This post from Gigaom on Federation vs. aggregation made me think ..
We could extend the concept of federation to a wider remit and overcome some of the limits of standardization by getting various systems to talk to each other in a more organic way through a common Identity framework
In simple terms: we could view it as
Aggregation is centralization. Federation is de-centralization. From a user’s perspective, aggregation is a ‘single site’ vs. federation is a single signon. The problem with aggregation is: you have to do a lot of work first before it is of any use. In contrast federation reuses existing systems by adding an Identity layer on top of it
Now, standardization also has the same problem as aggregation.
The goals of standardization is for systems to talk to each other. The problem with the standardization process is: It is slow, it does not allow for differentiation and it needs a lot of upfront work before its use can be availed. So, if we are talking of global interconnectivity and interoperability – this becomes a complex problem and one which is not easy to solve
Now, one way to solve this problem of standardization is to add a Federated Identity layer on top of existing systems
Federated Identity makes existing systems work together without getting them to ‘standardise’ first
For example, consider a flight booking system and the car rental system. Both of which are independent systems but are often needed together(the person booking a flight may need a rental car when she lands at the destination). Thus, if a federated identity system were present then the airline can access the car rental system with their own logon. Obviously, this needs an agreement between the two entities and the system invoking the request should be able to access only part of the destination system – but nevertheless, it is not a complex paradigm to implement.
Now, if the Identity management system could have more attributes – then we could implement a measure of interoperability/communication between two disparate systems using the Identity. The idea itself is not new since many federated identity systems have features like attribute exchange(in OpenId 2)
From the same gigaom link – this would apply to facebook through facebook connect
Facebook Connect, which was announced in May and is being rolled out this week, allows you to use your Facebook login to access Facebook’s partner web sites, then broadcast what you are doing on those sites to everyone on Facebook.
In case of mobile devices, that Identity could be tied to the user’s identity and not to the device
There are a number of mechanisms that could be used to implement this: Ex Facebook, Twitter, Azure, Operators(SIM), OpenId. I include facebook and twitter since they both have verified identity systems now and I also know that support for OpenId may have different meanings to different people – which is why I include facebook, twitter azure and openid together i.e. the practical realities may be a varied ecosystem. Even so, it would be useful to get systems working together in this way.
In any case, greater the ability to exchange attributes and the support for existing systems, the easier it would be to create an ecosystem which works together but also does not need a large overhead to get started
The option(standardization) is to get them all working together in some way first
As we get into more complex interconnectivity – devices, smart grids etc – this approach may be more practical, simpler and more organic rather than having every system first follow the same standard .. (Which needs time and overhead). Also many of these devices may be generative(creating content as opposed to merely consuming it) – which makes the requirement of standardizing them all more complex.
I realise that the ideas above are not new – and are simplified – but still I hope that this concise discussion may be more useful to understand an issue which is complex and will be more so going forward