Last week, Google announced that it will support OpenID as a Single Sign-On (SSO) and identity standard in its Apps Marketplace.
For the most part, this announcement flew under the radar of most people but it may be far more significant than a simple technology integration play for several reasons:
- OpenID is an industry standard with good but not great support. With Google’s muscle, OpenID may be more widely embraced by other cloud and SaaS providers.
- OpenID has other user benefits besides SSO. With OpenID, a user can choose which personal information they choose to share. This can help users protect private data.
- OpenID can provide SSO for the Internet. Google could become an identity broker or leave it to others like PingIdentity to do so. As a result, I can log-on once, go to secure sites, and rely on my identity broker to log me in. This eases log-on for users, eliminates the need to manage and secure multiple passwords, and bolsters security.
There are other standard and open source identity efforts like Project Higgins (backed by IBM and Novell) and Microsoft’s recently announced U-Prove technology. Now that Google is on board with OpenID, I hope we can start to merge these efforts and get the most out of each.
Internet identity is broken right now and we need a solution. Kudos to Google for recognizing this and supporting OpenID, an industry standard, rather than sending users down yet another proprietary path.
Read Jon’s other blog entries at Insecure About Security.
Share
