Consider a system that has multiple applications for satisfying different purposes, for example Yahoo or Google.  Yahoo or Google have a suite of products catering different needs. But to use these services all one is required is to have one user id and it works for all the suite of applications.  The solution is to have a Single Sign on (SSO) Service.  A SSO Service acts as an interface to a set of subscribed application that needs user authentication and authorization.  An application that has signed the contract with the SSO can request to authenticate and authorize a user credential which could be shared across other applications.  This decouples the authentication and authorization features from the applications and could be handled by the SSO service in a secure manner.  With Yahoo or Google the suite of applications belong to one enterprise, hence the service could be internal and all the applications could be accessing this service centrally.

But the emerging Web 2.0 trend is to move out the enterprise services and use the internet as a platform to share these services not just within one enterprise but many.  When I saw MyOpenID it is evident that the web world is definitely moving in the direction of moving enterprise services outside of the enterprise. It is going to definitely make life easier as there will be one central point of access for specific information and redundant information is not spread across. Another advantage is that applications and systems can use common services and can just focus on the specific business problem.  Though what level of information is to be shared and the level of security is a big question to be answered convincingly.