The single sign on service is not new. Smartcard is not new, either. However, why is there so few applications?
Here is how the system should work, in my opnion.
1. A central authentication service (CAS) provides the service of holding all people information.
- Although the service is centralized, the database does not have to be. A distributed, replicated model may work better. This is technical issue. I have some idea about how this should work.
- This is similar to Microsoft Passport. Yahoo! Account, Google account, etc. But none of this become really the single one. They all just provides a single sign-on for their own online offering.
- CAS should issue phyical cards. There are two many situations that only card works. For eample, the entrance of a conference.
- They already issue cards.
- Their cards is already used for identication purpose.
- People brings their cards
- Devices can read their cards
- The credit card device is everywhere.
- They already provides the public API/webservice
2. CAS provides the administrative service to other organizations, associations, muzeums, libraries, or companies.
As a membership administrator for a given organization, I should be able to
- See all members of my organization
- For each member, I should see their membership status - Free member, Paid member, Premium member, Expired member, etc.
- I should be able to publish my registration template to CAS. The registration template includes additional information I would need from those who wants to be a member of my organization.
- I should be able to receive the membership requests if my organization have specific membership requirment. A self approval option should be provided if there is no specified manual approval process involved. I should be able to specified this in my membership registration template to CAS.
- I hope that the CAS or some other service provider can collect the $ for me. This is a service can be provided by bank or post office (postal money order). Maybe I can use PayPal.