Posted 4 days, 11 hours ago at 11:00 pm. 0 comments
Build worlds, tell stories … that’s what I love about cinema and that is what Tim Burton delivers in his vision of Alice in Wonderland. This is a visual feast with director Tim Burton painting with light and colour and imagination tumbling from the screen through the rich art design and numerous small touches of detail. It works as both a genuine source of wonder and as an intriguing critical text rattling along at a rollicking pace full of incident and adventure whilst leaving me thinking about it long after I’d left the cinema.
This is also one of the first 3D films I’ve seen (and I haven’t seen the all conquering Avatar) that begins to use the depth provided by 3D to pull you into the screen not just extend outwards and uses the extra dimension to add to the narrative rather than merely decorate it. Perspective is put to powerful use to convey the sense of expectation that Alice feels crushing her at decisive moments. For this is a story of a girl coming to terms with the pain of grief and growing up within a society that doesn’t suit her.
The world can be complex, difficult and emotional something we explore through fairytales and deconstruct through allegory (except when we are criticising it directly: “Do you know what I fear most”/”The decline of the aristocracy?”). The turbulent world of childish emotions come together better in the surreal juxtapositions of Wonderland than the social critique does as one weakness of the film is this it is a rather simplistic and cartoonish treatment of Victorian society. It is hard to contrast fact and fantasy in the same way as Pan’s Labyrinth does for example, which uses it’s alternative world to throw reality into ever darker relief. This gives the latter film a far more darker and tragic edge, whereas here you get the impression all that is glossed over in favour of the fun stuff as Wonderland spills so far into Alice’s reality it is hard to tell the difference.
For me more Labyrinth and less Narnia would have given the film a bit more edge without spoiling the fun and it works best when it does so. So this is another slight criticism as Burton’s originality gets a bit threadbare in the middle section as he draws upon The Chronicles of Narnia, The Lord of the Rings and The Wizard of Oz to line up his plot pieces and you begin to start mapping Wonderland to these other imaginary worlds rather than be immersed in it. In one scene the White Queen throws ingredients into her potion pot, (some buttered fingers, two spoonfuls of wishful thinking) and you get the same impression the film is being put together in the same way for a while.
On the acting side this is a richly talented cast but many of the characters seem less filled in, sketched to provide colour and nudge the plot along, or act as canvases on which to project these themes and Mia Wasikowska does a good job to not let the eponymous lead become a total cipher. The exceptions are Burton’s close collaborators Johnny Depp who plays the Mad Hatter and Helena Bonham Carter who plays the Red Queen. The depth of their working relationship with Burton is clear as both have a great time with their characters pulling them in all sorts of directions from the outrageously funny to the touchingly poignant.
I never thought I’d criticise a film for being too feminist but Alice’s proto-independepence at the end is too complete to be swallowed. More successful is the narrower gaze Wonderland throws over just how awful a family can seem to a teenage girl by being ‘made to be’ by others whilst wrestling with her own raging feelings. The two sisters, the Red Queen and the White Queen both come across responses to this. Both are petulant children and the former chooses “fear over love” rather than face her insecurities about her ‘grotesque’ appearance, whilst the latter elects to abdicate all responsibility in the hope that the trippy vacuity of drugs and longing for a champion will abdicate her from responsibility. Neither is perfect and when they clash the film sides with one, but you can’t help feeling that the strong willed Alice who rejects the social determinism of her class is much more like the other.
All of these thoughts and themes swim in and out of focus giving this film a long and provocative aftertaste but mostly, whilst I was watching, I just thought how fantastic and entertaining it all was. This Alison was definitely filled with wonder.
Posted 3 months, 2 weeks ago at 1:06 pm. 0 comments
Nate Klingenstein from Internet2 is going to bring us to a close with a ‘cynical’ keynote.
Today…
Concept has been proven
Many successful federations covering a variety of sectors and applications
Note the rise of consumer federated identity e.g. Google, Facebook
Scaling internationally and across sectors is a big challenge.
Getting the Discovery, Trust and User Experience problems right is only going to get harder as these federations scale.
Ongoing protocol wars – these will end … someday but not anytime soon… Goal of the Shibboleth project has been to insulate users from these protocols.
Levels of Assurance and Attribute support are another long running problem. Need to reconcile tension between enterprise and consumer identities.
The anecdote of the Cardiff Giant .. fakes can be popular and travel faster than the truth. Fake identities and identity theft is a growing problem.
The Consumer Factor
Why have consumer organisations jumped into federated identity … because it is lucrative. Double click and personalised advertising is still most of Google’s income. Second generation is email companies like Gmail and hotmail and now Facebbok and Twitter are becoming the largest repositories of personal information and have been very successful at monetising this. They have also done a great job of raising user expectations that everything should be free and easy and powered by ads.
Universities and Identities
Universities house both applications and identities and are the natural home for much user data. We may outsource the systems that run these but we are not going to outsource the business capability – it is too core. We also host a number of applications but increasingly not all of them will be locally hosted.
The Important Players in Academic Identity
- Government
- Faculty
- Applications
- Users
“These groups will collectively shape identity in learning over the next 10 years”.
Nate is now unpicking the different perspectives and goals these groups might have.
Governments want strong data protection, assertion and protection of digital identity.
Faculty want good learning resources by the easiest possible route, but they also want undivided attention – do they want social networking in the classroom? Tension between both stronger IPR and freely circulated intellectual property. Functional IPR is essential to the cretaion of knowledge – probably not in current form though. The incentives for creating knowledge are less than previously.
Commercial applications want a user base to make money from, licensing fees and advertising is a nice plus. Other applications aren’t really sure what they want but would be happy to be helped with the username/password problem. They talk vaguely about security and usability. However Identity Services are critical – indeed, foundational – for “cloud computing”. Whatever the cloud is one thing your organisation needs to do is have good identity management and federating of that identity.
Users want CONSISTENCY. There is agreement that users want consistency, but huge disagreement as to what that consistency should be. There more screaming there is hopefully the faster this will get resolved. Users get confused. They like buttons. They do get the concept of work and personal personas and are able to switch between them – they may not want these to be converged. Privacy and security are very important to users – particularly in countries where privacy laws are weaker.
Consumer Identity Today… Facebook Connect or Facebook/Twitter. Facebook Connect is the most successful consumer identity and is built on a proprietary protocol via a single identity provider. Their inducements for applications are sweet. The key component of both is the news stream. Type pad have been collecting stats on the consumer identities used to login to their service – and they offer a lot! 73% are still using their legacy Typepad ID. However in the last month over 62% of new signups have used one of the consumer federated identities on offer. MAny consumer applications seem to be promoting three 1. Their own profile 2. Facebook Connect 3. Twitter with other offerings shoved under more…
Convergence between Academic Identity and Consumer Identity?
Google Apps is an example of this. Every Google Apps domain is an OpenID provider. Shibboleth access into Google Apps. Users are being ‘trained’ in their consumer habits … to click on Facebook. Others will be pushing for their buttons to be more prominent. We don’t have a BUTTON we can put on this landscape (seems like this comes back to Rhy Smith’s work on the Publisher Interface Study and the need for an academic identity ‘brand’).
Assurance is gravitating to the lowest common denominator. Non-bouncing email address is the lowest consumer identity provider level of trust. We need to have modernisation of these systems and their Level of Assurances (LoA). We aren’t sure what peer validation of identity like in Facebook provides in terms of assurance.
Consumer world is rapidly realising that attributes are the key. We are going to have to solve the attribute aggregation problem.
There are multiple convergence options
- separate identities, applications, personas
- side by side with extended discovery
- attribute plumbing from campus to consumer providers (Google keen here)
- outsource entirely
Nate is whizzing through this now as he runs out of time. There is a lot of big ideas and jey concerns in here so this presentation is definitely worth revisiting and reflecting on.
How to prepare for the future?
- Be protocol agnostic.
- Expectations and functionality are driven by commercial and consumer identities.
- Users and Governments are unlikely to influence change
- Faculty will use best tools available
- Applications like money
If we want something more benign we have to consider the motivations of these key players and push them towards an outcome we think will be better. Nate is not sure what this better outcome is yet but does say that whatever happens DISCOVERY is the key control point. We need some sort of eduID although opinion divided here, but we must proactively consider partnerships with other identity sources.
Our current course is excellent. Our infrastrucutre will be key to most possible convergence routes and will be useful. Hence why this is a paranoid/cycnical presentation but not a downbeat one.
Phew interesting/exciting stuff but that was rapid and brain is definitely full now. Need a lie down/sleep on the train.
So question how does all this relate to Microsoft’s Forefront/Generva. Basically not sure lies behind the huge Forefront Marketing wall that Microsoft have built up. Internet2 is doing some interoperability testing with Microsoft’s stack. Microsoft wants to get into doing this attribute plumbing.
This was a really interesting event with some good keynotes and mix of parallel sessions, opportunities for discussion and a lot of fun. Thanks JISC … now to go back and wonder what to think and do about it all.
Posted 3 months, 2 weeks ago at 12:07 pm. 0 comments
Looking at Privacy and Consent Management in the second parallel session. From an SPs perspective first Fiona Culloch from Edina.
“A Catastrophic Success at keeping personal information private”
Most IDPs only give a small set of very opaque attributes to SPs. The vision for federation was as a route for passing all sorts of attributes between different providers. Technically this is possible. In policy terms personal data has stayed on the old road. The IDPs never get asked; the SPs think it’s too hard so nothing happens!!
From a federation approach technical architects and legal tend to thing that too much will be given/demanded. There are few if any IDP/SP voices in the conversation. It’s hard to engage with them all – there are too many entities so the traditional answer is to go via representative forums.
SP forums could broker requirements. SPs know what attributes they want to know. These are vertifical forums so divorce applications from infrastructure and could cross national boundaries.
IDP forums could determine feasibility and implement. This had to be invented for Eduserv, who is kind of a meta-IDP. It would be useful to broaden that out.
Joint forums would allow bottom up progress and experiment, agree, pilot, deploy, scale rather than just sit around theorising (although as pointed out the downside of this is it mean work!!)
How to release data whilst staying DPA compliant?
Technical fix is user consent at run time.
- Adds complexity to user interface
- IDP must still create defauly Attribute Release Policy (ARP) and face quasi-legal questions
- SPs must handle revocation
DPA does allow release of data if necessary for the purpose it was collected for. Consent is not the only possible way or even the best way. If you are going to do this it’s a good idea to have a Data Processor Agreement between the
IDP and SP. Most IDPs and SPs have a legal relationship in any case – via licenses, so add some
DPA clauses to it. You have agreement and the
IDP is covered against misbehaviour by the SP.
Is there an opportunity to put
DPA terms into the
JISC model license??
Can
JISC Collections define recommended ARPs for each SP or banding of SPs? Only realistic if the
IDP forum existed.
In Computing Regulations we could add
DPA “Purposes” to serve as user notification of fair processing. In practice vague is good. [What about exceptions and exemptions though. How would we record if a user didn’t want to agree to any or all of the
DPA purposes in the regulations. This is the click through consent management problem magnified to the institutional level. If we are concerned about run time consent click through then should we not be concerned about policy click through?]
Seems there are a lot of IDPs in the room interested in participating in such a forum.
Now Robin Wilton Director of Future Identity Ltd and Director of Privacy and Public Policy at Liberty Alliance is going to provide further thoughts on privacy and consent.
Who is Evan Ratliff?? No googling….
Liberty Alliance conceptual model of identity and privacy – the ‘onion model’ (this makes me think of my housemate and Shrek – layers donkey!!)
- Basic Identitifer Set (BIS) at the core provides proof of uniqueness
- Next layer is other Personally Identifying Information (PII) e.g. Address
- The next ring is attributes. Example is blood type – a person only has one but it by no means uniquely identifies them.
Credentials encapsulate data from multiple layers. Credentials are not privacy neutral as they tend to reveal more than just the attribute required for a claim and they tend to make transactions ‘linkable’.
Privacy enhancing systems should (must) be better at attribute level disclosure or better still yes/no answers to attribute related questions – “the
Psychic ID“
“Privacy is about disclosure not secrecy”. A ‘segment’ of the onion may correspond to a particular segment or contextual use. Privacy concerns arise when attributes appear out of context. Privacy may be described as about contextual integrity.
- Privacy is not a state but a relationship
- These relationships are contractual
- It is highly asymmetric and involves conflicting interests and motivations
- It is highly contextual – and context changes.
- We have social relationships and networked relationships but these are not the same.
What are the implications for consent?
If we aren’t talking about the same things what are we talking about? We are only gradually developing a shared vocabulary for digital identity, trust and online privacy.
EnCoRe Project (LSE and HP) is looking at Ensuring Consent and Revocation.
- When we give consent do we understand what we are consenting to?
- What means to we have for enforcing consent?
- What means to we have for withdrawing it?
- How can we make our conditions of disclosure stick to to those attributes, particularly beyond first disclosure.
Evan Ratliff …
decided to see how long he could drop of the grid for … 27 days. He was hunted by online groups then subsequently protected by online groups. Interesting experiment from Wired.
