English   Deutsch

Martin Kuppinger: Think beyond the silo
Think beyond the silo

In the survey recently published on the relation of SOA and Identity Management and the status of the SOA Governance which we developed together with Ernst & Young, it has become clear that one of the larger problems of IT is the silo structuring. IAM and SOA are equally separated silos like the areas of BSM. There are exceptionally few suppliers who strive after a closer integration of BSM and IAM.

by Martin Kuppinger
mk@kuppingercole.com

The problems emerging from such silo thinking are obvious. The survey shows clearly that a stringent, continuous and renewable safety concept is missing for most implementations of SOA-based applications. This makes the external management of safety, auditing or the software audits difficult up to impossible, in any case more expensive than is necessary.

There is a clear necessity to look beyond the edge of the silo also in the BSM and IAM fields of conflict. The basic approaches to deal with Services like it is defined by ITIL can be applied in every kind of Service. A part of Identity Management-Services is already to be found in ITILvS. One can apply the methodology just the same on Software-Services like Web Services as well as other Identity Management Services not considered as standard services by ITIL.

A second aspect is the Identity Service which is increasingly defined. Whether one considers Oracle's SOS, takes the SAP notices to NetWeaver Identity Services or realizes one's own concepts for application security infrastructures: There must always be reliable services after the service-interfaces used by programs. SLAs are needed here for example, as well as Service Management. And here again we are automatically with ITIL and BSM.

The third point is the reckoning. Services are a good starting point for an improved reckoning and traceability of IT in the future through their granularity. In order to do this, one must know in context of which user, which group or which role the service will be used. Only then can the costs be correctly allocated.

This connection is naturally the same for the security. One must be able to control the access to Services - and that is a condition of IAM.

Thus there are many places in which IAM, BSM and SOA must grow together. This will however only succeed if the existing silos in the IT-organizations open, at least so far that the advancement of the mentioned topics all pull along the same line. This unavoidable redefinition of IT-organizations is a CIO-task. Those who ignore it will not be in the position to solve many of the fundamental challenges of IT successfully.

Created: 14.08.08, modified: 14.08.08
Information
Newsletter
Kuppinger Cole Identity Management Newsletter
Services
KCP provides strategic consulting services for vendor and user companies covering all areas of identity & access management.
Reports
Use KCP as an independent, objective, and neutral authority on the Market for Identity Management products and solutions
Podcasts
Free audio and video presentations on important IAM-topics
Current surveys
IAM-Studie 2010
PARTICIPATE 
Virtualization Security Trends & Insights
PARTICIPATE 
Blogs
Tim Cole
28.08.2010 11:53
Not Just Any Port in a Storm
READ 
European Identity Conference Blog
27.08.2010 04:45
Google authentication support
READ 
Martin Kuppinger
12.08.2010 11:34
Diving down to the details of access controls
READ 
Sachar Paulus
11.08.2010 10:05
The GRC Marketplace is shaking up: SAP and CA partnering on GRC
READ 
Sebastian Rohr
04.08.2010 20:18
Your token to VISA…
READ 
Felix Gaehtgens
19.02.2010 17:40
Gerry Gebel joins Axiomatics
READ 
Joerg Resch
17.02.2010 11:15
Identity Management is key to Smart Grid Security
READ 
Links
 Kuppinger Cole News

 Kuppinger Cole Podcasts

 Kuppinger Cole on Facebook

 Kuppinger Cole on Twitter

 Visit us at Xing

 IAM-Wiki

 GenericIAM
Imprint Terms and conditions Privacy policy
© 2003-2010 Kuppinger Cole