Thursday, December 6, 2007

Solving the privacy puzzle in a federated identity model

In this article Rosie Lombardi contrasts virtual directories and meta-directories as the central access point options in creating a federated environment for consolidated authentication via web. A simple overview, but some good points of discussion, how do governments establish a way for people to gain information and access to services across agencies, states, and other governing systems?Unique Identifier or FIM?She quotes Temoshok at the GSA... "I don't want to simplify too much, but governments have two basic choices for this: a national ID or federated identity management system," So, here are the questions that arise. >> If you have FIM how do the silos correlate identities without the national ID# to act as the unique identifier? >> If you have a national ID, how do you facilitate the data sharing? Where do you verify the national ID is valid? What is the person in question is using the same national ID# with different alias'? You need a silo to set up the "master" national ID list - creating a huge repository of all your citizens. After the initial verification, what about continued information exchange? What if the person moves, the address is not updated. What about national security concerns? I see virtual directories as offering more to solving these problems than just being easier and less expensive to deploy (as the only benefit asserted by James Quin, senior analyst at Info-Tech Research Group asserts in the article). A virtual directory solution can be used to solve the correlation problem between identities (without the pesky national id#), impose policy (logic) to alert administrators of suspicious activity (i.e. same ID# using several different names/aliases) and update (synchronize) information across systems such as new phone numbers, address changes, or other contact information. Quin also brings up the question of security, he feels that one meta-directory is more secure (although admittedly most expensive and complicated to deploy) because there is only one point of failure. With the virtual directory solution he says there are multiple points of failure, the virtual directory and all connected sources - how is this not true of the meta-directory system, unless you are planning not to synchronize and if you don't synchronize, how you expect to keep the information current? Or perhaps you are not using the virtual directory as the point of access, and securing the underlying sources behind firewalls, etc? "But the virtual directory approach means personal information about citizens resides in many government systems and servers in redundant and potentially inaccurate forms." Here we see a lack of understanding of the functions and features of virtual directories. Virtual directories are perfectly able to perform synchronization services, correlation, identity aggregation, directory replication, and more, perfectly designed for exactly this problem.I don't see a down side to virtual directories, I just don't. The more I learn and the more I use virtual directories to solve these problems, the more I love them! Virtual directories can be made just a secure using SAML, SSL, and ACI's just as a metadirectory (only if you have a good directory service attached to the front end).

read more | digg story

No comments: