Apologies Brett -- I read your email too quickly. In my mind this consolidation of standards efforts is related closely to the viability (businesswise) of the IdP proposition. Which is why I was asking about the business model. If the industry and consumers are seeing too many "standards" efforts then it discourages adoption (ie. wait on the sidelines until the winner emerges - which may take years). As they say, the best thing about standards is that there are so many to choose from :) Apologies again. /thomas/
-----Original Message----- From: community-bounces@kantarainitiative.org [mailto:community- bounces@kantarainitiative.org] On Behalf Of Brett McDowell Sent: Monday, February 15, 2010 12:39 PM To: Popowycz, Alex Cc: community@kantarainitiative.org Subject: Re: [Kantara - Community] An observation: SSO's are consolidating and/or collaborating more
You are correct Alex. I was referring to Standard Setting Organizations, not Single Sign-On.
On Feb 12, 2010, at 10:55 AM, Popowycz, Alex wrote:
I think there might be some confusion on this thread. I believe that SSO in Brett's email referred to Standards Setting Organizations whereas it appears that it's being interpreted as Single Sign On in other parts of this discussion.
Brett - would you please weigh in?
-----Original Message----- From: community-bounces@kantarainitiative.org [mailto:community-bounces@kantarainitiative.org] On Behalf Of Bob Pinheiro Sent: Friday, February 12, 2010 1:42 PM To: community@kantarainitiative.org Subject: Re: [Kantara - Community] An observation: SSO's are consolidating and/or collaborating more
The ability of service providers / relying parties to save money is only
half the equation. It's easy to think of ways that SPs/RPs can save money. But for federated identity to work, there's got to be a way for identity providers to make money. That's the part that's missing.
The US government is making a big push for adoption of open identity technologies with their Identity, Credential, and Access Management (ICAM) initiative. The government saves money by not having to issue and manage credentials for citizens wanting to access online government services. A number of big players (Paypal, Yahoo, Verisign, Google, AOL) have stepped up to the plate to act as OpenID providers, so that people with credentials from these identity providers can use them to access government services. But these initial ICAM services are low assurance, LOA-1, services, meaning that these identity providers will not need to verify the identities of those to whom it issues OpenIDs, and those OpenIDs are usable with only a username and password.
For higher assurance services, stronger authentication methods and technologies will be needed, and some degree of identity proofing prior to issuance of the credentials will also be required. The costs of these things will not be zero, and presumably identity providers will want to recoup their costs and earn a profit by providing these identity
services. The missing piece of the puzzle is what business model(s) will support higher assurance identity services. Will relying parties pay identity providers for identity assertions? Will consumers pay something if the use of high assurance identity credentials can help protect them against identity theft? Or will identity providers eat the costs of providing high assurance identity services if it can help them to attract customers for other services they provide?
It would be interesting to hear from others who might have some better insight..........
On 2/12/2010 12:37 PM, Steven_Carmody@brown.edu wrote:
At 11:44 AM -0500 2/12/10, Thomas Hardjono wrote:
My apologies for my ignorance, but I was wondering if anyone in the industry is making any money with SSO or Web-SSO? If SSO is a facilitator towards "something", its not clear (to me) what that something is.
Service Providers are saving money, by reducing the info they are responsible for (userids, etc) and reducing the costs associated with providing that service.
As campuses (and other businesses) move to outsource more and more of their utility-like business services, Federated Identity becomes part of the equation. For instance, Brown is in the process of outsourcing check printing to a big IT company. They want to offer online access to pay stubs and W2's, rather than actually printing checks and stubs. This company asked us "have you ever heard of the Shibboleth software?". The big companies that manage retirement funds for faculty and staff offer Federated access. The list goes on -- including athletic ticketing (varying discounts based on type of campus affiliation), support for career services, parking spots, etc. And the usual assortment of services supporting instruction.
Clearly, tho, some of these services require protocols and credentials that are at the LoA 2 level. _______________________________________________ Community mailing list Community@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/community
_______________________________________________ Community mailing list Community@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/community
_______________________________________________ Community mailing list Community@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/community
_______________________________________________ Community mailing list Community@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/community