Andre Durand

Discovering life, one mistake at a time.

Archive for December, 2003

Radio Interview w/ Doug Kaye on Identity Federation

December 06, 2003 By: Andre Category: Ping Identity

Doug Kaye of IT Conversations interviewed me this past week on the subject of Identity Federation. We covered a lot of topics, and he asked some loaded questions, for which I was a bit verbose in responding. Thanks to Doug’s editing, the interview is actually pretty informative. Listen to Interview

Observation – How Federation Progression Appears Similar to Network Evolution

December 04, 2003 By: Andre Category: Ping Identity

Phil Becker of Digital ID World comments on Ping’s recent technology brief discussing the Topology of Federation.

I just finally got around to reading your topology white paper, and I was struck really hard by how this is all re-tracing the steps of basic computer architecture and comms.

The Service Provider Hub looks so strongly to me like a “terminal/host” mainframe application configuration drawing it’s scary.

The Identity Provider Hub starts to seem to me like its becoming early client/server with a “heavy client” or “thick client” (chose your term) feel, allowing it to be used across carefully controlled boundaries where setup, enrollment, and structure must still be enforced outside the system itself.

The Cross-Domain Federation is clearly the move to actual networked interconnection, rather than configurations made up of point-to-point or multi-point connections. The main transformation it creates seems the same as the one LANs created, allowing many peer-to-peer and other ad-hoc logical constructs to occur in the same “pipes” thus allowing far more flexibility etc. – all the benefits of networking, but also eliminating the ability of any outside structure to support the system in delivering security or predictability in operation and delivery of results (so the system must fully implement all of the rules and structure it needs – no crutches left.)

I don’t know if any of this has any deep meaning, or just reflects that this is how everything evolves (first a simple, hierarchical structure leveraging the existing infrastructures – works ok as long as there are only a few participants – then evolving in steps into the self defining, adaptive networked systems satisfying many different missions simultaneously). But for some reason I was struck hard by it when reading the paper and looking at the drawings.

Maybe I should call it “the progression” of technology, or something – from primitive, overly simplistic first steps to the fully networked, highly adaptive and flexible end point that lets it do what was always wanted (but which is really hard to understand and build.)