Concordia Project - Making Identity Federation Work

I was privileged to participate today in the Concordia Project Workshop preceding the Burton Group Catalyst Conference. The Concordia Project is a "global initiative designed to drive interoperability across identity protocols in use today. It does this by soliciting and defining real-world use cases and requirements for the usage of multiple identity protocols together in various deployment scenarios, and encouraging and facilitating the creation of protocol solutions in the appropriate "homes" for those technologies."

Today's session featured presentations by five large implementors of Identity Federation technology:

  • George Fletcher, Chief Architect, AOL LLC
  • Mike Beach, Chief Security Designer, The Boeing Company
  • Ian Bailey, Director of Application Architecture, Office of the Chief Information Officer, Canadian Province of British Columbia
  • Jim Heaton, Global Director, General Motors Identity Management
  • Georgia Marsh, Acting Program Executive, E-Authentication Program, Manager, U.S. E-Authentication Identity Federation, U.S. General Services Administration

I was particularly impressed that these organizations are real-world users of Identity technology, not ivory tower theorists. Their experiences and insight are extremely beneficial to the Identity industry at large and to product vendors like Sun in particular.

The key issues that seemed to permeate the presentations and subsequent discussions were:

  • Huge Scale. The presenters represented huge constituencies. Identity federation technologies must support very large business and government user bases, with complex federation relationships.
  • Usability. The user experience related to login, logout and transfer between applications needs to be much more intuitive. Details of federation and other "plumbing" should be hidden from the user.
  • Multiple standards. The fact that multiple competing standards are in existence, with no single leader, makes it difficult and expensive for organizations to deploy federation technologies.
  • Deployment. Particularly in large, complex environments with tens of thousands of businesses and government entities, it must become much easier to deploy Identity Federation if this technology is to spread beyond organizations with advanced IT capability.
  • Business and legal issues. Several participants stressed that business and legal issues are more complex and harder to deal with than the technology. This area is begging for the development and adoption of best practices that will ease the broad acceptance of federation technology.

We in the vendor community would do well to listen to and understand these issues. The real world is doing great things. We must rise to help them take the next big steps to solve the challenges they face.

Technorati Tags: , , , ,

Comments:

Post a Comment:
Comments are closed for this entry.
About

Discovering Identity was founded on blogs.sun.com in May 2005 as a means of documenting my exploration of the field of Identity and Access Management. In February, 2010, I switched to hosting the blog at DiscoveringIdentity.com. In March 2012, I began posting Oracle-related information in both places.

Thanks for stopping by.

Please connect with me in cyberspace at LinkedIn or Twitter.


The views expressed on this blog are my own and do not necessarily reflect the views of my employer, Oracle Corporation, or any other person or organization.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today