Never a prisoner to small ambition, my good friend Eric Norlin has put together an open letter to Bill Gates and Microsoft – what he calls “the ultimate act of hubris — telling the most successful software company in the history of the world how they *should* be running things… ” As Doc says, markets are conversations and relationships, and you can't do enough listening. Beyond that, Eric is a person who always has interesting things to say.
I hope other people at Microsoft will think hard about what Eric wants to tell us. I agree very much with his fundamental point: nothing is more important to the future of the virtual and animated world than giving software and the things it inhabits the ability to respond deeply to who we are. This is what digital identity is all about. We are in a period of conceptual revolution as we come to understand this. And it's just a matter of time before identity becomes a truly central message that is broadcast far and wide.
I've taken the liberty of lifting his piece from here. I don't want to get in the way of Eric's ideas, but I'll make a few comments – I hope Eric won't mind since the letter is addressed to Microsoft as well as to Bill. Clearly, I can't speak for Bill, especially when it comes to the matters in which Eric specializes. But I can assure everyone Bill thinks deeply about identity and all the same issues we talk about in this blogosphere conversation.
Dear Mr. Gates,
Digital ID World has been covering some of Microsoft's more cutting edge work since our inception in 2002. We've covered NGSCB (a.k.a., “Palladium”) since its early days, watched the development of Microsoft's Rights Management Server, and seen you move from mere mentions of digital identity to large sections of your RSA Security Conference keynote focusing on the subject.
Amidst it all, we have tried to dig deep; to really understand the technical underpinnings, while pointing out what we felt were some of the rough spots ahead. And, in that context, Phil and I have often had “behind closed doors” conversations wherein we “play Bill” i.e. talk about what we'd do if we ran Microsoft. So it is with a sense of humility that I undertake one of the great acts of hubris the “open letter.”
Digital Identity: The thread that runs through Microsoft
The launch of Vista (Longhorn) is widely seen as one of the most important events in the history of Microsoft. Indeed, part of the challenge of the launch is clearly the representation of Microsoft's constantly growing product set in a cohesive vision. While Vista may be just one of these products, it is a lynchpin that will drive the message of Microsoft far into the future. And, frankly, as I watch the “share your passion” messages, I'm not inspired.
As an outsider looking in, Microsoft often appears to be a ship with more than one rudder being pulled to and fro by the driving force of the momentwhether it is web services, gaming, mobile applications, or directory deployments. Of course, I assume that I'm wrong; that there must be some grand vision that I do not understand; a master plan that drives the decisions of the most successful software company in the history of the world.
I don't want to nitpick, but Is the world a single thing? Are its phenomena focused in some single direction?
I think there is a fundamental and undeniable complexity here. As Microsoft advances digital technology to embrace this complexity, it is not clear to me that “master plan” is the right metaphor. What is needed, really, is to understand the synergy between things, and use that to forward our understanding of each area of specialization.
You can then evolve an overarching strategy. And well articulated tactics that embody this strategy. Yet no matter what, the underlying flexibility must not be lost.
And I actually think Eric understands this, not only because I know him, but because in the next few paragraphs we see that he is talking less about an intransigent master plan than about messaging.
But if that's true, then why don't I understand it? Is it because they don't want me to? Or is it just simply a mistake of marketing? Is the messaging unclear, unfocused, and uncoordinated? I find that hard to believe, but outside looking in it really does seem that way.
I would argue that Microsoft needs a uniting force to represent itself to the marketplace…
That “thread” doesn't appear to me to be all that hard to find. The uniting thread of digital identity runs through the majority of Microsoft's work, and actually gives you a messaging platform that is cohesive and convincing.
The Microsoft Universe: Walking up the identity stack
The figure below is my representation of the Microsoft product universe, or the product universe as I think it should be (with tongue firmly in cheek). Starting at the bottom and working my way up, I'd like to connect the dots.
Identity of Things and People
One thread runs through all of these products digital identity. I'm not limiting digital identity simply to humans, but expanding it to include the identity of things. As Microsoft comes to see itself as a company that helps the things and people in the networked world to be managed and/or manage themselves, it also comes to understand the ultimate goal of the company: providing the right information to the right people at the right time in the right context.
Be managed or manage themselves” – interesting, I think of it as self-organization within a process-driven environment. “Providing the right information to the right people” – yes, and not only information – but all digital experience.
NGSCB: the Next Generation Secure Computing Base (or “Palladium”)
NGSCB is the controversial effort inside of Microsoft to build a secure operating system within the operating system that will (in some senses) seek the elimination of software-driven hacks. Peter Biddle has been valiantly leading the effort along these lines for several years an effort that is quite unique in that it combines hardware and software. But, really, what NGSCB does is provide a secure boot up process for the isolation and management of foundational system identity it allows the machine to prove to itself that it is who it says it is and can proceed. It grounds the computer in identity.
Yup I have to agree.
One layer up we find the Xbox/Media Center, Vista, and strong authentication layer. We'll deal with the “Xbox stack” separately. For now, let's look at Vista and Strong Authentication.
Vista and Strong Authentication
From NGSCB we move on to the operating system (Vista), its associated development frameworks (Indigo), and a tacked-on strong authentication module. An important note here is that Microsoft may not necessarily build the strong auth mechanism it may be an RSA token, an OATH USB key, or perhaps a fingerprint reader on the laptop. Whatever it is, once the secure boot occurs, the user authenticates themselves into the Windows operating system an environment that seeks to deliver personalized information in a personal fashion, while giving the end-user control of their various digital identities.
I'm not sure I'd use the word “tacked on”. Once these devices are all STSs (incorporating WS-Trust), they will just fit together using standards.
InfoCards: the central thread
The central thread that runs through the majority of Microsoft's work is InfoCards. InfoCards utilizes the WS-Trust specification to allow the individual to manage their identities in various contexts. When conducting a commercial transaction, the individual can choose which identities to present which will satisfy the requirements of the commercial entity they interact with. Similarly, in social, collaborative or community environments, the individual presents who they are. An important note is that “anonymous” is just as valid an identity as “Eric Digital ID World writer.” The other significant aspect to InfoCards is that it is the first digital identity mechanism of the current era to bridge the end-user and corporate environments. Its brilliance lies in the fact that it provides a unified mechanism for traversing what has been (to this point) two widely separate arenas.
I also agree that once you understand how important identity is to both personalization and access, InfoCards are key and central in precisely the way Eric describes.
Active Directory and Microsoft Identity Integration Server
Moving up the stack we find the centerpiece of Microsoft's enterprise efforts: Active Directory. Active Directory (and Active Directory Federation Server) and MIIS (Microsoft Identity Integration Server) form the core of identity for the enterprise, while utilizing InfoCards (for end-user self management) and Vista (for corporate desktop security and as a foundation for productivity tools).
Moving to the right: RFID and Network Management
A parallel track on the right of the stack brings in the RFID and Network management middleware for the enterprise. Both of these systems are focused on managing the identity of things an equally important aspect of identity within the enterprise.
Returning to the center: Exchange, RMS and Office
Back in the center of the stack, we find the core of Microsoft's business Exchange, the Rights Management Server and Office (what I've here called “personalized office”). All of these products utilize identity (via email, calendaring, rights management and document management, and personal productivity tools) to give the end-user an environment within which to accomplish tasks and set policies that work in accordance with both their own and larger enterprise goals. Utilizing these tools a person can use email to set a meeting; write a confidential document for that meeting; and protect it using the RMS, so that only the intended readers can read and alter it.
Stepping Left: the XBOX and Media Center
The left side of the stack represents the XBOX and Media Center efforts at Microsoft. These are the pure “consumer” plays bringing Microsoft into the center of the digital home and community. Identity is the central thread of these platforms (which is really what the XBOX is) providing the home with a means for managing personal identities and their representations in social and gaming environments.
The Presentation and Transaction Layer
Sitting on top of the stacks, we hit the first unifying layer the presentation and transaction layer. This layer encompasses things like photos, blogs, the web, RSS, and search. Sitting atop the identity stacks, it provides personalized experiences and a means for representing different aspects of personal identity, while receiving personalized information and transacting in a personalized digital world.
Proposing this layering is a novel way to think of things…
Mobile and Location-based applications
Atop the presentation and transaction layer sits the mobile world. In this world of identity-based location and presence applications, users are no longer tied to the desktop or home — and still their digital identity persists and becomes increasingly portable. Here we find Microsoft-driven smart phones, location-based search, and personalized, location-driven CRM.
The top layer of the stack is the coming identity-driven services. These are most likely not Microsoft owned or Microsoft built. Rather, this is a wide ranging independent software vendor community (or services community) that utilizes the lower layers of the Microsoft stack to provide identity-driven services.
Message for the Market
That's the Microsoft product universe a universe united around the central thread of identity. A universe moved by the idea that in a distributed world, providing the user with the means for managing identity is the most powerful platform one could build. A unifying metaphor that says, managing and leveraging identity in a networked world will build the foundation for the next great developer base; services, software, hosted or not it doesn't matter. Microsoft's product set is the concrete upon which to build this identity-driven technology world. Accordingly, Microsoft needs a simple message that conveys the benefits of this unified vision; a tagline for the digital identity future
My main complaint is that the picture shows Microsoft technologies as a silo. They aren't. We're in the age of web services. The platform is in some ways across platform. How will this be shown? Maybe that's a third dimension. Or maybe it's in the services layer at the top of Eric's diagram. I'm curious to hear what Eric will say.
But I think this is very interesting stuff. Of course, I see the world through the lens of identity too. And more and more people now understand identity. Identity concepts are entering the mainstream.
Luckily I don't have to make marketing decisions on this order. I just want to get what we do about identity right. Then smart people like Eric, and his confreres at Microsoft and elsewhere in the industry, will take care of the rest.