My thoughts heading into 2007

It has been a long time since my last post. The fact that it coincided with the holiday season shouldn’t lead you to think that I was enjoying some well deserved time off. It has, in fact, been quite the opposite. Things have been really busy in the identity management group recently, and I have been working hard on some interesting problems that will influence the future direction of the OIM product. Hopefully I will be able to share the results of that work with all of you really soon.

January is the month when everyone comes out with their predictions for the coming year. Since this post is coming in at the tail end of January (hopefully I will get it out in time to keep that statement true), I toyed with the idea of doing my own post on trends in the identity management space. But having read quite a few of those over the last month, I think anything I could possible say has pretty much been covered already.

Next week is the RSA Conference. And this year, Oracle is planning on showcasing its move into identity management in a big way. Everyone has been talking about the way in which Oracle has aggressively moved into a leadership position in the space (just check out Burton’s report on the identity management landscape for 2007). So it comes as no surprise that everyone is curious to know how Oracle will approach the future.

I therefore decided on a different tack. Instead of trying to predict what will happen in 2007, I decided to share my thoughts on what I feel are the main philosophies that will drive the work our team will be doing this year. This is not meant to be a complete list, and I cannot stress enough that these are my personal thoughts (I have been told to make that very clear). It will be interesting to hear if you think there is anything else that should be at the top of our minds.

So here goes…

Convergence: This is the big one. For a long time, the main demand from the market has been the integrated IdM suite. But in a world where services will be the main way in which identity technology is consumed, it is actually the next progression that we need to be looking at. Having multiple products that are able to interoperate is good, but that still leaves the model open to redundancy and maintenance headaches. Simply changing all those products into a service is also not good enough. And more and more concepts are making their way into every aspect of identity management. If I define a SoD policy in my provisioning system, why should I have to re-define it in my authorization service? Convergence of these various products into a unified construct that supports multiple service modules will help eliminate some of the management nightmares that make project managers pull their hair out, and make life a whole lot simpler. Which leads me to my next topic – simplification.

Elegance (aka Simplicity without Loss of Functionality): All too often, the words simplicity and flexibility seem to be mutually exclusive. This is especially true for IdM products. Proof-Of-Concept engagements in the IdM world often come down to a decision between a product that can solve the use case and a product that is easier to manage. But there is no reason why the two can’t be brought together in an elegant way.

Privacy: The strong desire individuals have for privacy led to the birth of user-centric identity as a new IdM methodology, and enterprise IdM is still struggling to work out what this means for it. However, one thing is sure. We cannot continue to develop identity management software without building in support for privacy controls that provide better protection and management options to the people whose identities are at the core of these products. And as enterprises themselves become more aware of their responsibilities in this area, they will demand the kind of frameworks that the recently announced IGF standard aims to support.

Strength: The tagline for Oracle’s Fusion Middleware suite includes the word “Unbreakable”. To me, the word reflects the multiple facets of what our identity products need to be – secure so they can’t be compromised, adaptable so they can deal with any kind of customer use case without bending and powerful so they can gracefully deal with the increased usage that identity services are going to be subject to.

Well, those are the keywords that will be guiding at least my efforts in evolving our products. In my next post, I will finally get around to the animated discussions that my comments about role management vs. provisioning set off, and how the philosophies I talked about above (one in particular) will impact what we will do about it. And if you happen to be attending the RSA Conference, drop me a line and maybe we can get together for a chat.