{"id":443,"date":"2010-08-05T13:02:51","date_gmt":"2010-08-05T21:02:51","guid":{"rendered":"http:\/\/netmesh.info\/jernst\/?p=357"},"modified":"2010-08-05T13:02:51","modified_gmt":"2010-08-05T21:02:51","slug":"push-vs-pull-in-identity-sounds-familiar","status":"publish","type":"post","link":"https:\/\/upon2020.com\/blog\/2010\/08\/push-vs-pull-in-identity-sounds-familiar\/","title":{"rendered":"Push vs. Pull in identity — sounds familiar?"},"content":{"rendered":"

The blogosphere is buzzing<\/a> over<\/a> Bob Blakley’s recent presentation<\/a> at the Gartner\/Burton Catalyst conference. The issue seems to be this, as expressed by Ben Goodman of Novell:<\/p>\n

According to Blakley’s assertions, identity management today is based on a \u201cpush\u201d model as IdM applications centrally store user entitlements and those entitlements are “pushed” out to the applications so that users with the appropriate rights can access them … Blakley contends that this model is broken and that a new identity paradigm needs to emerge now. One where user access privileges are “pulled” at the time of use to the application or service the user wants to consume…<\/p><\/blockquote>\n

Why does this sound so eerily familiar? We had that same argument in the early days of OpenID! (For one thread, see here<\/a>.)<\/p>\n

My argument at the time was centered around LID<\/a> and is the same as Bob’s: Pull is vastly preferable. With the widespread implementation of oAuth (which follows the pull model) and corresponding lack of OpenID AX implementations since (using push), I think I rest my case.<\/p>\n

The sad part is that it’s 4 or 5 years later, and only now is that same discussion starting in the enterprise. Why did it take so long? Even back then, we weren’t exactly trailblazers: arguably the web’s (HTTP’s) success depended wholly on it being built around pull … even for things like RSS feeds that arguably look like “push” to the user.<\/p>\n","protected":false},"excerpt":{"rendered":"

The blogosphere is buzzing over Bob Blakley’s recent presentation at the Gartner\/Burton Catalyst conference. The issue seems to be this, as expressed by Ben Goodman of Novell: According to Blakley’s assertions, identity management today is based on a \u201cpush\u201d model as IdM applications centrally store user entitlements and those entitlements are “pushed” out to the…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"webmentions_disabled":false,"footnotes":""},"categories":[60],"tags":[73,74,77,125,126],"class_list":["post-443","post","type-post","status-publish","format-standard","hentry","category-digital_identity","tag-blakley","tag-burton","tag-catalyst","tag-pull","tag-push","kind-"],"kind":false,"_links":{"self":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/posts\/443","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/comments?post=443"}],"version-history":[{"count":0,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/posts\/443\/revisions"}],"wp:attachment":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/media?parent=443"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/categories?post=443"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/tags?post=443"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}