I am looking for OpenId and/or InfoCard use-cases in an Enterprise context.
About OpenId, I’ve found some related material in the OpenIdBook, a collection of OpenId questions from Enterprises (in Johannes Ernst’s blog). About InfoCard, so far I’ve found an interesting transcript of a discussion involving Kim Cameron, Craig Burton and Aldo Castaneda and a post on Kim’s blog.
Any additional reference to material (documents, papers, web-sites, etc.) discussing enterprise use-cases for OpenId and/or InfoCard, would be welcome. Thanks.
1 comment:
Thanks to James McGovern for his comments and input .
Below is a copy of my comments I posted in James' blog: I'd like to keep the entire discussion thread available at least in one place, so that other people in the community can easily follow it and add their input.
---------------------------------------------------
James,
thanks for your input and comments. I agree that a (potentially) relevant enterprise use-case/scenario involving OpenId/InfoCards is about SSO across enterprise business applications/services or even in B2B contexts.
As you rightly said, to achieve this it is however necessary an "ecosystem" i.e. various enterprise solution providers need to enable their solutions. I guess it is important to understand what the differentiator and added/value would be, against existing enterprise "SSO" solutions (such as kerberos, NTLM, portal-based SSO, etc.).
At the moment, in B2B contexts (such as supply-chains, etc.), most of the interactions are predefined and rigid (based on contractual and legal agreements), with just a few specific roles (and limited set of employees) involved. More “flexible” (and spread in terms of usage) are outsourced enterprise services for employees – such as corporate travel booking services, healthcare services, benefit services, information services, etc. However, also in these contexts there are already mechanisms to achieve SSO – for example by using web-based services, employee portals, employees’ NT logon credentials (or X.509 credentials) and ad-hoc “plumbing” between the enterprise and the involved external service providers.
I agree on the importance of eventually being able to better manage entitlements and different policies that apply in different contexts: I believe this is currently done with ad-hoc approaches and/or by "hard-coding" these policies.
Going back to OpenId and InfoCard, at the very base they are about *user-centric* protocols and solutions. They nicely apply in e-commerce scenarios and/or other B2C environments. But, what would this mean in an enterprise?
In the enterprise users are the "employees". To use the same paradigm, what would an "employee-centric" model be? Would this make any sense, considering the different context and requirements that an enterprise might have (in terms of business, security, privacy, etc.). Anything else beyond SSO use-cases?
My goal is to better understand this space and requirements/constraints and explore areas where to successfully use OpenId/UInfoCard in enterprises. This investigation is just at the beginning: further input (and thoughts) from the IdM community (about use-cases or requirements for OpenId/InfoCards in enterprise contexts) are really welcome.
Post a Comment