Today, I ordered my new iPad. I am really eager to use it, especially as a multi-purpose information and media home device. So far, so good. Obviously a device like this will be THE front end for the brave new Cloudy Web Services world. Whether via classical http(s) requests or via WS-*, the Apps on these kind of devices will make the Cloud happen to the average home user.
But: I am not sure how this fits into the identity management demands of these services. Haven't we seen so much integration and convergence trends in the identity space in the last months? How does these actually match the front-end development trends? Obviously, the latter will be making the market, so how will the security guys follow?
Or, simply put: who does care about my credentials on the devices? Do I need a credential per app or what? We have put so much effort to get rid of this problem on standard platforms - how will the mobile market adopt these? Or will it simply be the provider who will take care - he knows our identity anyway...
Lots of unsolved security questions, not mentioning the need for data encryption at rest - rest? What rest? Aeh I mean "in memory encryption"...
So in the end I am not sure whether the iPad will make us more secure. I cannot even give a guess. That is bad.