In the world of information governance and a fair go for the individual in dealings with business and government, how has it felt this month?  

Weatherwise, for the folk in northern temperate climates, May is the time that the summer clothing begins to break out, people begin to smile and in England, the challenge of scoring 1000 runs in May is in the air.  Here in the southern temperate climes that I mostly inhabit we are moving solidly into winter.

In the world of information governance and a fair go for the individual in dealings with business and government, how has it felt this month?  Does it feel like we are North of the Equator or South?

It seems to have been a mixed bag.

The month was heralded by the Managing Identity in New Zealand conference which you can now see in full on video and included the eGov forum in Sydney.

But there was also chilly weather ...

We're putting ourselves in harm's way, according to the latest research from Symantec.

Sure, social networking is fun, catching up with old school friends, flashing through their photos, seeing how their lives have developed, it's a really neat way to keep in contact with people. But it's also a great way to provide fraudsters with a wealth of information that can then be used to access your existing bank accounts, or even create new ones.

The Symantec Internet Security Threat Report reviews known vulnerabilities, analyses network-based attacks, and tracks the occurrence of malicious code based on intelligence data gathered from two million decoy email accounts in 30 different countries, as well as 40,000 sensors spread over 180 countries. To create the report Symantec also draws malicious code reports from over 120 million client, server, and gateway systems that have deployed its antivirus product.

And our latest findings were concerning for Internet users placing personal information on trusted websites such as on social networking sites.

The idea of biometric authentication plays straight into the view that each user has one "true" identity underpinning multiple authorisations.  

 I recently noted in the thread on identities and keys that: [We need] identity frameworks (like the Microsoft developed Identity Metasystem aka Cardspace) that permit as many "identities" as there are contexts in which we assert ourselves.

We are in the midst (I hope!) of a shift to a new paradigm based on a plurality of identities. And I think I'm using the over-wrought "p word" here in its proper context. The current "singular identity" paradigm has had a deep and unhelpful influence over the way we think about all sorts of things, including smartcards, PKI, biometrics, the semantic debate over "authentication" versus "authorisation", and therefore the underlying architecture of many approaches to federation.