I’ve been scoping a Federated Identity Management project for a few months now. The implementation will include public users and business partners, and will support tens of thousands of users.
We are looking at a number of use cases with this design, including:
- a low level of assurance with minimal shared attributes, and
- a higher level of assurance with sufficient shared attributes to support a split profile.
The challenges are going to be related to privacy (the client is in the public sector) and legal issues. My focus for the next month will be to try and tackles these issues — or at least get a start on them — before we get too involved with defining the technical solution.