Emergent Effects in Identity Federation - a useful analogy

2 minute read

Very interesting entry at POSIWID (POSIWID = ‘the purpose of the system is what it does’) today about the effects of systems such as the panopticon and the Liberty Alliance Project. I think it’s a little premature to look for the effects of identity federation on users’ behaviour, but a very useful analogy for identity federation occurred to me this morning. I mentioned it in the last entry, but I think it’s worth expanding on it here…
Online bill pay is widespread now. You can log in to your bank’s website, set up bill payees and then setup one-time or recurring payments. This is very like identity federation:

Bank Identity Provider
Online banking credentials IdP credentials
Utility (e.g. cellphone co) Service Provider
Utility account details Name identifier - links SP account to IdP account
Bill payment Single sign-on

Now, all of your payee account details are typically visible in the online banking system. If your bank account login is compromised, then the attacker gets all your account numbers and can go and do bad things like cancel your phone service, assuming he has any additional credentials required (typically SSN). However, if an attacker (e.g. an insider at the phone company) learns one of your utility account credentials, the remainder are safe, as is your bank account. You trust your bank with all the account numbers - after all, they have all your money, anyway :-) - and get the convenience of online bill pay.
This is precisely analagous to identity federation as implemented in Liberty and SAML 2.0. You (the principal) have an account at the Identity Provider (IdP), and associated accounts at some set of Service Providers (SPs). The IdP has a name identifier to each SP account - each of which is unique for a given principal, in the same way as your cellphone account number is different from your electricity account number. If you trust the IdP, then the convenience of single sign-on (SSO) makes it worthwhile to link IdP and SP accounts. In fact, in a way, identity federation is ‘safer’, since the name identifier has no meaning outside SSO. You can’t use it to try to manually login to the SP, for example.
Now, returning to the question of effects. What has been the effect of online bill pay? Well, I believe (and I have nothing to back this up, so don’t ask!) that it is a classic technology adoption curve. You have your early adopters, who are quick to jump on any new technology in order to realise the benefits asap. Then you have the mass market, who will adopt when they see that the tech is working, and the early adopters have (usually unwittingly) worked the bugs out of the system. Finally, there are the skeptics, who are going to continue mailing checks, no matter what. So, an increasingly large number of people save money on stamps, and the banks save money by not processing paper checks.
It will be useful to watch identity federation as it continues along the adoption curve… POSIWID is a useful lens through which to observe systems.



Innovation Matters

[Trackback] There are three different adoption processes (underlying transaction, attack mechanisms, defence mechanisms) that interact in complex ways. Surely the aggregate effect of this interaction is unlikely to be a classic curve.


Maybe it would be useful for Sun to provide guidance on the practice of community formation when it comes to federated identity. No, Liberty Alliance is not what I am referring to. Wall Street and Securities.Hub did it at a vertical level, same thing is occuring with mortgage banking and phrama. Best practices for community formation at the industry vertical level would be great for Sun to include the Q1 2006 revision of their identity reference architecture…

Leave a Comment

Your email address will not be published. Required fields are marked *