Thursday, August 10, 2006

User Centricy Identity is here to stay

In User Centric is here to stay, Kim Cameron writes:

I agree with Dick on this one, and don't really understand why Brett is wants fold user-centricity and federation into a single axis. They are orthogonal.

Federation technologies aim at helping internet portals, their suppliers, and their enterprise customers (businesses or government) to digitally identity the subjects of their business transactions. This might or might not involve "users" in the conventional sense.

User-centric technology aims at helping individual people organize their relationships with many different and unrelated portals and internet sites - contact relationship management for individuals, as Doc Searls once said.

I think the issue causing the disagreements here is the interpretation of the term "federation" when discussed in an identity context.

Certainly federation can mean groups of businesses working together and this is the traditional meaning of the term in the business community. This meaning would fit with Kim's statement above.

However, in an identity context (as in "identity federation" -- the stuff the Liberty Alliance has been working on since its founding) the term federation was used to describe the sharing of identity information from party A to party B. Party A is usually some party representing the user (acting on the user's behalf) such as an Identity Provider or an Attribute Provider. There is nothing that says whether Party A is an entity operated by the user or by some 3rd party.

In fact, in the Cardspace solution, the process of sending data through an Infocard instance to a relying party would be considered taking place under identity federation, whether the infocard instance was rooted in a local data source or a remote data source.

Ultimately, I would say that federation can be used in both user centric and non-user centric solutions. Federation is a technology/protocol and user centric is an implementation philosophy. When designing a user centric solution, you almost always have to include some form of identity federation, but give the user great control over its use. The converse is not required to be true (although I wouldn't object to it if it was true in any environments in which I played).

Tags : / / / /

2 comments:

Anonymous said...

in principle i agree.
federation is the infrastructure.
user centric is a design goal.

as kim says, they are orthogonal, but i'd wager the user centric design you i and the rest of us care about is one built upon a very developed foundation of federation.

whomever coopted federation for the b2b case should be identified and hung.

Anonymous said...

i was going to try to tell kim this directly, but even emailing him this requires a $20 membership to some identity provider i dont know or give a rat about: how might a linux user contribute to this discussion and address kim's post directly? what identity will you accept, and how can I fetch one?