Three Federation Patterns
Despite the compelling benefits, federation is an unfamiliar model for most organizations and, consequently, will not appear overnight. Successfully deploying federated identity systems will require software, standards, expertise, and best practices that have become widely available only in the last year or so. Moreover, there are significant challenges once the technology is in place. Those challenges will be met in a variety of ways, but it's likely that they will all fall into one of three patterns:
- Ad hoc federation
Ad hoc federation is characterized by bilateral relationships between organizations wishing to create a federated identity arrangement.
- Hub-and-spoke federation
Private federation islands forming around large organizations characterize the hub-and-spoke pattern.
- Identity federation network
The identity federation network pattern is characterized by the formation of an independent member-owned identity platform.
Even though these patterns are independent from one another, I believe that most organizations will explore them in sequence: first entering into ad hoc relationships, then joining coalitions dominated by large players in their industry, and ultimately recognizing the benefits of joining an independent identity network.
Pattern 1: Ad Hoc Federation
The first pattern for federating identity consists of adding relationships one by one on an ad hoc basis. As noted in the previous section, there will be powerful incentives to implement federated ...
Get Digital Identity now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
