Robin Wilton's esoterica

       
 
« Of deities and fire-... | Main | A clutch of movie... »

25 Oct · Tue 2005

The need for open, interoperable identity infrastructures


Some interesting blogging here from James McGovern, on 'what the Identity Conversation ought to involve'. Having spent over three and a half years trying to explain the interface between identity technology and identity requirements, I have to agree with a lot of what James says. The 'consumer' perspective on identity is one approach to the topic, but by no means exclusive or exhaustive. For better or worse, it's the perspective most often used to try and explain the concepts of identity, identity management and identity federation, partly because the consumer model of online transacting is one of which we all have first-hand experience. But to draw the analogy I often use... people tended to talk about e-commerce in terms of the retail consumer model (and for exactly the same reason); however, if you probe a little deeper, vendors and implementers alike will confirm that it's the B2B market which represents the greater volume and durability of traffic. In terms of identity management, catering to the requirements of the 'consumer' is always key, whether that consumer is acting in the role of citizen, retail customer, employee, tax-payer or whatever. But James' blog entry correctly notes the importance of attending to the corporate (or service-provider) side of the relationship too. And that's the point I want to bring out: assertions of identity always involve at least a two-party relationship, and usually a three-party one. Either you, as a service-requester, are returning to whoever issued you with a particular set of credentials (OK, let's resort to the consumer model again... you're a banking customer, presenting yourself at an ATM and authenticating yourself with a PIN issued by your bank), or you are using the credentials issued to you by one party to authenticate yourself to another: for instance, you present your passport to the immigration official of another country. What these transactions represent are multi-party relationships, over which assertions are made with varying degrees of trust. Those relationships are not technical ones, they are 'real world' relationships which often transcend the boundaries of any given technology implementation. That's why James is right to say that the identity architectures we implement need to be able to interoperate with other implementations; hence the Liberty focus on both openness and interoperability.
Posted by racingsnake @ 04:20 PM GMT+00:00 [ Comments [1] ]
 
 
 
 
Comments:

[Trackback] James McGovern , Enterprise Architect for Hartford Financial Services , recently blogged on about Identity and the Correct Way to Think About It . Robin Wilton was quick enough to make a reference post to it immediately. James makes a very go...

Posted by a twisted world on October 26, 2005 at 09:55 PM GMT+00:00 #

Post a Comment:
Comments are closed for this entry.
 
« December 2009
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
   
       
Today

unsubscribe from human rights abuse in the war on terror
Locations of visitors to this page
Such views as I express in this blog are based on my own opinions, experience and judgements. They do not necessarily represent the policy or views of my employer. It is not my intention to offend readers in any way. If you find anything on this blog offensive, please contact me in the first instance.
Robin Wilton
www.flickr.com

Links to recent entries

[RSS Newsfeed]

Valid XHTML or CSS?

[This is a Roller site]
Theme by Rowell Sotto.
What's this?
 
© racingsnake