• United States

Identity services become part of the computing stack

Aug 02, 20043 mins
Access ControlEnterprise Applications

* Analysts say identity services are well on their way to commoditization

I found it interesting that Jamie Lewis, Burton Group CEO and research chair, and Tim O’Reilly, O’Reilly Media CEO, had the same nugget of information to impart during their keynote addresses to kick off their respective events, Burton Group’s Catalyst Conference and O’Reilly Open Source Convention.

Boiled down, they said that the computing stack has grown another layer and that the lower layers have been pushed down.

Traditionally (i.e., 20 or more years ago), there was the hardware, the operating system and the application. Advances in technology led to multi-threaded applications, which meant there could be multiple apps and services at any given time leading to an abstraction layer to “mediate” between the apps and the operating system. The wide diversity in hardware (video cards, disk drives, etc.) led to further abstraction layers so that developers didn’t need to worry about “writing to the metal,” but could write to a video interface.

Then in the late 1980s and early 1990s, the directory service came into play. Over time, abstraction layers (such as the LDAP interface) would allow coders to ignore details of the particular directory but still add, maintain, use and remove data from the directory. This, when coupled with security services became the “identity management” area.

What Lewis said directly, and O’Reilly said indirectly, was that identity services are now becoming part of “the stack” and are well on their way to commoditization. I’ll look at the broad implications of this in next week’s Wired Windows column ( but today I’ll just examine what that means to the identity management community.

Of course, the directory service was never more than a tool, a framework, a bit of plumbing that enabled “interesting things” to be done regarding identity. When we changed the name of this newsletter 18 months ago, I said that the directory is now part of the infrastructure for the loose collection of new age technologies called “Web services.” In particular, Web services rely on identity management and identity management requires a directory platform.

I’m not suggesting another name change, though. After all, the security sages and the directory divas have really only just begun to trust and understand each other. It’s too soon to relegate them to the nether regions of the application stack. Still, visionaries and people outside the area are beginning to press on and can foresee the day when secure, trustworthy identity data is “just there,” to be used as needed by the applications and services at the top of the heap, er, stack. It’s a humbling thought, I hope, but it’s also an affirmation that we’ve been headed in the right direction all along. I think it’s good news, but only time will tell.