Building an Identity Bus, Part 2

* Thoughts on how to move the Identity Bus forward

Last time out I told you about an informal discussion I had with Microsoft's Kim Cameron, Novell's Dale Olds, Quest's Jackson Shaw hosted by Kuppinger-Cole's Felix Gaehtgens all about the so-called "Identity Bus." I said that we reached a conclusion about the best way to move forward, but perhaps it's better to say we identified a couple of paths that might be worth taking.

After rejecting LDAP enhancement as the way to further the Identity Bus (I’d earlier called LDAP the “COBOL of the identity layer”) I remembered my experience with networking protocols in the 1990’s. For many years we heard that Ethernet was dead, and would be replaced by token-ring. Or ATM. Or FDDI. Or some other high-speed, deterministic protocol. And here we are today with high-speed deterministic communications, and it’s called Ethernet! I say “called Ethernet” because it really bears little relationship to the protocol Bob Metcalfe developed 30 years ago but it was more readily acceptable because it had a familiar name and because there was a gradual method (using bridges and switches) of moving from the slower speed protocol to the higher speed one. So my proposal was that we develop the “identity backplane” or “fabric” or “bus” and call it LDAP. With the identity equivalent of a bridge (the security token service – STS – developed by Microsoft) this is both backwards-compatible and forward-looking.

Jackson suggested that what was really needed was an “aha” moment. He reminded Kim (they were colleagues at metadirectory vendor Zoomit in the mid-90’s) of their reaction when Netscape announced its directory server and dozens of major developers and vendors jumped on board to support it. The suggestion was that the backplane/fabric/bus/hub be developed (probably by a small startup) and unveiled as a full-blown service. The benefits would be self-evident to everyone. We then decided that Dale, as head of the Bandit Project, should begin a new open source effort to create such a thing.

While we weren’t entirely serious (I think), an open source project, well-funded by the likes of Microsoft, Novell and others in the identity space, flying the LDAP name as a banner and creating a flexible fabric for the exchange of identity data between and among applications, services and datastores just might be the best hope we have in the short term. I’d be interested in hearing your thoughts about this. Either in favor of it, or suggesting something better. As Dr. Frasier Crane always said, “I’m listening.”

Copyright © 2008 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022