Anil John
Making Digital Services Secure and Trustworthy

Anil John

Proxy Architecture

 Share  Print  Email

These days, [proxy/broker/hub/exchange architecture often comes up when discussing public sector service delivery][1]. A related topic is [component identity services][2]. And all of that is wrapped up around the ongoing discussion around value propositions, security, privacy, risk, and liability. These are some initial thoughts on bringing some of those topics together.

The typical model that I see associated with a proxy deployment is one I will call a Unified Proxy, in which the brokering of both the token information and the identity information is done by the same entity:

BenefitsChallenges
  • Single point of RP integration
  • Single point of Token/Identity/CSP integration
  • Single point of policy compliance
  • Protocol mediation
  • ...
  • Potential aggregation of risk
  • Accountability for policy compliance is distributed
  • RP concerns with attribute aggregation outside its security boundary
  • Melding of different liability/pii concerns when tokens and identity are handled by same party
  • ...

Another alternative is what I will call a Split Proxy, in which there is a physical (and not just logical) separation between the brokering of the token information and the brokering of the identity information:

BenefitsChallenges
  • Separation of concerns when it comes to tokens and identity
  • Clearer accountability when it comes to policy compliance
  • RP has a choice of deploying the attribute validation proxy within its trusted domain
  • May be easier to separate out liability/pii concerns
  • Protocol mediation
  • ...
  • Business value is long term and nuanced
  • Technical value is harder to convey due to increased complexity
  • Risk inherent in added complexity</l>
  • RP integration may not be plug-n-play
  • ...
    • </ul> </td> </tr> </table> What are some other benefits and challenges of either model? **RELATED INFO** * [What Capabilities are Enabled by Public Sector Federated Identity Platforms?][1] * [Is a CSP In a Federation, Without Identity Attributes, a Token Manager?][2] [1]: https://blog.aniljohn.com/2013/11/capabilities-enabled-by-federated-identity-platforms.html "What Capabilities are Enabled by Public Sector Federated Identity Platforms?" [2]: https://blog.aniljohn.com/2013/12/is-a-csp-without-attributes-a-token-manager.html "Is a CSP In a Federation, Without Identity Attributes, a Token Manager?"

This blog post first appeared on Anil John | Blog (https://blog.aniljohn.com). The opinions expressed here are my own and do not represent my employer’s view in any way.
Topic(s):
By on |

Continue The Conversation ...

I would love to know your thoughts on this blog post.
Meet me over on Mastodon to join the conversation!
I am a public interest technologist. I help organizations and leaders make digital services secure and trustworthy.
Learn more »

Disclaimer: The opinions expressed here are my own and do not represent my employer’s view in any way.

About

Anil JohnI am a public interest technologist. I help organizations and leaders gain clarity and understanding on complex architecture, information security, privacy practices, and market dynamics, so they can enable secure, trustworthy digital services. More about me →

Find me on Mastodon

Find me on Mastodon

Organizations I Support

© 2003-2023 Kylas Group LLC
Privacy Policy | Terms of Service