C103 IDM Data modeling

Owned by Jeremy Jeremy
Last updated: Oct 18, 2010Version comment
1 min read

The problem space was around how to model non-persons in the Person Registry. The short answer is, you shouldn't. This is usually done as a way to cheat authorization into an authentication model. When a "departmental" computing account is created where a shared password is used as a form of authorization. The "correct" way to do this is to create a departmental email account and provide a mechanism for sharing access. In short, it isn't a person registry problem. It is an authorization problem.