Last week, I spoke at the eema European e-Identity Management Conference. Although intended for “those in business, public sector and government who are involved in the policy, security, systems and processes surrounding identity management”, the high price tag of the conference meant it was very business oriented. This lead to an interesting focus on mobile identity – an area that we haven’t touched on in much detail within JISC – but also to many concepts that we have been exploring in the JISC arena for some years such as federated identity, identity in the cloud etc. etc.
It was of course very satisfying for me to hear Kim Cameron of Microsoft talking about identity federation, interoperability with SAML, and the Cloud Identity Federation Gateway which is part of recent work at Microsoft, including the Identity Software and Services Roadmap. Cameron described identity in terms of claims based access, with a claim as an assertion that is in doubt. He sees it as the business of identity management to validate that claim. The importance of this in the changing environment is that enterprise systems used to be closed, but are now permeable with many interactions outside of the traditional firewall. These are exactly the issues which the education community has been grappling with through its adoption of SAML.
Kim finished by warning people ‘not to be the only person out there with a fax machine’. Given the focus on SAML at the conference, the adoption of the standard seems a sensible way of not being that person.
Overall, it seems as if the commercial world is in agreement with the education sector on its approaches to access and identity management, and in fact the education sector seems to be ahead in many respects in the route it has chosen. The hot topic of the conference was ‘identity in the cloud’ – my immediate reaction to this is that a fully distributed federated identity system does much of this already. We are in the right place.
(Oh, and in case your interesting, my slides on the Tao of Attributes are here, with much thanks to Ken Klingenstein for all the input!).