The Venn of identity

My SAML parfait diagram experiment went pretty well. I heard from a number of people who found it helpful, and one fellow even asked for the source (OpenOffice.org, need you ask?) so he could try tweaking it to highlight one profile/protocol to which I’d given short shrift.

At around the same time, some people who came across the SAML (and Liberty)/OpenID/CardSpace Venn diagram that appears in the RSA talk I did with Liberty Alliance director Brett McDowell asked me to post it because they thought it was generally useful. I’m definitely not the artistic type, but I guess I can draw boxes and lines — and bubbles — well enough! The following version isn’t quite as pretty as the RSA one because that was done by a professional graphic artist for the occasion, but I’ve continued to fiddle with the wording a bit so I needed my own copy. (You really do need to click to enlarge this one, to read it properly.)

Identity Venn diagram

Giving credit where it’s due: The main author of this diagram is really Paul Madsen, who sketched an early version during the discussion of the identity triangle diagram that Johannes Ernst put together, so Johannes deserves a hat-tip for his original series. And the title of the post is stolen shamelessly from my former Sun colleague Gary Ellison, who used it for a presentation to the JA-SIG on federation, identity, and web services back in 2003.

In the spirit of some of Gary’s diagrams but at a higher level, I recently did another Venn diagram to flesh out my “convergence touchpoints” material in the RSA slides, providing a view that stretches across federated identity and web services. I can’t credit/blame anyone but myself for this one. Really, it’s slightly more than a Venn because the shapes of the bubbles hint at horizontal applicability. (Again, click to enlarge.)

Identity and web services Venn diagram

Let me know what you think…

No tags for this post.

16 Comments to “The Venn of identity”

  1. carolina 29 March 2007 at 1:41 am #

    Hi Eve, nice diagrams!. In the first one, what do you mean by “solutions for consistent user experience”? Thanks, carolina

  2. Eve 29 March 2007 at 9:26 am #

    Hi Carolina! I meant that SAML and Liberty have not standardized any particular UIs (though they each have standardized the protocol behavior of clients in some instances), while both OpenID and CardSpace prescribe user interaction to varying degrees, and explicitly act on a goal of ritualizing/making consistent how a user authenticates, controls attribute release, etc.

    Of course, similar rituals are possible that use SAML and Liberty protocols; Hubert’s Liberty on the Desktop example shows one way.

  3. […] Pushing String » The Venn of identity Sets grouping unique and common features of SAML, OpenID and CardSpaces. (tags: identity saml openid) This entry was written by chęn and posted on March 29, 2007 at 9:29 pm and filed under delicious-daily. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL. « links for 2007-03-27 […]

  4. Eric Norman 30 March 2007 at 4:22 pm #

    I’m not happy with the implication that CardSpace doesn’t do SSO. Under normal circumstances, all CadSpace requires of the user is one “click to approve” to sign on to a site. Granted, that’s not quite what a lot of folks think that SSO means, but I would rather interpret SSO as meaning Simple (enough) Sign On.

    Furthermore, I’m not sure that signing on to a site in a manner that’s “seamless and transparent to the user” is even a good thing. It sure doesn’t help a user’s situational awareness.

    Nevertheless, it’s nice to have a visual diagram that compares and constrasts the different identity systems. And I sure do like doing the same thing with the protocols and languages operating behind the scenes.

  5. […] the technology end, here is one way I put it. with a recent new iteration by Eve Maler of […]

  6. […] Ellison, Johannes Ernst, and Paul Madsen. More details on this history can be found in my initial post on the subject. Thanks, […]

  7. […] this could be looked at as completing the “third leg of the stool” of what is often called the Venn of Identity (SAML, OpenID, and Information Cards). But from another perspective, you can see it as one of the […]

  8. […] this could be looked at as completing the “third leg of the stool” of what is often called the Venn of Identity (SAML, OpenID, and Information Cards). But from another perspective, you can see it as one of the […]

  9. […] with the Information Card Foundation.  Thus Concordia’s Eve Maler’s Venn of Identity diagram now has active established organizations in each […]

  10. […] of the community language and understanding had evolved. This starting point was moved forward by Eve Maler creating the Venn of Identity and became an IEEE paper written by her and Drummond Reed. Johannes has continued to be a wholistic […]

  11. […] our 9th event. Many things have move forward significantly in the community – OpenIDv2, OAuth, Venn of Identity paper, OSIS Interop, Concordia use-cases, Information Card evolution including Augmented Browsing with […]

  12. […] 9th event. Many things have move forward significantly in the community – OpenIDv2, OAuth, Venn of Identity paper, OSIS Interop, Concordia use-cases, Information Card evolution including Augmented Browsing with […]

  13. […] For those of you who don’t know Johannes he developed Light-Weight Identity (LID) a URL based ID system at the same time Brad Fitzpatrick did at Live Journal and then participated in merging it all together into YADIS discovery which became woven together with OpenIDv1, XRI/i-names  and sxip to become OpenIDv2. He also was the first drawer of the identity triangle (OpenID, SAML, InfoCards) which evolved into the Venn of Identity. […]

  14. […] very first Venn of Identity blog post also included a second diagram, covering something like “identity in web services”. It […]

  15. Ian 3 September 2010 at 6:50 am #

    Really interesting article, reading the comments there doesn’t seem to be much love for cardspace hehe

  16. […] The Venn of identity | Pushing String – The Venn of identity. My SAML parfait diagram experiment went pretty well. I heard from a number of people who found it helpful, and one fellow even asked for the source (OpenOffice.org, need you ask?) so he could try tweaking it to … […]