Case study: scalable, extensible identity provider

architecture, security

Slides for a scalable, robust OIDC identity provider with an extensible architecture. The design follows these tenets:

  • Scalability starts at the client: clients need to be able to “take their business” to any service that is open. If the service fails, they can go to another one.
  • Definition of availability: clients have a different view on availability than eg. 3rd party services or system administrators. For a client, the system may be “down” if they cannot connect to “their” application while all other applications work fine.
  • SLAs: major cloud providers don’t guarantee a minimum availability; there’s just money credited if availability falls below X%. In order to achieve any arbitrary availability levels, a system must span multiple data centres and providers.
  • Scalability and availability are interwoven: you cannot have one without the other.

Here are the slides

And here is the accompanying Archimate model which you can be viewed and edited with the excellent Archi.

Published

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.