Figure 17.2: Evolution of Identity

17.2.1 Centralized Identity

The IT industry has evolved exponentially in just the last two

decades. Old-timers like us, who learnt how to access the Internet in

late 90s, still remember how the Internet-based applications such as

banks, airlines etc., started as static websites, followed by being

more and more interactive and secure, and finally reaching the state

where they are today. In the early days, most websites that offered

the logging in feature were based on user id and password.

As shown in Figure 17.3, a user had to remember a separate set of

User Id and password for each application he logs in. Also, the

central repository is prone to mass attack by hackers or it simply

may lead to a single point of failure.

Refer to Figure 17.3, as follows:

Figure 17.3: Centralized Identities

Some of the examples of centralized identity are a custom database,

LDAP, Active Directory etc., which can work either in the standalone

or the master-slave mode.

17.2.2 Federated Identity