Making Sense of Identity Management

With the rise of service oriented architecture, maintaining a consistent user identity across multiple enterprise systems is becoming increasingly difficult. In an attempt to address the pain that many large IT organizations go through, the software industry has given birth to an onslaught of standards with the purpose of maintaining a common identity across the enterprise. Jason Rouault from HP has written a great paper that sheds some light on that space: Making sense of the federation protocol landscape. As an introductory reading, I strongly recommend An introduction to identity management as well. I like the following definition for identity management:

The set of processes, tools and social contracts surrounding the creation, maintenance, utilization and termination of a digital identity for people or, more generally, for systems and services to enable secure access to an expanding set of systems and applications.

The following pictures sums it up well from a conceptual standpoint:

In my views, a right identity management strategy can provide a strong competitive advantage to an organization as distributed application or services can leverage a much better known user and therefore increasingly build value added to address their employees, customers, partners, and suppliers needs. As organizations consider service oriented architectures, it is critical to craft an identity management strategy in line with such distributed services.