Wednesday, January 31, 2007

Commoditisation of Federated Identity software part 2

I blogged about this late last year and outlined a whole bunch of reasons why I thought this would happen sooner rather than later.

I'm bringing this up again because some of the Higgins and Bandit bunch are talking about a proof of concept they will be unveiling at the RSA Conference next week which shows:
how companies can integrate a non-Liberty Alliance identity system and a Liberty Alliance-based federated identity system provided by Novell Access Manager. In particular, the demonstration will have Novell Access Manager authenticate a user via Microsoft's CardSpace using information from an external identity system. In the demonstration, users will be able to access a sample media Wiki and blog using the technology.

The obvious Novell promotional reasons behind this aside, there was a quote from Paul Trevithick (Higgins project lead, amongst other things) which stated:

"One problem in realising the vision of an open-source identity layer is that tends to commoditise existing identity management products, creating a perverse incentive for companies that are in a position to make interoperable identities work."

He goes on to say:

"That may be the reason you hear about interoperability but still haven't seen it. Companies like Oracle and IBM and even Novell have no incentive to do it."

This brings up something I didn't mention previously - the position this puts the big vendors like IBM, Novell, Oracle, Sun etc in. They are all evangelising the need for open standards and interoperability, which is where we all want things to end up. Problem is, the guys holding all the $$$ within the vendors are then put in an interesting position...support these initiatives at the cost of software sales. Because in doing so, they're effectively cannibalising their own market. This is especially prevalent in the Federated Identity space because the whole concept of Federation is built upon open standards.

Like I said before, I don't think they can stop the freight train and the Federated software products look to be next in line for commoditisation.

Monday, January 29, 2007

Today's my 6 year anniversary working for...

Ok, so until now I have not explicitly said which company I work for...not that anyone reading this couldn't have figured it out. My details are out on the web and a Google search for "Ian Yip" will allow one to discover my employer within the first 2 pages of the search results because using your wonderful powers of deduction, you should know I'm not a doctor (do that search and you'll get what I mean), I'm Australian and I live in Australia (at least I do at the moment - more on this in the next paragraph) and I have an interest in all things Identity related. For those still scratching your head, today is my 6 year anniversary working for IBM. For that reason, I've tried to steer clear of talking about anything IBM related unless it was relevant to the topic, both because I don't want to appear biased nor do I want IBM coming after me for anything inflammatory I might say about the company. Those of you who know me understand I'm rather cynical at the best of times...especially towards my current employer. (Aside: So what did I get from IBM for my 6 year anniversary you ask? Well, nothing. Not that I expected anything. For my 5 year anniversary, I received a Selangor Pewter puzzle! I was so thrilled by it I can't even remember what type of puzzle it was...nor can I remember where I put it. I don't remember trying to sell it on eBay? Hmmm.)

Why am I bringing this up you ask? Well, my last official day at IBM Australia is in February. The obvious question most will ask is "what company have you defected to"? The right question to ask is "where are you going"? I'm moving to the UK for a year or 2. Maybe more. Who knows. I've yet to find a job over there for various reasons. Distance being one and Visa hoops to jump through being the other. I may just wait until I get there to find a job if it all gets too difficult. Nothing like being in someone's face rather than speaking over the telephone. Who knows...maybe no one will want to hire me and I'll just spend the time travelling through Europe. Now there's an idea! All I can say is that it'll be interesting to see where I end up.

Guess I'll have to change my blog profile soon to reflect my move...not yet though. I still remain based in Australia for a few more weeks.

Bit of a light month in Identity

I'm all iPhoned out. Seems all the news in January's been about Apple and the iPhone. The announcement at MacWorld, Cisco subsequently suing Apple over the use of the name and the latest being a Canadian company (Comwave) claiming to have the rights (at least in Canada) to the iPhone name. From a marketing standpoint, Apple's done a brilliant job here. Even if the damn phone doesn't end up being called an "iPhone", we'll all know it as "that thing formally known as the iPhone" - the point being that we've all heard about it. There's been much discussion about why Apple even announced it when they knew Cisco had claim to the name in the US (we know this because Apple was in talks with Cisco over licensing the name from them before the iPhone announcement). The most logical conclusion seems to be the publicity. I have also yet to read about any geeks out there who don't want one. They all practically wet themselves over the announcement...maybe that'll change when the hype dies down. I for one, do NOT want one...maybe I'm the only one. I must not be geeky enough.

So in a month where nothing was interesting enough for me to comment about, here's a few main bits of Identity news I came across:
  • The Burton Group followed up a previous post about the Law of Relational Symmetry (which I referenced in an earlier post) with a post relating to the Law of Relational Risk. I for one had a tougher time grasping the concepts here, so I REALLY had to concentrate.
  • The Burton Group also mentioned the "ascension" of authorisation management within enterprise environments of late. Seems this concept just won't go away...and rightly so. But as I mentioned in an earlier post (although at the time I used the term "entitlement management" and made mention of a company called Securant, which started a discussion between myself and Securent's CEO Rajiv Gupta which you can read in the comments section of that post - I should note that he didn't respond to my email following my final comment. I'm sure he had better things to do than debate terminology with me), this is not a new concept. It's just getting more attention of late.
  • EMC talked about leveraging their RSA acquisition to "identity enable" their suite of products. I'll believe it when I see it!
  • Microsoft Windows Vista launched - probably means we'll start to see the advent of more Windows CardSpace enabled solutions.
  • IBM announced the release of Identity Mixer, which is software designed to help people hide or anonymise their personal information on the web. This has been donated to the Higgins project.
  • The Liberty Alliance announced a Portal called OpenLiberty.org to "provide easy access to tools and information to jump start the development of more secure and privacy-respecting identity-based applications based on Liberty Federation and Liberty Web Services standards".
  • Microsoft Architect for Identity and Access and User Centric Identity luminary Kim Cameron gave examples about how one would integrate CardSpace with OpenID.
  • Kim Cameron and Dick Hardt (yes that really is his name), CEO of Sxip had a bit of a friendly stoush over OpenID and what Kim thinks is a susceptibility to phishing unless OpenID adopts some of the more secure concepts behind CardSpace. Dick responds on his blog. The discussion continues in the Identity-sphere.
  • Australian Prime Minister John Howard announced changes in his cabinet making Senator Ian Campbell the new Minister for Human Services. He takes over from Joe Hockey who is now Minister for Employment and Workplace Relations. I mention this because it means that there's now a new guy in charge of Australia's Access Card initiative which has the potential to become our National Identity Card depending on what happens moving forward. It will be interesting to see the direction this takes moving forward with new leadership in place...not to mention the continuation of all the Software Security vendors (one of which I work for - more on this in the next post) and System Integrators salivating at the sheer size and potential $$$ involved with winning even part of the bid to implement this or to provide part of the infrastructure for it.
Note: I think I've just broken my record for the number of outgoing links in a single post.

Monday, January 08, 2007

New year resolution? If you want to call it that...

I was trying to avoid posting any lame "new year resolution" entries as I don't see why anyone needs to pick a symbolic point in time to decide they need to do something. My opinion has always been if you want to do something, make a decision to do it and make it happen! As a result, I don't usually make a new year resolution. It just so happened that I've decided to take some action about something at this time of the year, which I suppose makes it a new year resolution by coincidence.

First a bit of background...

Those that know me well know that I have a bit of an interest in all things entrepreneurial. Hey who doesn't right? Anyway, I'm only posting about this because I need a reference that I can use for myself as a motivational tool to get me to take steps forward. Otherwise, it's just too easy to say "I'll just spend today watching the cricket and do that thing tomorrow when the cricket's over." Problem is, the frigging tennis is on tomorrow and you find yourself saying you'll do it when the tennis is over. It's a vicious cycle of inaction.

I got a news story via one of my RSS feeds (of which I have way too many, but that's another problem for another time) about a new site that lets you order custom music. They seem to be targeting the romantic at heart and lets you order a piece of "tailored custom" music for your loved one for a fee. That's one of the ultimate unique gifts right? Which girl (or guy) wouldn't like a song that was written just for them? Maybe I'm over-generalising here but you get my point. It's a good idea if executed and marketed well. Of course, I'm a bit biased here because this EXACT idea's been floating around in my head for the PAST 2 YEARS! I'm in NO WAY implying that these guys stole my idea. How could they? I never told anyone about my idea! I just always thought it would be a good business. Even worse, I have the skills (at least I think I do - others may think I suck at the skills required) to do what's required. I am a classically trained pianist who dabbles in songwriting occasionally AND I'm in the IT industry and have the skills to build such a site that could service such a business! I even have my own amateur-ish recording studio with a keyboard, external midi device, microphones all hooked into my computer and the Dolby 5.1 surround sound system.

Now for the "new year resolution"...

This has been bugging me for the past week so I've decided that my resolution for the year 2007 is:
Just Do It!

I've always been a big fan of Nike so I guess I should have taken more notice of their slogan. Oh, and I do not and have never worked for Nike so I have nothing to gain from saying any of this other than it's an appropriate mantra for me. Hopefully they don't try to charge me for adopting it otherwise I'll have to find a new one.

Now, I just need a new idea that I think can fly and go for it.

Incidentally...my birthday is coming up this month. Anyone want to buy me a tailored custom song? I didn't think so :-)