。即便進行了機讀,依賴方也並非基於用戶提供的證明原件來做出自己的判斷。原因是在這類驗證流程中,頒發者和依賴方往往是同一個系統。如下圖所示:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/cf\/cfdcc5c69f8a22b00d52e9ce425a777f.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"頒發者和依賴方耦合勢必會產生一些問題,其中最顯著的就是出現諸多筒倉的身份系統。因爲在校驗的流程中,我們其實並非信任用戶出示的證明,而是相信承載證明的系統,"},{"type":"text","marks":[{"type":"strong"}],"text":"當信任無法透過證明的形式傳遞時,我們就得在每一處身份系統中構建出新的身份,然後讓信任不同身份系統的依賴方做出“校驗”的樣子"},{"type":"text","text":"。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"假如我們把信任看成有形的憑證,那麼數字世界裏的信任又會迴歸到現實中應該具有的形態。頒發者將信任憑證發送給用者,用者將憑證呈現給依賴方,依賴方檢查後確認憑證確實是頒發者所頒發並做最小信息披露的校驗,然後做出自己的判斷。可以看出,頒發憑證者和依賴方不必是同一個人。如下圖所示:"}]},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/bb\/bbb661173cd6d3bb37d3408025d61d21.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"而事實上,這種靈活度的轉變正是通過將“控制權”從中心化系統轉移到網絡邊緣(對等的個人)做到的。在進一步探討這種對等身份之前,我們需要了解一下數字身份演化的三種模式。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第一種模式是"},{"type":"text","marks":[{"type":"strong"}],"text":"集中式的身份模型"},{"type":"text","text":",在互聯網蓬勃發展的年代,每個網站都有自己獨立的一套身份註冊和登錄系統。用戶註冊了一個賬戶(用戶名),同時獲得了網站頒發的一份憑證(密碼)。"}]},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/6e\/6eaf507a4cabe979b7cd24929b3e12aa.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第二種模式是"},{"type":"text","marks":[{"type":"strong"}],"text":"聯邦身份模型"},{"type":"text","text":"。人們發現身份系統建立得越多,對於用戶越不友好。所以自2005年以來,企業合作開發了三代聯合身份協議:SAML,OAuth 和 OpenID Connect。如今,SSO(單點登錄)現在已成爲大多數公司內部網和外部網的標準功能。在消費者互聯網中,聯邦身份搖身一變成爲了用戶爲中心的身份。使用諸如 OpenID Connect 之類的協議,來自微信,支付寶, Facebook,Google,Twitter,LinkedIn, 等登錄按鈕現在已成爲許多面向消費者的網站的標準功能。"}]},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/5a\/5a282f04a719c446f5737aab6e5efddf.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"而第三種模式是"},{"type":"text","marks":[{"type":"strong"}],"text":"自主身份(self-soverign identity)模型"},{"type":"text","text":"。這種模型的理念是要將身份的控制權交還到用戶手中,所謂的控制權,實質上是現實中身份相關的證明或憑證所具備的便攜性和實用性。用戶可以攜帶、隱藏、披露、撤銷自己的證明,而依賴方始終能校驗證明的真實性和有效性,就像我們使用錢包裏的身份證一樣。"}]},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/f7\/f79d1da5650733ed6914dbd56f5a8816.png","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"小結"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"總得來說,數字世界裏的信任需要基於數字身份來建立。數字身份不只是用來當唯一標識以作區分,更重要的是用於證明。頒發證明和驗證證明是可以解耦的兩種操作,但是歸咎於互聯網日趨中心化的架構這兩者合二爲一,恰恰把最重要的用戶置於一邊,由此造成了諸多的身份筒倉。我們知道信任是可以傳遞的,這就像你的朋友將一位陌生人介紹給你,你因此對他產生了信任感。在數字世界裏,這也是可行的,而基於區塊鏈的自主身份正在解決這個問題。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"本文轉載自:ThoughtWorks洞見(ID:TW-Insights)"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"原文鏈接:"},{"type":"link","attrs":{"href":"https:\/\/mp.weixin.qq.com\/s\/Un54qN4H4HUUJ7u_xKnF9g","title":"xxx","type":null},"content":[{"type":"text","text":"數字世界裏的信任鑰匙:數字身份"}]}]}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章