.
 |
This work item targets massively scalable identity architecture. It start with large systems at 50 million users and target extra-large systems at 500 millions. Its goal is to create a virtual identity infrastructure that make transparent and seamless to both users and developers its geographical distribution. It should not only support multiple devices, but should enable them to seamlessly transfer identity information and sessions from one device to the others across multiple channels. This effort was initiated within Kantara's Telco working group and while it is focusing on telecoms use-cases, many of the outcome should be reusable by other large scale identity users: governments, banks, web-2.0, etc. End goal is to implement a cookbook detailed enough to enable implementation a reference architectures compliant with either its full or partial model. |
Note: Select HD is not on by default on the embedded player. Slide desk in PDF [here]
Why targeting 500 Millions ? On one hand major European telecoms operators like Orange/FT, T-Mobile/DT, or Telenor already handle today over 200 millions of identities. On the other hand emerging countries like China or India are big enough to justify this number by their own. Last but not least every global web-2.0 service is a potential candidate to over pass hundreds millions of users.
Why scalability on demand ? From a business perceptive it is very important to be in position to think big while starting small; the architecture should scale in correlation with business size. From a financial point of view this is a must have feature, as emerging businesses cannot support upfront huge costs. Furthermore it is typical that when starting a new set of services, you have no idea how customers/users will adopt/shake them. You should learn on the fly, and be in a position to tune your architecture adequately.
Why multiple devices and channels ? While it is commonly accepted that Internet is not limited anymore to PC and need to seamlessly also support mobiles and TV, most architectures still handle those components in silos. Next
generation of uses cases should allow seamless interaction in between multiple devices over multiple channels. While two factor authentication leveraging a PC and a mobile is already a common use-case, the architecture should support more advance scenarios. In example using your mobile phone to control your TV and receiving in respond advertisements customized upon your profile, or when an old mother does not look her preferred series in the morning her daughter receives a text message with an invite to call back, ...
Why fully distributed ? Many reasons call for a different model of architecture distribution. Performance is a key factor, first handling 500M users within a unique system would be a very risky and challenging idea, but furthermore in order to improve latency and resilience is it important to allow a global/pan-european system to implement its multiple sub-components in different geographies. Legal and “politics” are other important motivations for distribution; European personal data should stay in Europe and Telco's HLR/HSS that handle user profile should remain within each user's country. Last but not least, it is common that what end-users view as a unique brand is in fact a constellation of independent companies that wish to keep control and ownership of their own data.
Why multi-protocols ? While industries, governments, ... would love every identity systems to use a unique protocol, this is not going to be the case for at least few more years. The architecture should support on the authentication side: SAML2 for secure services and OpenID for not secure services. On the attribute side, IDWSF for SOAP and OAuth for REST oriented API, both allowing external services to access most typical enablers as: presence, billing, user-profile, ... in a secure and privacy aware manner.
Why privacy as a 1st class citizen ? Technology cannot handle privacy by its own, nevertheless it should implement foundation for a “privacy aware” systems. Obviously the architecture should be compliant with common European regulations enabling: audit, legal interception and detection of abnormal traffic patterns, but furthermore it should implement a real user's dashboard to handle consent, access control right, removal of authorization and discovery mechanism to enable dynamic creation of a chain of trust from a requesting service to the authentic source of the information to limit duplication of user's attributes
Why cloud and visualization ? In order to lower the cost and enable scalability on demand, the architecture should support natively those capabilities. Nevertheless as those techniques introduce new challenges: a potential lost of control that may imposes encryption, signature, usage policies, as well as the generalization of external per-user services: mybank, mymail, ... which may impose discovery and reinforcing the need for dynamic creation of a chain of trust.
