• United States

How we did against last year’s resolutions

Jan 02, 20063 mins
Access ControlNetworking

* Checking in on progress toward last year’s identity goals

Another year is upon us, and hopefully identity management technology – and technologists – are maturing. It’s that time of year when people make vows to improve themselves by resolving to do better, and each year I take it upon myself to make resolutions for the identity industry.

Last year I suggested three resolutions that those of us in identity management could profit by. They were:

1.) We should continue to create industry standards where needed while consolidating those that are competing (such as WS-Federation and Liberty Alliance). XML, by its extensible nature, lends itself to proliferating standards. It’s time to draw a line in the sand and agree on a well-defined interoperable set of standards for all aspects of identity management.

2.) Words, words, words. Too many people are using too few words to define too many different ideas, objects, actions and topics. A single lexicon, an agreed upon taxonomy is essential so that we can move forward to a greater understanding of identity management in the marketplace. If we don’t understand each other, how can we expect those outside of the identity niche to know what we’re talking about?

3.) Remember the OSI model? While honored more in the breach than in the practice, it did provide a common framework within which to discuss networking (including x.500 directory services, one of the bases of identity management). A common architectural model of identity management could be almost as meaningful as an identity lexicon in moving forward the discussion of exactly what it is we do. There’s a great opportunity here for someone.

Progress is slow, isn’t it? Little, if anything, has been done towards actual consolidation of specifications – certainly in the federation space, but also in authentication, policy management and enforcement, validation and almost all areas of identity management. We’ve talked, but mostly preached.

The vocabulary of identity has attracted a lot of attention. There’s at least been movement towards a common lexicon. I’ll award half-points for this one.

The “common architecture” model does appear to be progressing, at least if we accept Microsoft’s Identity Metasystem as the basis for the model. Not everyone is willing to do that, but most are at least willing to listen and, perhaps, give it a try before committing to it. That’s solid progress.

I’d say the score’s a good 1.5 out of 3 – much better than I expected when I proposed the resolutions a year ago. But what about the coming year – what resolutions should I propose for 2006? Send me your thoughts and we’ll see what we can put together, not in the next issue, but next week.