Saturday, April 14, 2007
Federated Identity and Industry Solutions
In the past, I have commented on deficiencies in terms of Liberty Alliance in terms of some initiatives I have been working on. Essentially, I am just one participant out of hundreds of others within the industry vertical I play in. Part of community formation is not only identifying the other companies one may need to federate with but also identifying specific individuals within specific organizations. Here is where I need the assistance from folks such as Conor Cahill, Ashish Jain, Don Bowen, Eric Norlin, Andre Durand, Pat Patterson, Dick Hardt, Mark Dixon, Kim Cameron and others.
Usually folks would point one towards existing standards bodies that exist within one's own vertical, but usually these entities would be focused on technologies specific to the vertical where as federation as a technology isn't. Only its deployment would be specific. For example, if you went to a vertical specific consortium on Wall Street, it would be easy to identify folks to help you with FIX XML but would be difficult to identify participants who knew anything about CardSpace or OpenID.
Every enterprise has an enterprise architect, innovation lab or similar construct where a particular individual may have responsibility for strategy around security and have been following user-centric identity approaches. The key challenge is in identifying all 250 of them in order to form a federation.
Figuring that Microsoft would obviously have a clue as to other users of CardSpace and vendors whose solutions implement the SAML specification may have an idea as to whom the right players would be in terms of community formation around federated identity. In terms of contacting these folks with my request, it almost always gets routed to the sales guy whom has zero clue in terms of my request. Likewise, the sales guy would think of this as a premature reference request and not understand why someone would want references before hearing the dog and pony show.
I wonder if the CTOs of these companies have ever considered that if they expect to sell solutions to federated identity that part of the purchase requirement may be the need to federate with someone else that already has the software? For those who are inquisitive, I also took this down the path of industry analysts whom have been equally unhelpful as they tend to keep the details of other industry peers abstract.
I wonder if industry analysts who cover federated identity and the venture capital firms who fund software companies have ever noodled why federation is slow in terms of adoption since their is an obvious need in the marketplace? Hopefully, they will conclude that they are part of the problem...
Links to this post: