If anyone had any doubt about the practical ability of cloud computing to scale, the latest numbers from Netflix must surely convince them. Ten years ago, we’d have called API requests, SOAP Web Services. Twenty years ago, we’d have them called client-server interactions. Today, they run over the Internet, not within an enterprise, and are for nothing more significant than to watch reruns of Glee or last summer’s blockbusters. Netflix famously hosts their system on a public cloud service, Amazon Web Services. This is truly a new era in computing.

  • Holy moly: Netflix clocks 42B API requests per month
    “Netflix clocked close to 42 billion API requests in January, according to the company’s director of engineering Daniel Jacobson, who revealed the number as part of a presentation he recently gave to the Paypal engineering team. In his slides, Jacobson pointed out that the number of API requests has grown 70-fold in just two years, from 600 million in January of 2010 to 41.7 billion in January of 2012.”

In addition, ProgrammableWeb founder John Musser gave an overview of API growth at the annual Glue Conference this week.

There were several other items of interest to the identity community:


  • KuppingerCole: Life Management Platforms: Control and Privacy for Personal Data
    “Life Management Platforms will change the way individuals deal with sensitive information like their health data, insurance data, and many other types of information – information that today frequently is paper-based or, when it comes to personal opinions, only in the mind of the individuals. They will enable new approaches for privacy- and security-aware sharing of that information, without the risk of losing control of that information. A key concept is “informed pull” which allows consuming information from other parties, neither violating the interest of the individual for protecting his information nor the interest of the related party/parties.”
  • Loren Russon: Workshop lineup outlines deep look at ID trends
    “One of the special features of the Cloud Identity Summit is our two-day opening schedule of in-depth workshops that cover various topics both related to Ping products and industry standards at large.”
  • Phil Windley: Rich Sharing and Personal Channels
    “Like personal computers, personal clouds are only interesting when they are connected. Personal channels link personal clouds. The collection of channels connecting myriad personal clouds form a relationship network. On an open standard relationship network, the attributes, permissions, and capabilities of a relationship are standardized and extensible. “
  • Today’s WEF report on personal data
    “The World Economic Forum (WEF) has published its latest iteration on personal data; a report by BCG called Rethinking Personal Data: Strengthening Trust. WEF activity in this area helps the whole agenda. Even if you don’t understand what WEF does or to whom it sees itself as accountable, its work is not easily dismissed. The BGC report’s problem analysis represents progress on last year’s report by Bain. It focuses on the deficit of trust, sets out why digital data differs from other assets, acknowledges the risk downside of proliferating big data and analyses the draft new EU data protection rules.”
  • Craig Burton: IIW and VRM Report
    “At the first of the month, I attended IIW 14 in Mountain View. I also attended the VRM workshop on the 30th. The VRM workshop was hosted by Ericsson. The IIW was held at the Computer History Museum.”
  • Johannes Ernst: Personal Cloud Meeting at IIW
    “We had an excellent brainstorming meeting on Personal Clouds at IIW yesterday. About 20 people showed up to discuss their views on Personal Clouds: what they are and aren’t, what they need to do, will do in the future, and what they can’t and shouldn’t do. I was really surprised by how much agreement there was, and how much we were on the same page even about some rather advanced details. Personal Clouds are coming, watch my words.”
  • Kantara Initiative: my Social Security – Citizen access to US Gov Services
    “Last week, I attended the Experian Vision Conference. This conference is produced by Experian with attendance from their customers, partners and relying party services. It was a unique opportunity to speak to representatives who are stakeholders in trusted identity services communities – but not necessarily the same stakeholders that often attend identity management specific events. Attendees were from sectors including but not limited to: risk, fraud, financial, credit, payments, and entertainment. Kantara was invited to contribute to a panel discussing Identity proofing using National Institute of Standards Technology (NIST) level 3 — strong authentication for the public and private sectors.”
  • Anil John: Level of Confidence of What, When, Where and Who?
    “Last week's blog post by Dr. Peter Alterman on "Why LOA for Attributes Don’t Really Exist" has generated a good bit of conversation on this topic within FICAM working groups, in the Twitter-verse (@Steve_Lockstep, @independentid, @TimW2JIG, @dak3...) and in may other places. I also wanted to call out the recent release of the Kantara Initiative's "Attribute Management Discussion Group - Final Report and Recommendations" (via @IDMachines) as being relevant to this conversation as well. One challenge with this type of discussion is to make sure that at a specific point in the conversation, we are all discussing the same topic from the same perspective.”
  • Phil Windley: Standard Information Sharing Labels
    “ The idea is that you ought to be able to mark up data you share to let people know how it can be used. Think Creative Commons for personal data. Recently, a number of people, including myself, Drummond Reed, and Marc Davis, discussed a similar idea at a WEF Tiger day. Joe Andrieu has a proposal that is slightly less ambitious and serves as the launching pad for more complete solutions. “
    Doc Searls: A way to see what you get
  • Ian Glazer: Put 100 Relying Parties in a Room and What Do You Get?
    “It’s an open secret among us identity geeks that, despite all of federated identity’s progress, one thing has lagged significantly: relying party participation1. Getting relying parties to the table, to talk about challenges they have with identity on the Internet, has always been a hard problem. Although the identity community has grown, the number of relying parties getting involved with things like the Internet Identity Workshop hasn’t kept pace. Willingly or not, NIST’s National Strategy for Trusted Identities in Cyberspace (NSTIC) has taken up the challenge of increasing relying party participation.”




  • John Fontana: Anatomy of hack on Google leads Plaxo to up API security
    “A malicious attack aimed at Google but routed through Plaxo highlights the growing importance of API security using the forthcoming OAuth 2.0 protocol, which protects the user’s credential information.”
  • Craig Burton: Is API Growth in a Stall?
    “Last year when we published the API Economy document, we showed the growth rate of APIs over time. Examining the numbers from the same source — the ProgrammableWeb — in 2012 it appears as if the hockey stick growth of over 100% each year is starting to slow down. What is really happening?”

Valuable Identity


* Required Fields