Seems like Gunnar Peterson of 1 raindrop finds the intersection of InfoCard and Federation as interesting as I do. And in resonance with my recent post on enterprise identity management, his taxonomy includes the fascinating “deperimeterization” – I see that while I wasn't working he's done a whole much of good work on this.
Ping is set to demo its new Infocard authentication + federated SSO at Catalyst.
A user authenticates to a healthcare portal leveraging a self-asserted InfoCard. The user’s credentials are validated by a Java InfoCard Server built by Ping Identity. PingFederate is then used to enable federated single sign-on to a remote Web site without a redundant user authentication.
There are a number of interesting aspects here including proving out Identity Law 5, which is, of course, Pluralism of Technologies and Operators, jacking InfoCards assertion into the federation network through the WS-Trust backplane, and the ability of InfoCards to help to strengthen the authentication process, for example through a smart card and then have that assertion carried through the system, Brian Snow:
Consider the use of smartcards, smart badges, or other critical functions. Although more costly than software, when properly implemented the assurance gain is great. The form factor is not as important as the existence of an isolated processor and address space for assured operations – an “Island of Security” if you will.
An island of security in a networked world, now there is a future worth inventing.
Is it really an island?
