In the physical world this is fairly clear: your sense of self is multi-faceted and highly complex but the entity of “you” is well defined.  You can prove your identity simply, typically by showing your ID card or by having someone vouch for you. You are a being layered with attributes.  Other people may request some of these attributes: your first name at Starbucks or your shoe size at the bowling alley. But only your most trusted contacts are granted access to your entire set of attributes… or maybe you never expose your identity entirely!

Online, your identity is a very different beast. It is fragmented. Each piece of your identity is typically verified by its own username and password. Occasionally pieces are forgotten or lost to the depths of the Internet. The hundreds of accounts that identify “you” present a security problem. Can you keep track of these accounts and is it even realistic to use unique, non-trivial passwords for each of them? Often the answer is no and multiple pieces of your identity can be chipped away by malicious actors (see this link for a detailed discussion).

What if you could have just one cyber identity? You may have noticed that the option to create new accounts online based on an existing Facebook or Google account is becoming commonplace. Attributes from each of the services with which you authenticate yourself are being added to your social digital presence. The Internet is creating an increasingly complete picture of “you”. Online, your identity is a very different beast. It is fragmented. Each piece of your identity is typically verified by its own username and password. Occasionally pieces are forgotten or lost to the depths of the Internet. The hundreds of accounts that identify “you” present a security problem. Can you keep track of these accounts and is it even realistic to use unique, non-trivial passwords for each of them? Often the answer is no and multiple pieces of your identity can be chipped away by malicious actors (see this link for a detailed discussion).

When you next authenticate yourself via CERN Single-Sign-On, scroll to the bottom of the page where you will find the option to sign in via a trusted, alternative organisation, e.g. your home university. CERN has established a trusted relationship with these institutions, allowing them to vouch for you and to assert your identity on your behalf. By allowing logins from reliable organisations, we are limiting the creation of unnecessary accounts and trivial passwords. By using this form of login, known as Federated Login, you are limiting the fragmentation of your identity profile. Whether you choose to separate your social and your research profiles remains up to you.

This idea is called Federated Identity Management. You are already able to access resources worldwide using your CERN account; why not test it and use Foodle to schedule your next meeting or create a survey? CERN has proven itself to be a trusted partner and so this service, based in Norway, allows us to use their app.