What are the demand drivers for federation?
- Externalization: The users have left the building and so have the applications!
- Economic pressures: Emphasis on cost reduction/containment. If you don’t specialize in an activity: outsource it, offshore it, or buy it as a service
- Globalization and externalization: Enterprises interact with everyone: partners, customers, value chain, governments, higher education, joint ventures, etc. Applications, data, and users are everywhere.
I think if I was starting a new business today I’d look to a goal of 100% of my infrastructure and business tools as SaaS apps.
There’s a growing supply of federations:
- Shibboleth deployments in 25 national federations representing 1,500 apps and 15M users
- Exostar has doubled its customer base to 66,000 orgs
Protocol wars are over. SAML 2.0 is preferred by enterprises. OpenID and OAuth continue to attract interest, but mostly for low-assurance uses. Information cards also have interesting use cases. The focus is on solving business problems and using right protocols for the business scenario.
The business model for federation as a hosted-model still needs to be shaken out.
An IdP service needs to handle: registration, ID proofing, authentication and federation. Still some holes like SPML missing from this.
I highly recommend this paper by Bob: "A Relationship Layer for the Web". It's a free download.
What are some of the challenges around federation?
- SAML is not ubiquitous
- Many apps are not federation ready
- A hybrid SSO capability will be needed
- Federated provisioning is in a much worse state than SSO
- Point to point federations are not scalable for large environments. How do you scale to 100s or 1000s of partners?
- Compliance: Who audits what?!
- Federation focuses on authentication today
- But real federations require much more than authentication
- Federation capability needs to be broader and deeper
- Demand is strong.
- Cloud is driving
- Market is responding with innovative solutions
- Many unresolved issues remain: Uptake of federation protocols; SPML
Overall this was a great session. But, as Bob pointed out while a lot of progress has been made there’s also a very long road yet to be travelled for federation to really become ubiquitous.
Technorati Tags: Gartner,IAM,#GartnerIAM,identity management,QSFT,Quest Software