Continuing on Andre’s thoughts that there are more identities coming from the Internet than from internal networks… The challenge for the enterprise is managing this vastly larger population without overrunning the systems and services currently in place. The problem is one of identity capacitance; how many identities can the company manage and how many identity services can it offer?
A company, can manage its 10,000 employees and their identity-related needs, and it can do this within budget and operational constraints. The systems that it employs to do so gives the company an identity capacitance of X. Using federation tools, the company can raise its identity capacitance to 100X. But the total numbers of identities out there is far far greater than that. To address this, the company has to increase its identity capacitance, but it can’t and still stay within budget and operational constraints. Enter Identity Service Providers. With theoretically infinite identity capacitance, the provider can let the company sanely managed the oceans of identities out their while providing all the qualities of services that customers expect.
Questions I don’t have answers to: Is an identity service provider different than an identity provider? Do they compete with each other? Are they opposite sides of the same coin?