Thursday, August 09, 2007
Enterprise Use-Case for OpenID and/or InfoCard
- As you rightly said, to achieve this it is however necessary an "ecosystem" i.e. various enterprise solution providers need to enable their solutions. I guess it is important to understand what the differentiator and added/value would be, against existing enterprise "SSO" solutions (such as kerberos, NTLM, portal-based SSO, etc.).
Anyway, my perspective still stands that regardless of whether it is user-centric, Kerberos or any other approaches, HP and Microsoft need to become more active in getting folks in the BPM, ECM, ESB, ERP, CRM and other spaces to implement standards. Right now, I can't compare two standards in terms of value because neither is implemented within products I care about.
- At the moment, in B2B contexts (such as supply-chains, etc.), most of the interactions are predefined and rigid (based on contractual and legal agreements), with just a few specific roles (and limited set of employees) involved. More “flexible” (and spread in terms of usage) are outsourced enterprise services for employees – such as corporate travel booking services, healthcare services, benefit services, information services, etc. However, also in these contexts there are already mechanisms to achieve SSO – for example by using web-based services, employee portals, employees’ NT logon credentials (or X.509 credentials) and ad-hoc “plumbing” between the enterprise and the involved external service providers.
In terms of the perspective of roles, I too disagree with rigidity. Many of our systems we implement reflect the financials of our partners not only against roles we define but also allow the partners to define their own views into how they define roles and organizational hierarchies and our systems adapt. The ability for the internal system to understand the organization chart of another enterprise is important and definetely not rigid.
- I agree on the importance of eventually being able to better manage entitlements and different policies that apply in different contexts: I believe this is currently done with ad-hoc approaches and/or by "hard-coding" these policies.
- In the enterprise users are the "employees". To use the same paradigm, what would an "employee-centric" model be? Would this make any sense, considering the different context and requirements that an enterprise might have (in terms of business, security, privacy, etc.). Anything else beyond SSO use-cases?
FYI. Trackback is a better way of continuing a dialog over commenting...
Links to this post: