On Identities, Credentials & profiles
More than one time during pure geeky technical discussion or semi business discussions we mention “Identity”, “Credential” & “Profile”. What is amazing is the confusion around them and how sometime a simple discussion turn into a UN like discussion where everybody need a translator.
I would try to do is to speak the industry language clear the confusion and then moving forward we can later talk techniques and technologies that can help working around these topics.
Starting with Profiles: Profiles is the data that an application collects about entities, it doesn’t have to be really around users, it can be about companies, addresses, locations and so on. A profile is storage of information which entered using one or all of these ways:
- Entered by a system user: a registrant into your web site for example enters his name email phone etc..
- Entered by system operator (or automatically flagged by the system): example is system flagging certain profiles as in in-active as the initially by the system, or additional notes entered by operator.
- Context Information collected by the system: this information is collected normally on user behavior, similar to what Amazon do as the record products sales by individual shoppers.
Moving to Credential: to identify yourself to system, is basically a mean of proving who your claiming to be. Using deferent ways, including pin #s or uid/pwd pairs or a smart card having your digital certificate on it. Now that is a credential. You probably design your system in such a way to relate users to their profiles.
Identities: if an object is the runtime representation of a class, using the same analogy the identity is the runtime representation of a credential, by definition identity is a context related and exists only in association with an execution session
Think all of the identity objects that coded against in your ASP.NET application or the tokens you exchanged during web service calls. These are identities exchanged, encrypted, signed you name it.