Skip Links

DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Security

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library.  Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Audio

Crackin' the Kraken bot. Listen now!

Network World's Newsmaker of the Week

Wireless dangers at airports. Listen now!

Network World Panorama

Additional Resources

RSS

FEATURED WHITEPAPERS

Compliance, Protection, Recovery: A Layered Approach to Laptop Security Absolute Software

A missing computer can result in compliance and confidentiality issues that can be very costly to an organization. This paper discusses the strong relationship between computer theft, regulatory compliance and data security, and examines how IT professionals can protect mobile information by implementing a multi-layered network security approach comprised of various policies, procedures and asset tracking strategies.

RSS

FEATURED REPORTS

Executive Guide: Storage Heats Up HP

Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.

IT Buyer's Guides

View All Buyer's Guides

Free Newsletters

Sign up and receive the latest news, reviews and trends on your favorite technology topics

Save The Date!
What They Are Saying

If Microsoft does nothing to fix the problem in a timely manner, that is wrong and makes for poor business...- Anonymous

Join the Discussion

Building an Identity Bus, Part 2

Thoughts on how to move the Identity Bus forward
Security: Identity Management Alert By Dave Kearns , Network World , 05/07/2008
Kearns
Sign up for this newsletter now!
  • Social Web 
  • Email 
  • Feedback 
  • Close

Last time out I told you about an informal discussion I had with Microsoft's Kim Cameron, Novell's Dale Olds, Quest's Jackson Shaw hosted by Kuppinger-Cole's Felix Gaehtgens all about the so-called "Identity Bus." I said that we reached a conclusion about the best way to move forward, but perhaps it's better to say we identified a couple of paths that might be worth taking.

After rejecting LDAP enhancement as the way to further the Identity Bus (I’d earlier called LDAP the “COBOL of the identity layer”) I remembered my experience with networking protocols in the 1990’s. For many years we heard that Ethernet was dead, and would be replaced by token-ring. Or ATM. Or FDDI. Or some other high-speed, deterministic protocol. And here we are today with high-speed deterministic communications, and it’s called Ethernet! I say “called Ethernet” because it really bears little relationship to the protocol Bob Metcalfe developed 30 years ago but it was more readily acceptable because it had a familiar name and because there was a gradual method (using bridges and switches) of moving from the slower speed protocol to the higher speed one. So my proposal was that we develop the “identity backplane” or “fabric” or “bus” and call it LDAP. With the identity equivalent of a bridge (the security token service – STS – developed by Microsoft) this is both backwards-compatible and forward-looking.

Jackson suggested that what was really needed was an “aha” moment. He reminded Kim (they were colleagues at metadirectory vendor Zoomit in the mid-90’s) of their reaction when Netscape announced its directory server and dozens of major developers and vendors jumped on board to support it. The suggestion was that the backplane/fabric/bus/hub be developed (probably by a small startup) and unveiled as a full-blown service. The benefits would be self-evident to everyone. We then decided that Dale, as head of the Bandit Project, should begin a new open source effort to create such a thing.

While we weren’t entirely serious (I think), an open source project, well-funded by the likes of Microsoft, Novell and others in the identity space, flying the LDAP name as a banner and creating a flexible fabric for the exchange of identity data between and among applications, services and datastores just might be the best hope we have in the short term. I’d be interested in hearing your thoughts about this. Either in favor of it, or suggesting something better. As Dr. Frasier Crane always said, “I’m listening.”

1 | 2 |  Next >
Comments (2)
Login
Forgot your account info?

Seems requiredBy Anonymous on May 7, 2008, 6:20 pmSeems that identity needs the org(s) for dynamic control and rules automation. Unless the millions of LDAP customers can be convinced to use something else, LDAP...

Reply | Read entire comment

using LDAP as the name or protocolBy Anonymous on May 7, 2008, 12:23 pmfor the identity bus makes it sound like a virtual directory to me. what would be the difference? how would an identity bus be different then a virtual directory?

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.
First Name
Last Name
E-mail
Zip Code