Common Identity
From Bandit-project.org
Contents |
Overview
The Bandit Identity Abstraction component name was changed to Common Identity. The Identity Abstraction was started before our involvement with Higgins and is now maintained only for existing users. Moving forward, the Common Identity components will consist of Higgins IdAS Context Providers. As Higgins participants, we contribute to the Higgins IdAS interface and several IdAS Context Providers (Components) that are part of the Higgins project. We also make available other Higgins IdAS Context Providers as part of the Bandit project.
The Problem
Within the components provided by open identity systems there is a need to construct, compare, query, and authenticate digital identities. Because those identities do not share common naming, access protocols, or data models there exists a requirement to consume some type of abstraction which can attempt to deal with the existing identity diversity.
A Solution
The Common Identity model do not mandate storage of identity or identity claims, instead the framework translates requests it receives to requests in other protocols and data models. In some cases the translation may result in mapping all entity identifiers into a single namespace, however that is not a requirement of the Common Identity model.
"The application developer who needs to integrate an identity/networking system is forced to learn the intricacies of each different system. ...This learning investment is not transferable." I'll add that this usually means that the developer's work is also not transferable, and this is one of the reasons that identity deployments today are usually much harder than they need to be.
The common identity view provided by the Higgins IdAS interface and surfaced by various Context Providers may be consumed by applications to decrease their code complexity and proprietary library coupling, as well as to increase the number of Identity Providers the application can interact with.
