In a post this past Sunday Om Malik suggested that user's want aggregation not federation. While I totally agree that user's want aggregation (e.g. having all their relevant information in one place) I don't believe aggregation is in conflict with federation. Rather the two concepts are orthogonal.
I associate aggregation with API access to my data distributed across the web. The exception is closed networks like Facebook that provide all the services within a walled garden environment. So for aggregation to work in the "open web", it must be able to access my data whereever I've chosen to place it. This requires explicit user consent (ala OAuth) for the aggregator to access my personal data at different services.
Now in order for me to grant consent, and for the aggregator to be able to access my personal information, I need to authenticate to the service provider of my data. This authentication step is simplified by using federation (e.g. an OpenID valid at all my different service providers).
So federation really enables a safer, more secure, aggregation capability for users.
Showing posts with label Federation. Show all posts
Showing posts with label Federation. Show all posts
Wednesday, December 03, 2008
Thursday, December 20, 2007
From the "Feeling rather behind..." department
A few weeks ago Johannes Ernst's posted a blog entry, in which he describes a number of tiers regarding different classes of identity relationships between a business and it's partners/customers. I like the taxonomy and agree that its a good framework for communicating both identity issues and technology relevance.
I just wanted to add that Ping! Identity's proposed “dynamic federation” would perfectly suit Tier 2. It provides good secure SAML based federation while being easy to deploy. Of course, some of those 100's of affiliates might not support SAML as their identity solution so other easy to deploy mechanisms will need to exist as well.
This multiple protocol, deployment environment is the main goal of the Concordia project. The definition of these environments as use cases and then the proposed solutions will significantly help businesses integrate their affiliates in a quick and seamless manner.
Finally, I would expect that a business would want to use a single standard technology for Tier 0 and 1 as “federating” internally is a real pain.
I just wanted to add that Ping! Identity's proposed “dynamic federation” would perfectly suit Tier 2. It provides good secure SAML based federation while being easy to deploy. Of course, some of those 100's of affiliates might not support SAML as their identity solution so other easy to deploy mechanisms will need to exist as well.
This multiple protocol, deployment environment is the main goal of the Concordia project. The definition of these environments as use cases and then the proposed solutions will significantly help businesses integrate their affiliates in a quick and seamless manner.
Finally, I would expect that a business would want to use a single standard technology for Tier 0 and 1 as “federating” internally is a real pain.
Wednesday, June 27, 2007
Concordia workshop @ Burton Catalyst
Yesterday I gave a presentation at the Concordia workshop (a pre-conference event to the Burton Catalyst conference) on issues consumers face when dealing with the user experience exposed to them by different identity meta-systems. Good summaries of the workshop can be found here and here.
A number of points stood out to me as I listened to the different presentations.
Overall, it was a very productive workshop. Expect more information to appear on the Concordia wiki shortly.
A number of points stood out to me as I listened to the different presentations.
- Even enterprise deployments have issues with the user experience. Enterprise users want a easy/seamless experience as much as consumers.
- Companies have figured out to get COTS products based on different protocols to work together, albeit in a rather complex deployment architecture.
- Scaleability of federation is a real issue. Scaleability issues exist in deployment configurations, administration as well as technically.
- Solving how to federate between federations is an important task that needs clear best practices.
Overall, it was a very productive workshop. Expect more information to appear on the Concordia wiki shortly.
Subscribe to:
Posts (Atom)