Have you checked out the blogs of the identity gang
? Lately, they have focused more on nomenclature
and less on actual solutions
. Hopefully they will increase
the amount of solution-oriented
blogs in the near future. Maybe they could start providing answers
to questions such as:
- While the SAML specification supports the XACML specification, no one vendor has an implementation, so how should customers fill in the blank?
- Whether using OpenID or CardSpace, how should these two approaches solve for the need to not only model relationships but to also represent authorization around relationships?
- When do you see J2EE portals, Enterprise Content Management Systems and BPM Engines supporting OpenID and which vendors will emerge first?
- What should enterprises consider when embarking on user-centric approaches to identity? What are some of the evil things that enterprises will do out of years of indoctrinated habit and mediocre practices that need to change?
- How important is it for implementation of OpenID to also embrace the notion of secure coding practices?
- What are the ten things that industry analysts need to consider researching in terms of enterprise adoption of user-centric identity?