It’s been a busy several months for identity solutions and yours truly. Since my last post, I’ve been in Sao Paulo, Stockholm, Columbia, Venezuela, plus cities around the U.S. talking to Oracle customers and prospects as well as working with identity standards activities about solutions in this fast evolving space.
Throughout my travels and discussions, I am continually reminded of the commonalities that tie the global economies together. Examples include the need for increased efficiencies in on-line transactions; the desire for closer and more convenient relationships with customers, partners, and social networking colleagues; and the overriding need for heightened security for business data as well as protection of personally identifiable information.
At the same time, these very issues have been reinforced in another context – that of identity industry standards.
The Liberty Alliance, has been leading the identity standards development effort since its founding in late 2001. During that time, Liberty has focused on a holistic approach to identity solutions by producing not only technical aspects, but also business guidelines and standards for creating secure, privacy-respecting identity meta-systems.
At the same time, the industry has seen other initiatives emerging that intend to address a narrower slice of the problem set. These solutions have met with more or less success (measured by actual deployments) depending on how well these initiatives have addressed the fundamental requirement of interoperability with existing standards.
As customers repeatedly tell me, the importance of interoperability cannot be underestimated. Customers need the ease of interchangeable solutions that can adapt to changing business needs. The core element that permits this is adherence to and interoperability with accepted industry standards.
Because of the proliferation of initiatives to solve unique problems, customers are rightly concerned that these initiatives will not interoperate within the customer’s existing infrastructure or, worse yet that these innovative solutions will require an extensive rewrite of existing applications in order to accommodate this new phenomenon. I’ve heard inexperienced vendors’ enthusiastic dismissals of these legitimate customer objections by saying something along the lines of, “These IT folks just don’t understand the new identity paradigm (cool word, huh?) that we’re offering. It’s gonna be hot! The whole world is gonna jump on the bandwagon and then the IT shops will just have to adopt it.” … Wrong. Solutions are adopted (as the word would imply) when they actually solve a legitimate customer problem.
Now some may read this as my dismissal of innovative approaches to solving real-world problems. Nothing could be farther from the truth. As I have said publicly for close to twenty years now, technology is the “wild card” of solution innovation. There are only so many ways that human beings can perform a manual function. Yet, when one applies the speed and agility that can be uniquely applied by computing power, one can address business problems in ways that are limited only by one’s imagination. Innovation like this provides sustainable competitive advantage
Technology innovation also needs the opportunity to incubate, take root, and flourish unfettered by cumbersome bureaucratic constraints. This need for free-form development has been the driving force behind several of the identity management initiatives. The difficulty arises when these initiatives need to ‘cross the chasm’ from pure innovation to more mainstream adoption. A fundamental requirement of mainstream adoption is that newer technologies must coexist with existing technology infrastructure investments. If the coexistence requires too much effort or ends up forcing the customer to create one-off proprietary integration points to close the gap, then chances are that adoption will be slowed or even halted.
To address this issue, a group of folks from the various initiatives have been discussing possible approaches. In full disclosure, this discussion was begun in the context of Liberty Alliance’s regular strategic planning review during which we discuss market conditions, customer requirements, and work – technical and non-technical - needed to address potential gaps. This year, we decided to expand the scope and solicit the active participation of key people in the identity community who were not Liberty members.
Those involved in the original sessions are to be commended on the open, candid, professional way that they provided feedback to us. We are grateful for their participation and have already seen very positive indicators that we are on the right track in this effort.
An immediate by-product was that Liberty formed the Web Services Harmonization Special Interest Group (WSH-SIG) whose members include a broad spectrum of Liberty and non-Liberty representatives interested in ensuring interoperability among technical standards that are vital for identity-based transactions.
During the strategic planning process, we conducted two-dozen formal interviews and many more informal discussions. In all, those who participated in the process over the past six months have devoted literally hundreds of collective hours in conference calls and face-to-face meetings. We gathered a wealth of thoughtful input regarding what’s working and what’s not working in the identity standards community as a whole – well beyond the Liberty Alliance’s activities.
The basic conclusion is that most of the various identity initiatives have unique value but are lacking a cohesive means to coordinate and harmonize their efforts with one another. Additionally, many individuals and companies have to invest redundant human and financial capital in order to participate in activities that are essential to their business objectives. This creates an unnecessary drain on large and small companies and slows the overall sector growth.
To solve this, we have proposed that these various initiatives seek a way to come together under a shared organization structure that will actively foster innovation, provide a mechanism for harmonizing various initiatives, and also provide a logistical support structure for shared services (like: IT, staff, legal, financial management, interoperability testing, etc.).
There is an active discussion that is taking place in Google Groups here. You will also find an overview presentation that lays out the initial vision, mission, structure, and operations proposals. The second slide of the presentation lists some of the individuals who were involved in this effort along with their company affiliations.
We are formulating the vision, mission, and principles of the proposed organization as I write this. And, we have deliberately delayed the naming of the organization until such time as we achieve consensus on its purpose. For the moment, we are simply referring to it as: IDtbd (i.e. IDentity To Be Determined).
We are very interested in achieving broad representation and consensus among the discussion participants. Moreover, we welcome any interested party to the discussion. These are fast moving formative times in the identity community. Identity solution adoption and deployment is growing rapidly while, at the same time, new and innovative approaches to solving business problems are emerging.
It is vital that we join together in open, collegial dialogue in order to create long-lasting, secure, privacy respecting, and interoperable solutions.
Please join the discussion.
*******************************
As a footnote, the kind lady who served as my interpreter in Caracas asked if my previous blog post about being offered free tickets to Grey Gardens in Times Square, New York was really true. Yes, it happened exactly as I recounted it. There really are nice people out there who practice random acts of kindness.
