The Open Group delves into identity management

The Open Group, home of the Directory Interoperability Forum (DIF) has just published an important white paper on identity management (called, strangely enough, “Identity Management”) and it is available for you to download and read at your leisure – and you should do that (see link below).

The paper is a product of The Open Group Identity Management Work Area, a joint effort of DIF, Messaging Forum, Mobile Management Forum, and Security Forum. The report’s primary author is Skip Sloane, principal architect in the Chief Technology Office at Lockheed Martin Enterprise Information Systems. He is responsible for establishing, promoting, and maintaining the directory and naming services architectural vision and standards at the company.

Sloane was ably aided and abetted in the report by Ed Harrington of EPH Associates, Bob Blakley of IBM Tivoli Software, Peter Harris and Nick Mansfield of Shell Information Technology International, Roger Mizumori of Waterforest Consulting, Gavenraj Sodhi of Computer Associates, Eliot Solomon of Eliot M. Solomon Consulting, and Ian Dobson and Chris Harding of The Open Group.

The “paper” is over 100 pages, so I can’t summarize it all for you and do it justice, but it provides the necessary background for a discussion of the key concepts of identity management. It places these concepts within their business, personal, and technical perspectives, and proposes a set of steps to be taken by The Open Group to serve as a change agent promoting the resolution of industry-wide impediments to interoperable identity management solutions. In that regard it could be seen as somewhat self-serving by establishing The Open Group as being the standards-bearer for identity management (as opposed, to say the Organization for the Advancement of Structured Information Standards, or the IETF). However, that aspect plays only a small part in the paper and is easily overshadowed by the yeoman work done to categorize and characterize the important ideas in identity management today.

Among the concepts explored are trust, authentication, provisioning, authorization, and directories. While I know you are familiar with all of these, and I know we’ve explored them all from time to time (heck, almost weekly), nevertheless it’s good to have all of this information gathered in one place both for easy reference and so that you can pass it on to those with less knowledge of the identity management discipline. Once the concepts are fully presented, the paper goes on to examine identity management from various perspectives – business, security, personal and technical.

The Open Group does want input on the ideas and proposals in this paper: it wants to hear from you. Download it now, begin to digest it and we’ll examine in more detail its major sections over the next few weeks.

Correction: Last week I incorrectly spelled the name of Andrew Tanenbaum (I used too many “N”s – must be that Novell influence!), mea culpa (Latin for it wasn’t the editor’s fault this time).