In defence of silos!

Stephen Wilson's Babysteps

Ideas to demystify identity, privacy, authentication and safety online.

Many federated identity models involve a central authentication broker, intended to break down “silos” that hold individuals’ assertions.  In practice these sorts of schemes have proven much harder to launch than expected.  Orthodox explanations for this can blame organisations for being too precious about their customers, or for treating security as a competitive differentiator.  But my analysis suggests that the total cost of a large number of traditional simple contracts turns out to be likely less than that of a smaller number of much more complex ones. 

So we should not be surprised that authentication brokers have been difficult to establish, as explained in the attached new paper.

I’d welcome any comments, especially in light of what might be a trend towards centralisation in IdM, as identified in my last blog.

Cheers,

Stephen Wilson,

Lockstep.

AttachmentSize
Lockstep BS13 Identity silos (0.3).pdf47.91 KB
XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I