Friday, December 02, 2005
Enterprise Architecture and Federated Identity
I spend a lot of time reading blogs on federated identity and like what Kim Cameron talks about. Hopefully he will do me a favor in not exclusively focusing in on consumer identity but also address corporate identity as well in a future entry. Anyway, I have been noodling some additional laws he should consider...
The vast majority of IT shops are dysfunctional. I would like to think that they could fix the mistakes of the past by simply reading diligantly books such as: Enterprise Service Oriented Architectures and Practical Guide to Enterprise Architecture where they could gain insight into the minds of those who are successful and what they practice.
Anyway, the main problem with Kim's ideas that is somewhat unspoken is that enterprises that don't practice enterprise architecture fundamentally suffer from two things. The first is mistrust.
Years of poorly managed IT projects and unmanaged expectations of the business folk have left many of them with hostility towards IT. Since IT is filled with not just tools and processes, but people as well, these folk will fortunately or unfornately (depending on perspective) respond in kind. The logical conclusion is that the vast majority of good ideas such as federated identity will simply die.
Compounding this notion is the simple fact that if I know my own shop is dysfunctional, what would want to make me trust another shop? Policies, WS-Trust and other technical remedies don't address the human aspects. We have been noodling federated identity within our own walls but would love for Kim Cameron to come talk to our particular vertical so he can understand the issues that surround his laws of identity.
Whenever I engage in a conversation regarding open source, it almost always ends up in the malarky of lack of support. The same mindset and problem space applies to federated identity. We all know that the real problem is something else. The real problem may be the fear of loss of control. IT will fear that they are giving up control of not software but decisions that they have always made.
Today, identity in a corporation tends to be controlled by the folks in human resources. Federated identity changes this game. Since the vast majority of enterprise architects still practice a form of enterprise architecture that encourages insular thinking, this will more than like continue into the near future.
Maybe while Kim Cameron is visiting us and others within my vertical, he could help create consensus around key principles regarding identity processes and how they will be managed from the perspective of an enterprise (not just consumer)...
| | View blog reactionsThe vast majority of IT shops are dysfunctional. I would like to think that they could fix the mistakes of the past by simply reading diligantly books such as: Enterprise Service Oriented Architectures and Practical Guide to Enterprise Architecture where they could gain insight into the minds of those who are successful and what they practice.
Anyway, the main problem with Kim's ideas that is somewhat unspoken is that enterprises that don't practice enterprise architecture fundamentally suffer from two things. The first is mistrust.
Years of poorly managed IT projects and unmanaged expectations of the business folk have left many of them with hostility towards IT. Since IT is filled with not just tools and processes, but people as well, these folk will fortunately or unfornately (depending on perspective) respond in kind. The logical conclusion is that the vast majority of good ideas such as federated identity will simply die.
Compounding this notion is the simple fact that if I know my own shop is dysfunctional, what would want to make me trust another shop? Policies, WS-Trust and other technical remedies don't address the human aspects. We have been noodling federated identity within our own walls but would love for Kim Cameron to come talk to our particular vertical so he can understand the issues that surround his laws of identity.
Whenever I engage in a conversation regarding open source, it almost always ends up in the malarky of lack of support. The same mindset and problem space applies to federated identity. We all know that the real problem is something else. The real problem may be the fear of loss of control. IT will fear that they are giving up control of not software but decisions that they have always made.
Today, identity in a corporation tends to be controlled by the folks in human resources. Federated identity changes this game. Since the vast majority of enterprise architects still practice a form of enterprise architecture that encourages insular thinking, this will more than like continue into the near future.
Maybe while Kim Cameron is visiting us and others within my vertical, he could help create consensus around key principles regarding identity processes and how they will be managed from the perspective of an enterprise (not just consumer)...
