Oblix announced Passport integration into its access management product suite.

If I understand the annoucmenet correctly, this is one-way integration. Something similar to split DNS from the domain name world. To paraphrase split DNS explanation,"Your internal servers hold only the identities of your customers. When internal users of the identity management system look up an identity, the query is answered by internal identity servers, even if the request is forwarded to an external idnetity server for resolution. External users who look up ser identities related to zour your domain are answered by external identitz server that only know about the publicly accessible resources".

User trying to use Passport would first have to be registered with Oblix (controling user access) and with back-end applications (providing transaction authorisation). Of course there is a number of horrendous integration issues. Theoreticaly, all authentication and authorisation decisions could be pushed outside to Passport, but in this scenario Oblix would be useless and identity details would be controlled by Microsoft.

When pushing the user identity and access management outside the enterprise, there is still an issue about who has the control over the identities in public identity server, i.e. Passport. Because identity control provides customer lock-in, it is a business profitability issue and from the side it is a consumer and privacy protection issue.

The most privacy-friendly solution would let users themselves control their details; I am not aware of any solution that would provide something similar at present (perhaps ascio or pingid). The second option would be let the user choose the entity which they would entrust with the administration of their identity details in a similar way they can choose a provider of their personal digital certificates, such as Verisign, Thawte or some nationally approved vendor.

11:33:10 PM    

John Robb: "...Interestingly, this turns the Gilder paradigm on its head.  Bandwidth growth was halted in the last mile due to regional Bell reluctance.  As a result, true bandwidth growth now has a doubling rate of every 4-5 years.  In contrast, storage (at 9 months) and microprocessors (currently at 18 months and dropping fast), will provide the exponential growth the computing industry needs..."

This is indeed an interesting observation and is very relevant to the design of system architectures.

"...In five years, you will likely have a PSD with ~1 Tb of storage space.  It will connect to sub-$300 video/still cameras, play-back audio and video to any monitor, and connect P2P with other PSD users via highspeed wireless.  I will be able to download an entire library of music and movies to you in 20-30 minutes during a face to face meeting.  Further, I will be able to manage this library of content via my PC.  This replaces CD and DVD technology with ferocity.  "

Hmm, how mobiles fit into this picture? In case wireless (802.11b) networks would provide flat-fee internetworking connectivity anytime, anywhere, there would be little incentive for PSD owners to use mobile networks with provider controlled functionality (i.e. DRM protected multimedia) and pay-per transaction fees. And then 100 billions of investment into 2.5 and 3G on the part of mobile providers would be lost. Would Nokias of this world would surrender, counterattack or is there possibly a space for coexistence of these two technologies?

10:16:21 PM