Many attempts have been made to compare emerging “solutions” for web single-sign-on, federation and exchange of identity attributes: OpenId, InfoCard/CardSpace, Liberty Alliance ID-FF/SAML, etc.
However, most of these comparisons (including recent posts by Kim Cameron and Conor Cahill) have been focusing on specific aspects/points (or specific solutions). The outcome are very interesting discussions but with frequent misunderstandings and confusion.
I believe that a “rationale” for comparing these solutions is required, as well as a related systematic, comparative analysis based on:
Core functional capabilities: authentication, authorization, single-sign-on mechanisms, federated capabilities/interaction models, mechanisms to exchange identity information, auditing, etc.
Non-functional capabilities: security, trust, privacy, usability, etc.
Business aspects: adoption rate, roadmaps, interoperability plans, etc.
I think that such an analysis would be valuable to various stakeholders (solution adopters, solution providers, developers, users …) to make informed decisions and to start reasoning in terms of potential interoperability and synergies.
So far I failed to find this type of comprehensive analysis. If it exists, I would really appreciate getting a pointer/link …
No comments:
Post a Comment