[Log In] []

Exploring the science and magic of Identity and Access Management
Friday, February 23, 2024

Putting Rubber on the Identity Management Road

Author: Mark Dixon
Thursday, May 19, 2005
1:58 am

My work as a Practice Lead in Sun’s Identity Management Practice is putting rubber on the road – making sure our Identity Management deployments really deliver for our customers. In the pit lanes where I work, we tend to think more of how to make today’s products work today within the confines of a limited deployment schedule and budget than what new products and technologies may emerge next year. The pressing challenges of satisfying user acceptance tests and solving data load problems usually supercede theoretical interchange. The color of the day is usually asphalt black, not sky blue.

However, I enjoy the stimulation of forward thought. Today I finished reading a white paper authored by

Kim Cameron
, Architect of Identity for Microsoft, entitled

The Laws of Identity
. He proposes a “unifying identity metasystem” that isolates applications from the intracacies of Identity Management much like device drivers isolate applications from the details of printers or other devices. He outlines Seven Laws that should govern such a metasystem.

Clearly, Kim is speaking of tomorrow’s technology and products, not today’s. Theoretically speaking, he makes some good arguments. I’ve actually got a few things to say about some of his observations, but I’ll address those individual issues in a later blog.

As I read about the Seven Laws, I thought of recent comments by

Jamie Lewis, CEO and Research Chair of the Burton Group
He likened an Identity Management framework to an asphalt road and challenged vendors to “quit arguing over how to build the road, settle on what asphalt formula we’ll use, and focus instead on building the interoperable solutions that solve a real problem, which customers will want to buy.”

He went on to say, “And in that light, the interoperability profile for Web-based SSO between Liberty and the WS-* frameworks that Sun and Microsoft

announced today
are certainly encouraging.”

Kim actually commented on Jamie’s thoughts in
his blog

So … On one hand we have a challenge to the Identity community to build a unifying metasystem. On the other hand, a challenge to focus on pragmatic, interoperable solutions.

The article that tied these two issues together for me was entitled ”

The hottest business you never heard of
” by Jon Oltsik of CNET. He projected that, “In three to five years, every large organization will have an access management middleware layer that knows the identity of every user and device, and manages who can talk to what, when and how.” How is that for forward thought? But Jon tempers that optimism with a realistic view of steps companies need to take to achieve Identity Management success — like establishing specific Identity Management Strategies, forming cross-functional “access management committees,” defining project phases and developing metrics to gauge success. These are basic, practical, but often messy rubber-on-the-road business activities that have as much to do with Identity Management success as the technology available to deploy.

I am currently collaborating with my peers on a document that will most likely emerge with a title something like “Ten Best Practices for Identity Management Implementation.” It could be called “Putting Rubber on the Identity Management Road.” Stay tuned for more.

Comments Off on Putting Rubber on the Identity Management Road . Permalink . Trackback URL

Comments are closed.

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.