Many of those communications will
be possible only if the two parties are already tied by a business
relationship that goes beyond just sharing the same semantic for
the same attribute statements. Such a situation is unfeasible on
the Internet, where dynamic aggregation centered on user decisions
is a common pattern. A tightly coupled relationship is
costly to initiate and maintain, and therefore it is used when it
makes solid business sense. A user can??™t possibly hope that all
the services he will ever have to authenticate with are in tightly
coupled relationships with each other or with a single AP.
The last point we want to make is something that applies to
every authentication technology mentioned so far. Regardless of
all its merits, SAML is just one technology among many. It has
enjoyed very good adoption, but even in the business-to-business
space it is far from being the de facto standard. It shares this
space with many other SSO technologies, and it??™s not certain at
all that one solution will ever emerge over all the others.
The Babel of Web User Interfaces
The communication protocols on which the Internet is based do
not address the problem of transporting credentials.
Pages:
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150