Day Two at the Catalyst Conference also provided a wealth of insight from a number of interesting speakers. Several of the sessions today had more depth than the ones we heard yesterday.

Mike Neuenschwander, Associate Research Director, Burton Group - Episode III, Identity Management Markets and Architecture: Evolution and Innovation

• Identity management is the set of business processes, and a supporting infrastructure, for the creation, maintenance, and use of digital identities in online spaces
• “Relation” is a core ingredient to distributed systems. Identity isn’t about the end points—it’s about the relationship
• "Identarati" - those involved with Identity
• Cross-domain sign-on is a big winner this year.
• Service-oriented architecture (SOA) a better approach than suites

Nick Nikols, Analyst, Burton Group - Identity Services and the Identity Access Layer

• Growing IdM requirements are straining current capabilities, requiring multiple and dynamic views of identity information and more complex relationships between identities and other objects
• Distributed identity services becomes the new goal
• Identity services are the set of services that enable applications and other services to fully leverage identity information

Ken Weiss, Charles Schwab & Co., Using Web Services to Manage Identity and Access

• The perimeter has vanished
• Every resource, every application, must be identity-enabled
• No substitute for a consistently applied opaque unique identifier
• Really, really know your requirements
• Policies define how Identities are permitted to access resources

Doug Simmons, Principal Consultant, Burton Group - Provisioning Implementation: Setting Realistic Expectations

• Deployment strategy will be influenced as much by regulatory issues as return-on-investment priorities
• Help end users become productive immediately. Focus on Day 1 productivity.
• Establish a three-year architecture. Implement in bite-sized chunks.

Gerry Gebel, Senior Analyst, Burton Group - The Big Challenge: Standardizing Policy While Maintaining Semantic Intent

• Focusing on policy for security enforcement in IdM systems, including authorization, privacy enforcement, and personalization
• Momentum is growing for the adoption of XACML among broad vendor base
• WSPolicy framework is maturing slowly, but is starting to appear in products
• "Entitlement engine" products are emerging to manage policy

Dan Blum, Senior VP, Group Research Director, Burton Group - Federation in the Identity Infrastructure

• Federated identity management solves real problems today, enables Web services, and constitutes the future of the identity management market
• Business interoperability issues are lagging technology interoperability
• On the standards front, Liberty/SAML is making most progress now, but Microsoft and IBM (WS*) are slowly progressing. Beware of the tortoise overtaking the hare.

Dave Temoshok, Director, Identity Policy and Management GSA Office of Governmentwide Policy - Government Adoption of Federated Identity

• The Government needs the capability to authenticate millions of citizens, businesses, and governmental entities without issuing a standard, national ID
• GSA is directed to provide common authentication infrastructure for all Federal E-Gov business applications and E-access control.
• IDM Federation Core Infrastructure addresses Trust, Interoperable Technology and Business Relationships/Governance
• If there is to be no central registry of personal information, attributes, or authorization privileges – a decentralized approach means federation.

Jamie Lewis, CEO, Burton Group - User-Centrism Meets Polycentrism: Creating Identity Infrastructure for the Internet

• The Internet lacks sufficient identity, security infrastructure
• Customer awareness of privacy, identity is rising
• "Its the relationships, stupid." ID services facilitate, coordinate relationships, interaction
• Identity systems that work for a financial services company will not work for social software and vice versa
• Ultimately, systems will mesh, creating a fabric that will allow systems user-centric, enterprise, government systems to interact using common standards

John Shewchuk, CTO Distributed Systems, Microsoft, Microsoft's Digital Identity Strategy

• Users should be in control.
• Each user should make decisions about relationships he or she has.
• Kim Cameron's 7 Laws of Identity provide a set of axioms to describe how Identity systems should work
• InfoCard is Microsoft's proposal for an Identity infrastructure that complies with the 7 Laws to replace the ill-fated Passport
• WS* is a comprehensive framework of "Identity standards" to enable web services.

Dick Hardt, CEO, Sxip - Identity 2.0

• The Identity industry is currently at version 1.0, requiring centralized Identity Management.
• Federated Identity will be provide Identity version 1.5
• User Centric Identity, properly implemented, will be Identity 2.0.
• Trusted third parties are required to validate Identities

Bob Blakley, Chief Scientist, Security and Privacy, IBM, The Logic of Identity

• Identity and privacy are not technical problems
• Security and Privacy are naturally at odds with each other

Roundtable Discussion: User-Centric Identity Management: Federating the Individual? (Participants -- Stefan Brands, President, Credentica; Kim Cameron, Identity Architect, Microsoft; Paul Trevithick, Co-Founder, SocialPhysics.org.; Bob Blakley, Chief Scientist, Security and Privacy, IBM; moderated, sort of, by Jamie Lewis, CEO, Burton Group.)

• I was disappointed in this roundtable discussion. What could have been an enlightening discussion about the real life issues facing user-centric identity was little more than a very high level conversation of esoteric issues that may apply in the distant future. I was able to get more insight into the real issues facing user-centric identity management by spending 5 minutes with Dick Hart in the Sxip hospitality suite than by listening to 30 minutes of this group.

Note: A computer malfunction that occured during the conference prevented me from posting this blog entry until Tuesday, July 19th.

Tag: Identity