Identity Bus - Persistent-Search 2.0
By Mark Wilcox - CTO - Oracle Consulting Security-Oracle on Jun 29, 2008
The initial question from Kim Cameron was:
"Sometimes an application needs to do complex searches involving information 'mastered' in multiple locations. I'll make up a very simple 'two location' example to demonstrate the issue:
'What purchases of computers were made by employees who have been at the company for less than two years?'
Here we have to query 'all the purchases of computers' from the purchasing system, and 'all employees hired within the last two years' from the HR system, and find the intersection."
Clayton final summary was:
" The real solution here is a combination of virtualization with more standardized publish/subscribe for delivery of changes. This gets us away from this ad-hoc change discovery that makes meta-directories miserable, while ensuring that the data gets where it needs to go for transactions within an application."
Dave was a bit shocked at Clayton's reply since to him it sounded like a cache and that is not something we normally advocate with the virtual directory.
Except that what Clayton is talking about is a bit different.
What we are working on enabling is to allow client applications to register their queries with the virtual directory in way so that they could get the responses in a manner different than simple client/server. For example they could issue a command to OVD that allowed OVD to put the responses onto an Enterprise Service Bus. So for example - it could be possible that applications that were interested in the result of this query - could attach themselves to the bus and see the results. Furthermore, OVD could even be monitoring HR system so that when new employees met this criteria - it could add new results to the bus.
The benefit of this is that for applications that truly needed to know this, could listen for these updates. This makes it easier than say for example some type of central service that must know who to write to each type of application in the organizational environment.
It would be the further blending of identity services with SOA which is where the modern enterprise is going.
And to be candid - you could do most of (if not all of ) this today - it just would require more manual work than we would like.