Monday, February 12, 2007

rfi User-Centric Identity and the Enterprise Market


Re my message a moment ago to Sandy, from whom I never need to request interaction, because she's always beating me to the punch:




Re your question: "How likely is it (technically, not sociologically) they
will find something (desktop with Vista? Internet portal? freewares you
mention or ?) that works well at home and that they will then take to work,
or take the demand for it to work?"

My tentative, hedging, heavily qualified response:

It's 50-50 likely.

In other words, look at various now-ubiquitous business clients/tools/apps
that got their initial commercial push (to a degree) in the B2C space (e.g.,
the Web, Internet e-mail, e-commerce, cellphones, WiFi, instant messaging,
VoIP, social networking) and then penetrated the enterprise (intranet, B2B,
etc.) market in a (big, medium, or small-but-growing) way (we could easily
debate which demand-side driver, B2C or enterprise, had the first-push in
each of these segments, but it's undeniable that the B2C acceptance was
fairly strong from the start in all of them).

Now look at the identity management space--in which, B2C-wise, trusty ol'
username/password still rules, and in which federation (SAML, Liberty, etc),
is still not a major force, but in which the enterprise/B2B demand-side has
been the dominant driver for federation.

Now look at "user-centric identity" as an IdM approach that's originating on
the B2C side, not so much as an alternative to federation but as a sort of
adjunct that will eventually converge with federation if/when user-centric
identity penetrates (to varying degrees) the enterprise market.
Enterprises are not generally "user-centric," where their employees are

Instead, enterprises are "company-centric," with a strong bias/inclination
toward "owning" their employees' identities/credentials/attributes and
controlling them tightly.

In other words, enterprises (i.e., IdPs run by your employer) provision you
your identity, and reserve the right to deprovision it.

This is the opposite paradigm from the radical "I issue, own, and manage my
own identity" ethos/ideology that motivates many folks developing the
"user-centric identity" space.

Bottom line: Employees will demand user-centric identity from their
organizations as a tool for managing the diverse identities (e.g., roles)
that they play with respect to those organizations (e.g., formal job
description role, plus roles specific to each solid-line and/or dotted-line
reporting relationship, plus roles specific to various projects/teams in
which I participate for this company). User-centric
business-role-multiplicity management.

Or something less wordy. I'm working on it.



Your words welcome: