Monday, March 05, 2007


Enterprise Content Management and Behavior Models

I have been known to blog about Authorization on occasion and have uncovered an interesting behavior pattern amongst BPM and ECM vendors that I can't find elsewhere. Could someone explain to me rationale for why it exists?

In the blogosphere, it is easy to find lots of successes using protocols such as OpenID. It is now being pervasively support by many blog software vendors (one form of content management) yet you won't find any evidence of anyone in the ECM space attempting to incorporate it into their offerings.

You can also find discussions in terms of the need for enterprise applications to support Single Signon (SSO) with passionate discussions around SAML, WS-Federation and even federated identity yet you will not find a single ECM vendor out of the box offering support for these protocols.

You can now find support for XACML being embedded into J2EE containers, ESBs, ERP systems, network appliances and even physical infrastructure devices yet you will not find any evidence that ECM vendors are even considering implementing it. At best, you will find dialog that indicates they are the only ones in the entire world that have to deal with millions of objects and the need for fast caching as if no other software horizontal could possibly have ran into the same issue.

Maybe, someone could explain to me why ECM vendors in terms of technologies are still stuck in the 90's? How come they are so damn unmotivated to implement open industry standards? Do industry standards spook them?

Recently, I participated in a discussion with over eleven different Fortune enterprises who directly asked their ECM vendor in a single unified voice for support of the above, so no one can honestly say that the need doesn't exist within the customer base.

Many enterprises already have their own credential store better known as Active Directory. How come ECM vendors aren't leveraging it via direct runtime binding? The schema is known and openly published by Microsoft, so this isn't a mystery. Likewise, you can't really rationalize that enterprises don't have Active Directory.

Even the discussion of SOA is discussed in every magazine on the planet yet none of the ECM vendors within their product supply content-enabled service capability. How difficult would this be to support in a standard way that customers could simply leverage without having to reinvent the code within each deployment?

Could someone tell me what I am missing as I simply don't understand what is holding ECM vendors back from doing a better job?

Links to this post:

Create a Link

<< Home
| | View blog reactions

This page is powered by Blogger. Isn't yours?