English   Deutsch

Martin Kuppinger: Think beyond the silo
Think beyond the silo

In the survey recently published on the relation of SOA and Identity Management and the status of the SOA Governance which we developed together with Ernst & Young, it has become clear that one of the larger problems of IT is the silo structuring. IAM and SOA are equally separated silos like the areas of BSM. There are exceptionally few suppliers who strive after a closer integration of BSM and IAM.

by Martin Kuppinger
mk@kuppingercole.com

The problems emerging from such silo thinking are obvious. The survey shows clearly that a stringent, continuous and renewable safety concept is missing for most implementations of SOA-based applications. This makes the external management of safety, auditing or the software audits difficult up to impossible, in any case more expensive than is necessary.

There is a clear necessity to look beyond the edge of the silo also in the BSM and IAM fields of conflict. The basic approaches to deal with Services like it is defined by ITIL can be applied in every kind of Service. A part of Identity Management-Services is already to be found in ITILvS. One can apply the methodology just the same on Software-Services like Web Services as well as other Identity Management Services not considered as standard services by ITIL.

A second aspect is the Identity Service which is increasingly defined. Whether one considers Oracle's SOS, takes the SAP notices to NetWeaver Identity Services or realizes one's own concepts for application security infrastructures: There must always be reliable services after the service-interfaces used by programs. SLAs are needed here for example, as well as Service Management. And here again we are automatically with ITIL and BSM.

The third point is the reckoning. Services are a good starting point for an improved reckoning and traceability of IT in the future through their granularity. In order to do this, one must know in context of which user, which group or which role the service will be used. Only then can the costs be correctly allocated.

This connection is naturally the same for the security. One must be able to control the access to Services - and that is a condition of IAM.

Thus there are many places in which IAM, BSM and SOA must grow together. This will however only succeed if the existing silos in the IT-organizations open, at least so far that the advancement of the mentioned topics all pull along the same line. This unavoidable redefinition of IT-organizations is a CIO-task. Those who ignore it will not be in the position to solve many of the fundamental challenges of IT successfully.

Created: 14.08.08, modified: 14.08.08
Information
Services
KCP provides strategic consulting services for vendor and user companies covering all areas of identity & access management.
Reports
Use KCP as an independent, objective, and neutral authority on the Market for Identity Management products and solutions
Podcasts
Free audio and video presentations on important IAM-topics
Current surveys
Marktstudie IT Service Management
PARTICIPATE 
Blogs
European Identity Conference Blog
30.06.2009 22:26
New design
READ 
Martin Kuppinger
30.06.2009 15:58
Stronger and simpler authentication
READ 
Tim Cole
27.06.2009 09:22
The flowering of the identity store
READ 
Felix Gaehtgens
16.06.2009 20:47
Hooray, LDAPcon 2009 is coming up!
READ 
Sebastian Rohr
05.05.2009 12:03
EIC09: ICF-German Chapter Gründung
READ 
Joerg Resch
07.06.2008 10:28
Yubikey - New Hardware for Strong Authentication
READ 
Links
 Kuppinger Cole News

 Kuppinger Cole Podcasts

 Kuppinger Cole on Facebook

 Kuppinger Cole on Twitter

 Visit us at Xing

 IAM-Wiki

 GenericIAM
Imprint Terms and conditions Privacy policy
© 2003-2009 Kuppinger Cole + Partner