Google Site Search


Thursday, May 13, 2010

Is Facebook - example of IDM in the Cloud?

I remember Giles Hogben of ENISA (during his keynote presentation at the Oasis Security Forum in London in 2008) declaring social networks to be Identity Management systems. Look at slide 9.

Given this, since facebook is the most popular social networking site in the world with about 400 million registered users and it provides a platform for applications to be hosted, I wonder whether Facebook is a good example of Identity Management in the cloud?

"It's like the 'Hotel California,' " said Nipon Das, 34, a director at a biotechnology consulting firm in New York who tried, unsuccessfully, to delete his account this fall. "You can check out any time you like, but you can never leave."

With the latest controversy with Facebook where users are opted into sharing information with partner sites, we clearly  have an example of "identity federation" with attribute sharing. :)

What do you think?

1 comment:

Seetharama Durbha said...

It could be - but one must realize that public IdMs fall into at least a couple of categories - ones that really prove 'a' person's identity - and others that just provide un/pw authentication. Facebook falls into the second category - there is really no telling who is behind that UN/PW. Contrast that with a bank identity (if ever a bank opens up !! ) - it is a 'proven' identity - you know who is behind that identity.
FB kind of IdMs do nothing more than provide some SSO features.