Web Services and International Travel


Writing in CIO Magazine, Merritt Maxim makes a useful analogy between Web services and international travel. Immigration and Customs are about authentication, authorization, and content control. These problems only show themselves at scale.

In simple point-to-point Web service models, scale is manageable because the tight coupling between partners restricts the number of authorized identities to a very small number. However, as companies expose more Web services and allow more users access, bulk identities are not sufficient. Companies will require better visibility into who is accessing exposed Web services. Compounding the problem is that these new identities are not all in the perimeter device, meaning that the Web service now has to look for the identity credential. Just like the 747 analogy, having a sudden surge in demand for Web services from a diverse user population will choke Web service performance.

It is for these reasons the press and industry pundits are starting to talk about the importance of identity management in Web services deployments. People often dismiss the connection between the two since they tend to visualize Web services as application to application, where identity is straightforward. But as the point to point model expands, identities become more fine-grained and harder to manage. Plus, Web services are inherently unpredictable. Just as Immigration Control's staffing issues get complicated by delayed or canceled flights, Web service usage can fluctuate wildly based on business partner usage.
From Web Services: Who Goes There? - Oct 31, 2004 - CIO Opinion - CIO
Referenced Mon Nov 15 2004 11:13:56 GMT-0700

This is why identity management is a crucial part of Web services. Most organization will have trouble getting their hands around the identity management issue to the degree required by wide-spread Web services deployment.