Stephen Wilson of The Lockstep Group in Sydney, Australia, is scheduled to present an interesting paper, Why Federated Identity is easier said than done, at the AusCERT2011 conference in May.  Based on the abstract, the complete paper should be really interesting.

Stephen states that despite,

“near universal acceptance of the idea of Federated Identity … higher risk services like banking, e-health and e-government have steadfastly resisted federation, maintaining their own identifiers and sovereign registration processes.”

He further asserts that lingering resistance to full adoption results from the fact that,

“Federated Identity is in fact a radical and deeply problematic departure from the way we do business.  … Thus the derided identity “silos” are a natural and inevitable consequence of how business rules are matched to particular contexts.”

Stephen’s final comment:

“If we focused on conserving context and replicating existing real world identities in non-replayable forms, most routine transactions could take place safely online, without the incalculable cost of re-engineering proven business arrangements.”

If Identity Federation really doesn’t match the way we do business, it will be interesting to see how Stephen expands on and clarifies that final statement in the full paper.