Earlier this week I posted a first-look analysis of Microsoft’s Cloud-based Identity Metasystem (IDMaaS).In that analysis I stated:
Microsoft is not only doing something innovative — but profoundly innovative.On June 7, Nishant Kaushik (Chief Architect at Identropy) wrote on his blog (How Do Governance Controls fit into IDMaaS?):
I’ll be honest, I’m having a little trouble seeing what is so innovative about WAAD itself. How is the fact that becoming an Office 365 customer automatically gives you an AD in the cloud that you can build/attach other Azure applications to that differentfrom Oracle saying that deploying a Fusion Application will include an OUD based identity store that the enterprise can also use for other applications?I’m not going to address the question about governance controls as I think Dave Kearns — my colleague at KuppingerCole — addressed this matter nicely already.
Why is Microsoft’s Vision of IDMaaS so Profoundly Innovative?Nishant must not have read my post very carefully. In my explanation of why Microsoft’s vision for IDMaaS is so profound, he failed to notice that I never once mentioned WAAD (Windows Azure Active Directory) or Office 365. There is a reason for that. I am not applauding Microsoft’s — or any other vendor’s — implementation of IDMaaS.
What is so profound about this announcement is that Microsoft is following Kim Cameron’s directives for building a Common Identity Framework for the planet, not just for a vendor.
In 2009 Kim Cameron, Reinhard Posch and Kai Rannenberg wrote Proposal for a Common Identity Framework: A User-Centric Identity Metasystem.
In section 5.4 of that document, the authors spell out the requirement for customer Freedom of Choice.
Freedom of ChoiceThis definition is quite different than the freedom of choice Mr. Kaushik writes about in his blog piece. I posit that the Microsoft vision is so profound because it is built on a definition of Freedom of Choice that fits the above description and not where the customer is free to choose a particular captor.
Freedom of choice for both users and relying parties refers to choice of service operators they may wish to use as well as to the interoperability of the respective systems.
And so I state again:
Freedom of Choice != Your Choice of CaptorMicrosoft’s vision has changed the playing field. Any vendor building IDMaaS that is not meeting the Freedom of Choice requirements defined here is no longer in the game. That is profoundly innovative because this is truly a vision that benefits everyone — but mostly the customer.