identity management

About this site

The following is a list of pages on this site that are tagged with identity management.

Stephen Wilson's Babysteps

The challenge for Kantara -- It's not for nothing we call 'em "silos"!

Blog entry: Submitted by Stephen.Wilson on Wed, 07/08/2009 - 04:09. Last updated on Mon, 07/13/2009 - 05:05.

I hope Kantara will be different but I have yet to see an "identity interoperabiity" initiative that properly articulates the real problem it's trying to solve. Sometimes the question is more important than the answer. So we need to start with a precise framing of what it means to have "interoperability" of identities.

In defence of silos!

Blog entry: Submitted by Stephen.Wilson on Sun, 03/01/2009 - 04:35. Last updated on Sun, 03/01/2009 - 22:38.

Many federated identity models involve a central authentication broker, intended to break down “silos” that hold individuals’ assertions. In practice these sorts of schemes have proven much harder to launch than expected. Orthodox explanations for this can blame organisations for being too precious about their customers, or for treating security as a competitive differentiator. But my analysis suggests that the total cost of a large number of traditional simple contracts turns out to be likely less than that of a smaller number of much more complex ones.

Is federated identity moving away from decentralisation?

Blog entry: Submitted by Stephen.Wilson on Sun, 03/01/2009 - 04:25.

I wonder if the Liberty Alliance has moved away from decentralisation as a central tenet of their work, and thereby possibly watered down its approach to privacy?

Other Trust Mechanisms

Book page: Submitted by Stephen.Wilson on Thu, 11/08/2007 - 17:41. Last updated on Thu, 11/08/2007 - 17:50.

Historically the leading "IDtrust" technlogies and frameworks have been mainly based on Public Key Technologies (PKTs) and have been expressed as PKI. There are however other fundamental mechanisms for delivering authentication.