Internet2 takes Amazon to school on identity management
They say that on the Internet, nobody knows you're a dog. Then again, sometimes you must prove your real identity to access things like email, news services, entertainment, and more. So how do you prove that you're you, while at the same time keeping information you don't want exposed from spreading across the Web?
Identity management is one of the thorniest issues of the modern Internet age, and companies are investing heavily to improve authentication and authorization processes. Ironically, however, it is the research and education sector that has implemented some of the most sophisticated identity management technologies. And now Amazon is tagging along with the Internet2 consortium -- a collaborative group of research institutions that built its own high-speed fiber network in the United States -- to learn from the identity masters.
"The University of Virginia has sponsored Amazon to participate in the program. ... I think we have 10 universities that are participating," says Internet2 Senior Vice President Shel Waggener.
Waggener is referring to Amazon's project to bring Amazon Web Services (AWS) to the Internet2 community. Ultimately the goal is to marry up Amazon's infrastructure with Internet2's high-capacity network in order to better share Amazon's infrastructure services with the university set. A big part of that process is sorting through identity management issues, such as how to grant AWS access to individuals and groups that are fluid in their locations and associations.
This is something Internet2 knows a lot about.
"Before the Web was popular, maybe back some 15 years, we began the process of supporting researchers from multiple institutions to work together at virtual meetings from around the world on large-scale research projects. ... We had the network capacity to support it, but we didn't really have a mechanism by which researchers could work together quickly and easily logging in the system," Waggener says.
Enter federated identity management. Federated identity management is single-sign-on technology designed to open up access to content and services across multiple domains. Because of the needs of its researchers, Internet2 has worked WITH federated identity management for years. "We were federated before federated was cool," he says.
Through Internet2's long experience, the organization has learned how to navigate issues such as what to do when a user's status changes or when an individual is associated with multiple groups. Identity isn't rigid, and any management system must be able to cope not only with identity changes, but also with different sets of attributes that are relevant in different circumstances.
The idea of who controls the release of information circles right back to the question of online privacy: Who owns the keys to your identity?
"In our world, the identity is owned by the individual. ... Our belief in the educational community is that the individual is the ultimate steward of their own identity," Waggener says.
So where does Amazon fit in?
Like other cloud provider partners in the Internet2 ecosystem, Amazon wants to sell services to the university market. However, the partnership with Internet2 is also an opportunity for Amazon to use the Internet2 community as a test bed for evolving identity management technologies.
Waggener notes that the educational environment tends to take an open approach to technology development. Unlike in the commercial sector, there aren't proprietary secrets that have to be protected. However, at least as far as identity management is concerned, Waggener also sees commercial businesses starting to make a shift. Companies have to make their technology accessible, or risk losing out to an open platform that encourages rapid adoption and innovation.
"It's pretty much a borderless world these days," Waggener says. Amazon and every other global entity must learn how to adapt.
Image courtesy of TheAlieness GiselaGiardino on Flickr
Related on SmartPlanet:
This post was originally published on Smartplanet.com