{"id":941,"date":"2008-03-20T23:39:57","date_gmt":"2008-03-21T07:39:57","guid":{"rendered":"\/?p=941"},"modified":"2008-03-20T23:43:33","modified_gmt":"2008-03-21T07:43:33","slug":"metadirectory-and-claims","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=941","title":{"rendered":"Metadirectory and claims"},"content":{"rendered":"

My\u00a0friend and long-time collaborator Jackson Shaw seems to have intrigued both Dave Kearns<\/a> and Eric Norlin <\/a>in\u00a0an\u00a0 amusing (if wicked) post called You won't have me to kick around anymore<\/a>…<\/p>\n

You won't have me to kick around anymore!<\/p>\n

No, not me. Hewlett-Packard.<\/p>\n

I heard about a month ago that HP was going to bow out of the IDM business. I didn't want to post anything because I felt it would compromise the person that told me. But, now that it has made the news:<\/p>\n

Check out Burton Group's blog entry on this very topic<\/font><\/a>…<\/p>\n

Burton Group has been contacted by HP customers who report that HP is no longer going to seek new customers for its Identity Center product. We have contacted HP and the company confirms that HP Software has decided to focus its investment in identity management products exclusively on existing customers and not on pursuing additional customers or market share. HP is in the process of reaching out to each customer regarding the change.<\/em><\/p><\/blockquote>\n

Seriously – you thought HP was a contender in this space???!!! No, no, Nanette. Thanks for playing. Mission failure…<\/p>\n

Let's be honest. The meta-directory is dead. Approaches that look like a meta-directory are dead. We talk about Identity 2.0 in the context of Web services and the evolution of digital identity but our infrastructure, enterprise identity “stuff” is decrepit and falling apart. I have visions of identity leprosy<\/span><\/em> with this bit and that bit simply falling off because it was never built with Web services in mind…<\/p>\n

There is going to be a big bang in this area. HP getting sucked into the black hole is just a step towards that…<\/p><\/blockquote>\n

As graphic as the\u00a0notion of\u00a0identity leprosy\u00a0might be, it was\u00a0the bit on metadirectory that prompted Dave Kearns to write<\/a>,<\/p>\n

That\u2019s a quote from Quest\u2019s Jackson Shaw. Formerly Microsoft\u2019s Jackson Shaw. Formerly Zoomit\u2019s Jackson Shaw. This is a guy who was deeply involved in metadirectory technology for more than a dozen years. I can only hope that Microsoft is listening.<\/p><\/blockquote>\n

Back at Jackson's blog we find out that he was largely responding to a\u00a0session he liked very much given by Neil MacDonald at a recent Gartner Conference<\/a>.\u00a0 It was\u00a0called “Everything You Know About Identity Management Is Wrong<\/em><\/font><\/a>.”<\/em>\u00a0\u00a0Observing that\u00a0customers are dissatisfied with the cost\u00a0of\u00a0hand tailoring their\u00a0identity and access management, Jackson says,<\/p>\n

Neil also introduced the concept of “Identity as a service” to the audience. At the Directory Experts Conference, John Fontana wrote “Is Microsoft\u2019s directory, identity management a service of the future?<\/font><\/a>”\u00a0\u00a0 What I am stating is quite simple: I believe a big-bang around identity is coming and it will primarily be centered around web services. I hope the resultant bright star that evolves from this will simplify identity for both web and enterprise-based identity infrastructure.<\/p>\n

Active Directory, other directories and metadirectory “engines” will hopefully become dial tone on the network and won't be something that has to be managed – at least not to the level it has to be today.<\/p><\/blockquote>\n

Without getting overly philosophical, there is a big difference between being, metaphorically, \u00a0a “dial tone” – and being “dead”.\u00a0\u00a0 I buy Jackson's argument about dial tone, but not about “dead”.\u00a0<\/p>\n

Web services allow solutions to be hooked together on an identity bus (I called it a backplane in the Laws of Identity<\/a>).\u00a0 Claims are the electrons that flow on that bus.\u00a0 This is as important to\u00a0information technology\u00a0as the development of printed circuit boards\u00a0and ICs were to electronics.\u00a0 Basically, if we were still hand-wiring our electronic systems,\u00a0personal computers would be the size of shopping centers and would cost billions of dollars.\u00a0 An identity bus offers us the possibility to mix and match services in a dynamic way with potential efficiencies and innovations of the same magnitude.<\/p>\n

In that sense,\u00a0claims-based identity drastically changes the identity landscape.<\/p>\n

But you still need identity providers.\u00a0\u00a0Isn't that what\u00a0directories do?\u00a0 You still need to transform and arbitrate claims, and distribute metadata.\u00a0\u00a0Isn't metadirectory the most advanced technology for that?\u00a0 In fact, I think directory \/ metadirectory is integral to the claims based model.\u00a0 From the beginning, directory allowed claims to be pulled.\u00a0 Metadirectory allowed\u00a0them to be pulled, pushed, synchronized, arbitrated and integrated.\u00a0 The more we move toward claims, the more these capabilities will become important.\u00a0<\/p>\n

The difference is that as\u00a0we move towards a common, bus-based architecture, these capabilities can be simplified and automated.\u00a0\u00a0 That's one of the most interesting\u00a0current areas of innovation.\u00a0<\/p>\n

Part of this process will involve moving directory onto web services protocols.\u00a0 <\/em>As that happens, the ability to dispatch and assemble queries in a distributed fashion will become a base functionality of the system – that's what web services are good at.\u00a0\u00a0So by definition, what we now call\u00a0“virtual directory” will definitely be a base capability of emerging identity systems.<\/p>\n","protected":false},"excerpt":{"rendered":"

Without getting overly philosophical, there is a big difference between being, metaphorically, a “dial tone” – and being “dead”.<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[37,6,8,3,58],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/941"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=941"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/941\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=941"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=941"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=941"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}