Dan’l Lewin, Corporate Vice President, Strategic and Emerging Business Development for Microsoft, was on the big stage at JavaOne this morning, delivering a keynote presentation focused on interoperability among disparate information system platforms.  Acknowledging the critical importance of Identity in enabling interoperability, Dan’l remarked, "Identity is Fundamental," and "

Nothing is more important than Identity."   He further remarked, "we just assume that Identity will be federated" as we move to cloud computing.

I started this blog on May 13, 2005 – the day Scott McNealy and Steve Ballmer met in a press conference to announce commitment to interoperability between the Microsoft and Sun platforms.  In that maiden post, I stated:

"Identity Management is the key to enabling interoperability. It is the pivot about which the Microsoft/Sun relationship turns. Why – because Identity, by its very nature, transcends platforms. Regardless of which application or platform is being used, a user’s basic identity doesn’t change. So, in a naturally heterogenous world, an ability to rise above the differences between computer platforms is necessary if companies are to reach goals of efficiency and connectivity they require for business success."

It is heartening to hear Dan’l give essentially the same message today, and to see the progress that has been made in the past four years. 

It was also encouraging to hear both Dan’l and Aisling MacRunnels, Sun VP, Application Platform Software Marketing, re-state their respective committment to fostering interoperability between the Java and .Net computing platforms.  Aisling announced that Sun had strengthened its commitment to interoperability efforts by agreeing to participate in the Stonehenge project and contribute the Metro-based StockTrader application code to that project.

What do you think the next four years will bring?

Technorati Tags: SunMicrosystems, Microsoft, Interoperability, Identity, IdentityManagement, StoneHenge, Metro, JavaOne

Thanks to Jonathan Gershater for pointing out a site provided by blackdog.ie that allows side-by-side comparison of Google and Bing search engines.

For my first test, I searched the term "Identity Management" on both engines and observed a few interesting things in the top ten results:

• Wikipedia, that bastion of Internet truth, is the first item in the results list.
• Oracle Identity Management was second and fifth on Bing, but was aced out by Ash’s Identity Management Rantings on Google.  Congratulations, Ash!
• Sun Identity Management came in after Oracle on Google (an interesting fact, considering the pending merger), but alas, didn’t show up on the Bing list.
• Both engines included Novell and Quest, but only Bing showed Microsoft.
• The "Discovering Identity" blog didn’t make the top ten list on either site. Grrr!

Robin Wauters posted a more in-depth review in Yesterday’s Washington Post.

I suppose these and other inconsistencies will keep Search Engine Optimization experts on their toes as Microsoft tries to mount a serious challenge to Google’s search supremacy.

By the way, with its picturesque mountain landscape, you’ve got to admit that Bing wins the search engine beauty contest.

Technorati Tags: search, google, bing

It has been interesting recently to monitor the progress of Project Kenai, Sun’s "new foundation for its connected developer experience of tomorrow."  The concept is quite simple:

"Freely host your open source projects and code as well as find and collaborate with developers of like mind and passion."

Having gone live back in September of 2008, Kenai now exceeds over 7,000 members and surpassed 500 publicly hosted open source projects.   This juxtaposition of members and projects seems to be growing towards critical mass.

Currently, seven of those 7,000+ members (yours truly included) tagged themselves with "Identity" as an area of interest.  I wonder what innovation in this area awaits us?

Technorati Tags: Kenai, ProjectKenai, OpenSource, Identity

A week ago, I blogged about the Mozilla Labs Weave project enabling automatic website login.  A couple of days ago, thanks to Pat Patterson, I read Dan Mills’ blog about the effort and watched his video again.  I thought Dan’s pragmatic vision about the role the browser could play in simplifying the authentication process was quite perceptive:

"Part of the guiding force here is that we think that regardless of the inner mechanism (a federated identity, a simple username and password, or something else), in the end the action of logging in is essentially the same. Therefore, as the browser we should try to provide a similar experience, regardless of the method being used. As the user’s agent we should also strive to act on the user’s behalf when possible, and we believe this is one of those cases."

The comments to Dan’s post were also thought-provoking.  They ranged from

"This is just super-cool and something that *everyone* has been waiting for unknowingly. I don’t know why it hasn’t already been done!"

to

"I’m sorry guys, but I have to strongly disagree with your entire approach here."

What excites me about what happened here is more than just another cool experiment and demo.  Rather than just talk about it, some enterprising folks tackled a real-life problem, formulated an interesting idea, made a quick prototype, put it out for everyone to see, and invited discussion around this visible strawman.   The next prototypes will get better and better.  Real progress has been made and will continue. This is a bright example of what I like to call "synergistic creativity."

Way to go, guys!

P.S. I used to think I coined the term "synergistic creativity," but found that Dean Patrick R. Dugan of Ohio State University beat me to the punch.  I still like the concept!

Technorati Tags: Identity, Identity Management, Digital Identity, IDIB, Weave, Mozilla, Creativity, Synergy

I am honored that Dave Kearns mentioned my post about buggy whips in his second newsletter addressing why we need to replace the venerable password.  It’s nice to be recognized for knowing some arcane information about buggy whips.  And it is true that buggy whips are still around, even if relegated to a small market niche. 

However, the point we should emphasize is that buggy whips didn’t fall from grace because people didn’t like buggy whips.  They faded away because they became irrelevant.  It was far easier to use the accelerator in a car than to use a buggy whip to coax your horse to go faster.

Interestingly enough, one of the articles Dave referenced made essentially the same point.  Speaking of the three-point seat belt developed by Nils Bholin of Volvo,  William Escenbarger remarked,

“It was so simple that a driver or passenger could buckle up with one hand.”

It was ease of use, not a technology-driven obsession with safety,  that led to wide adoption of the seat belt.

I think we face the same thing with passwords.   Intellectually, it is simple to understand why we should get rid of passwords.   However, in practice, widespread adoption will be triggered more by ease of use than perception of safety.  When an easier method for authentication emerges, people will adopt it – not because it is safer, but because it is easier.  If that easier method is also more secure, voila!  We will have achieved our desired result.

But until ease of use makes passwords irrelevant, people will continue to use buggy whips or drive without seat belts.  How’s that for mixing metaphors?

By the way, I’m the kind of guy who always buckles up but resents the government telling me I have to.  Will it be the same with passwords?

Technorati Tags: Identity, Identity Management, Digital Identity, Seatbelt, Password

A couple of weeks ago, I blogged about POssO, the new iPhone-based administration console for OpenSSO created by Rohan Pinto.  It is now available in the iTunes store.  It almost makes me wish I had an iPhone so I could download it and put it through its paces!  (I’m holding out for the Palm Pre.)

Technorati Tags: POssO, OpenSSO, iTunes

A few minutes ago, a tweet by @sofiaviolet  led me to an interesting blog post by Scott Gilbertson.  Scott discussed an experimental Firefox plugin from the folks at Mozilla Labs that uses the Mozilla Weave service to enable automatic website login using either username/password or OpenID.  A short video by Labs developer Dan Mills shows how easily it works.

I still have several questions about security, but this certainly begins to address the ease of use issues I mentioned in my earlier post about Identity in the Browser (IDIB).

Technorati Tags: IDIB, Identity, IdentityManagement, DigitalIdentity, Mozilla, OpenID

In his Network World column yesterday, Dave Kearns equated passwords to buggy whips.  Speaking of the draft release of a new paper from the National Institute of Standards and Technology (NIST) called the "Guide to enterprise password management, " Dave proposed,

"Maybe next they’ll draft guidelines for the proper use of buggy whips."

Dave later used even more forceful wording:

“Managing” a technology doesn’t make it a less unsafe technology.

Username/password as sole authentication method needs to go away, and go away now. Especially for the enterprise but, really, for everyone. As more and more of our personal data, private data, and economically valuable data moves out into “the cloud” it becomes absolutely necessary to provide stronger methods of identification. The sooner, the better. 

I agree that a better, easier to use and use more secure method is needed.  I hate to manage all the passwords I use, and fear for the day that my password system is compromised.

The big question is, "Replace username/password with what?"

I personally like the use of secure certificates, as illustrated in Henry Story’s use of certificates in his demonstration iPhone app I blogged about recently.  However, the mechanism for distributing, installing and managing such credentials for ordinary computer users seems like a daunting task.  I also personally like the Information Card concept, at least for the conceptual metaphor it uses.  But that isn’t a raging success and this technique is certainly burdened by its own challenges.

Perhaps this won’t get solved until I can hold my finger on a sensor that reads my DNA signature with 100% accuracy and requires that my finger still be alive and attached to my body.  We’ll see …

By the way, the term "buggy whip," widely used to reference a technology or process displaced by a new trend or era, has morphed into a more sophisticated term, "carriage driving whip," used by the gentile "carriage enthusiast" set.  In fact, you can buy the nice little number pictured in this post for a mere $135.00 from Driving Essentials.  Just a fraction of the $495.00 you’d need to shell out for a genuine, German-made "Four-in-Hand Holly Whip with Leather Grip & 320cm Leather Lash".  It seems that buggy whips have not disappeared; they have their own niche market! 

Technorati Tags: Identity, IdentityManagement, DigitalIdentity, DigitalCertificate, BuggyWhip

I enjoyed reading Martin Kuppinger’s post addressing the Kuppinger Cole list of 10 Top Trends for IAM and GRC in 2009:

"As in the past years, Kuppinger Cole has worked out 10 top trends in IAM (Identity and Access Management) and GRC (Governance, Risk Management, Compliance). Things are going forward in 2009, despite the economic crisis – even more, especially GRC vendors are benefiting from the crisis and the increasing investments in GRC. The need for Risk Management is well understood now.

"But our analysis shows that there are advancements in many other areas of IAM and GRC as well. The impact of Cloud Computing, new electronic passports as a means for authentication, and more discussions about privacy are just some few of them."

Here is the K-C list of trends.  The major themes are maturity, expansion/extension, clouds and services.

1. GRC as the Business Control Layer for IAM
2. Growing Maturity of Identity 2.0 Approaches
3. Multi-purpose Cards gain Momentum
4. Context and Versatility become Reality
5. More IAM and GRC for the Cloud
6. Portable Identity Information for Social Networks
7. GRC going beyond IAM
8. First Impacts of new Electronic Passports
9. Increasing Service Orientation in IAM and GRC
10. Privacy is back – and there are more Solutions

Thanks, Martin, for your insight into the expanding, maturing world of IAM and GRC.

Technorati Tags: Identity, IdentityManagement, DigitalIdentity, KuppingerCole

Yesterday, my colleague Rohan Pinto unveiled POssO, an iPhone-based portable adminstration console for OpenSSO.  This application blends the visual coolness and portability of the iPhone with the industrial-strength Identity Management in OpenSSO.

As I viewed an introductory video available on YouTube and Sun Learning Exchange, I thought of three key principles of innovation demonstrated by Rohan’s application:

• The OpenSSO open source development model leads to true innovation.
• The iPhone’s appeal is due more to it being an innovative application platform than to it being a telephone.
• Rohan’s passion, not paycheck, drove this innovation.

Congratulations and many thanks, Rohan, for this outstanding contribution to the state of the art.

Technorati Tags: OpenSSO, iPhone, Open Source, Innovation