Home » Blog

Provenance, identity, and Google App Engine

9 April 2008 14 Comments

GoogleApps / Google App EngineImage by davemc500hats via Flickr

One thing that has been becoming clearer and clearer to me is the need to an agreed central authority for identify. This is one thing, possibly the one thing, that needs to be absolutely secure and inviolable for Open Science to work. Trust relies on provenance. Attribution, which is at the heart of open practice, relies on provenance. And pulling all of my data together from multiple streams in an automatic way relies on a record of their provenance.

There has been a lot of discussion about Google App Engine but two posts in particular have collided for me. First was the first blog post about an app I saw off the rank which uses a Google account to access an open id. Useful and cool. Secondly was the emphasis in another post from David Recordon about Google Apps as a potential Facebook Killer that the access to Google accounts is a key part of the offering.

Then I realised. Google already probably had the highest penetration as a validator of identities but these only really provide access to Google services. OpenID is great in principle but is not perhaps getting the traction it needs to go global. But all of that now just goes away. If you can write an app to authenticate someone via Google and then link that to OpenID you can do it for anything. Google have just positioned themselves to be the de facto provider of identities. And they may have solved the provenance problem into the bargain.

Picture and Wikipedia links via Zemanta.


  • Yahoo is already a provider of OpenID (your Yahoo ID). Since the number of Yahoo emails exceeds pretty much all others that’s powerful as well. With GOOG and YHOO as OpenID providers/authenticators the scenario you propose is very much going to happen. That said I wish AppEngine accepted any OpenID (which eventually it will IMO, if the two are linked).

    I still believe it’s part of Google’s platform play for developer eyeballs. Develop and deploy on AppEngine, connect to Google Apps for your Domain, serve ads seamlessly via adsense, and provide ecommerce with Google Checkout.

  • Yahoo is already a provider of OpenID (your Yahoo ID). Since the number of Yahoo emails exceeds pretty much all others that’s powerful as well. With GOOG and YHOO as OpenID providers/authenticators the scenario you propose is very much going to happen. That said I wish AppEngine accepted any OpenID (which eventually it will IMO, if the two are linked).

    I still believe it’s part of Google’s platform play for developer eyeballs. Develop and deploy on AppEngine, connect to Google Apps for your Domain, serve ads seamlessly via adsense, and provide ecommerce with Google Checkout.

  • Absolutely, its the convenience aspect that will drive a lot of this, whether with users or with developers. I think its a smart play but as some others have pointed out, it really is taking Google into Microsoft like territory with them controlling the whole ecosystem. You can certainly imagine it becoming the default web dev platform, particularly if they can deliver the tools to allow the user to become the developer. Hell, even I’m wondering whether I should try to learn python, they are making it look so easy :)

  • Absolutely, its the convenience aspect that will drive a lot of this, whether with users or with developers. I think its a smart play but as some others have pointed out, it really is taking Google into Microsoft like territory with them controlling the whole ecosystem. You can certainly imagine it becoming the default web dev platform, particularly if they can deliver the tools to allow the user to become the developer. Hell, even I’m wondering whether I should try to learn python, they are making it look so easy :)

  • It is pretty easy. The database hooks will be different, otherwise it’s a standard python. I am sticking to Amazon/Talis. Ruby rules :)

  • It is pretty easy. The database hooks will be different, otherwise it’s a standard python. I am sticking to Amazon/Talis. Ruby rules :)

  • Actually, I don’t mean learn python, I mean learn how to code anything at all. Never written a line of code in my life (beyond a bit of html back in the day when backgrounds were always grey). Beginning to get very frustrated with that hole in my skill set.

  • Actually, I don’t mean learn python, I mean learn how to code anything at all. Never written a line of code in my life (beyond a bit of html back in the day when backgrounds were always grey). Beginning to get very frustrated with that hole in my skill set.

  • Jim Procter

    Cameron – We all get round to dealing with those holes, sometime :)

  • Jim Procter

    Cameron – We all get round to dealing with those holes, sometime :)

  • Hey Jim, good to hear from you. Does this mean you’ve moved into the wet lab? :)

  • Hey Jim, good to hear from you. Does this mean you’ve moved into the wet lab? :)

  • Jim Procter

    He he – not quite yet – but I suspect there will come a time when to understand an experiment’s results, I’m really going to have to do it. At least there are fewer language/IDE/DB-sys wars in the lab !

  • Jim Procter

    He he – not quite yet – but I suspect there will come a time when to understand an experiment’s results, I’m really going to have to do it. At least there are fewer language/IDE/DB-sys wars in the lab !