Wednesday, July 18, 2007
Links for 2007-07-18
Johannes Ernst inquires as to why I have negatively commented on identity management at large. So as to avoid speculation, let me state reasons why. First, one of the reasons I blog is to bring an alternative perspective to the blogosphere in a in your face, no holds barred way and hence the name of my blog being duckdown. One of the injustices is that industry analysts who cover the world of identity management (with the exception of the Burton Group) have only been sharing happy-path stories with my peers in other large enterprises. Not wanting to sit back and watch others fail, I feel that alternative perspectives must be shared. Likewise, there is equal frustration with vendors putting themselves at the center of the universe and using the blogosphere to do thinly-veiled sales pitches when reality says that they are a small piece in a larger universe. I would like to see all the software vendors in the identity management space acknowledge without the usual hybrid answer that it is better to have applications consolidate places where identity is stored rather than to have a management tool spray stuff all over the place. My final frustration is that the identity management crowd, specifically the folks in the user-centric world haven't even spent a single iota of time discussing the need for distributed authorization. Yes, I have heard the party line about where things should be started first but reality says that the velocity of getting to authorization discussions is all wrong
It would bring joy to my heart to see ECM vendors watch and critique the information (not the presenter) and see if this helps them better understand (even a little bit) how XACML may be used within an enterprise context
I haven't spent much time understanding Novell Identity Manager but am curious if it supports Microsoft ADAM. Hopefully Novell doesn't wimp out and say that they support anything certified LDAPv3 without defining who does the certification or proving factually that another product isn't compliant
I like call to actions especially when the topic is enterprise architecture. I wonder if this blogger can at least start the conversation by asking specific questions?
Glad to see that others appreciate that enterprise architects can provide more value to software advisory boards than either industry analysts, those who talk about advisory capital or those IT executives who have big titles but otherwise are process weenies and don't truly understand their own value proposition
Hopefully, you should be familar with Gunnar Peterson, Dave Kearns and other security practitioners. Rajiv Gupta, CEO of Securent is one of the leading entitlement management vendors wrote this thoughtful article in response to others. I hope that in the future, he can specifically comment on how ECM vendors could implement XACML functionality and help dispel some of the myths that exist regarding externalization of security in general
I wonder if others have acknowledged that the reason they may not do transactions is that their platform may not support it. Consider that in many shops transactions may be initiated not via JDBC connections using XA drivers but may occur over message queues which may talk downstream to a COBOL application running in IMS which makes transaction processing a little harder. Not everything is J2EE and modern relational databases
Here is where I imagine a pointy-haired CIO who will call up Gartner and ask them how to roll out a blogging platform to several hundred folks in an IT context and Gartner giving them advice of questionable credibility. I wonder if my enterprise peers understand that analysts such as Redmonk as we move into the Web 2.0 world are not just advising us but are living it, something that other analyst firms haven't yet even realized the hypocrisy.
If there were zero job growth then folks wouldn't be crossing the border.
The notion of protecting intellectual property via NDA is interesting when applied to EA. If you need to engage a lawyer to negotiate as an employee then I would definitely say you may have made a bigger mistake by choosing to work for the wrong firm. The best posture against an NDA is to choose a culture which embraces open source and declarative living. If you don't know who these firms are, then your homework is to figure out if any of their architects blog...
Links to this post: