For both services, you are just sending the credentials
required to verify that you subscribed to the service. In that case,
an authentication schema respectful of the directional identity
law will not allow the traf?¬?c service to realize that the person
who asked about the situation on Highway 90 is actually the
same person who sent those ???oh so weird??? pictures to be retouched.
That separation will typically be obtained by the identity
management scheme by ensuring that no two websites share
An identity management
schema
should not provide
means for correlating
identities across
different contexts
104 Hints Toward a Solution
the same identi?¬?er for the same user. But that??™s just an implementation
detail. What counts is that the scheme does not enable
the kind of abuses previously described; how it
accomplishes that does not really matter.
Pluralism of Operators and Technologies
A universal identity system must channel and enable the
inter-working of multiple identity technologies run by
multiple identity providers
??”The Laws of Identity, Cameron, 2005
We devoted a good part of Chapter 1 to describing different
ways of handling authentication: certi?¬?cates, SAML, and even
passwords.
Pages:
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188