| Anchor | ||||
|---|---|---|---|---|
|
*Submitted by:* Christian Scholz
The story
(this text is just to describe one possible environment in which distributed or mass authorization of services is useful)
...
With the advent of more and more of such social services the amount of redundant data will grow even more and this will lead to a acceptance problem.
The Service Catalogue idea
It is unlikely that users will centralize all their data in one place. It's more likely that data will be distributed even more. So one problem might already be to manage all the places where data is stored about you or where services can provide functionality on your behalf. One solution to this might be a concept called "Service Catalogue" which came up in discussions in the open web/DiSo/DataPortability communities. The basic idea is to have a list of all these places stored under your control which can be queried by services.
...
The result is in any case a list of services you want to authorize.
Distributed Authorization
The problem is how you authorize that new service to get access to all the other 3rd party services. OAuth is one possible solution but at least if the default mechanism for retrieving a token is used this means that the user has to be redirected to each of these 3rd party services in order to give consent for the new service to use that data.
...