Martin Geddes, chief analyst for STL Partners, has called on carriers to aggressively explore OpenID, noting that while telcos could build their own log-in and authentication technologies, OpenID automates this crucial capability while at the same time enabling the ability — via extensible user attributes — to offer revenue-generating value-added services.

“As a provider of OpenID services, [carriers] are in a position to broker introductions and promote revenue-generating capabilities of [their] telco platform,” Geddes said. “Like the concierge of a hotel, you're in a powerful position to broker all kinds of business relationships and interactions. You've established yourself as the hub of a digital ecosystem.”

On the technology side, most carriers — both internally and via integration with the consumer Web and enterprises — will be required to support multiple identity protocols, including vendor-specific protocols; standards like security assertion markup language (SAML); and industry efforts such as the Liberty Alliance, said Anthony Nadalin, chief security architect for IBM Tivoli software.

To that end, the ITU Telecommunication Standardization Sector has created a study group that has been investigating identity management, particularly architectures that would support multiple identity protocols, including Web-driven efforts such as OpenID, Nadalin said. Separately, Nadalin pointed to the Eclipse Foundation's Higgins Project, which aims to create an underlying data model that defines how data gets fed into identity protocols. That also will help to enable the multiprotocol identity environments that telcos are likely to face, he said.

“The thing that is a little unique with the telcos is that they also have to cross ‘stack’ boundaries,” he said. “For instance, if they identify a cell phone and then the user of that cell phone, they have to start to tie the network and the application layers together. That implies a little bit different view of things.”
Regardless of carrier uptake, Web-driven identity approaches such as OpenID and concepts like the ability to more easily share content and friend networks between sites and applications are on their way. Whether, and how, service providers will participate in the Web identity equation is still an open question, for now.

APML, or attention profiling markup language, allows people to share their interests and Web site activities with other sites and individuals.
OAuth is a protocol to allow secure API authentication from desktop and Web apps, in many ways a sister protocol to OpenID.

XMPP, or extensible messaging and presence protocol, is a protocol for exchanging instant messaging info such as buddy lists and presence information? Microformats are simple bits of HTML that help users represent and exchange data. Some key microformat implementations include hCard, for sharing contact information, and XFN, or XHTML Friends Network, and FOAF, Friend of a Friend, for sharing friend/relationship data
Application container APIs from Bebo, Facebook, MySpace and other vendors allow third-parties to embed apps and widgets into social networking sites. For its part, Google has forwarded its Social Graph API and OpenSocial project for embedding apps into its sites and also as a potential industry standard.