One of the major themes running throughout the 2014 Internet2 Global Summit
wasTrust and Identity
. Major initiatives are underway with Internet2 members to develop a framework architecture for a global identity and trust infrastructure. This follows on the work that has been done by the I2 community with InCommon
, but now is expanded to include areas like MultiFactor Authentication
While I applaud this effort, I'm a bit jaded. Is the OSHEAN community interested in Federated ID
? Are we interested in having trust relationships between members? To date, I have not seen a compelling use case that hasn't already been handled. I thought, for instance, that the hospital community and medical schools might be candidates, but have been told that credentials are already handled among the institutions. I have not heard of a push for a unified student credentialing system for K-12 in RI, yet I see pilots taking place around the country.
The length of time it has taken to make progress in this area also fills me with trepidation. I think back to the early days when Microsoft was championing single sign-on—
the days of the birth of Federated ID. I don’t know about you, but I have seen very few instances of even the basic single sign-on other than logging into a website with my Facebook or Google ID.
I do see great potential for this in federated clouds. The use of a Federated ID and authentication schema for accessing an organized multi-cloud resource pool could prove invaluable. To that end, Internet2 has mandated the implementation of InCommon amongst its partners in the Net+ Cloud Services
Overall I am interested in learning how our members feel about this area, and if there is a sense that we should be getting more aggressive in examining potential architectures.