English   Deutsch   Русский   中文    

What I would like to see First from IDMaaS

Jun 06, 2012 by Craig Burton

Intro

Kim Cameron and John Shewchuk jointly rolled out Microsoft’s vision of Identity Management (IDMaaS) as a Service and then Microsoft’s implementation of that vision as Windows Azure Active Directory (WAAD). I posted first impressions. Kim Cameron responded.

This morning over coffee I was gesturing through Zite — the iPhone and iPad personal publishing review app. There was my blog post in the headlines. I realize that Zite personalizes the headlines so probably no one else saw that, but that seemed pretty cool.

IMG_0021

Anyway, it got me to thinking what kind of things I would like to have access to in WAAD to see if it is going to work and meet some of the tough requirements.

Keeping it simple, here is what I came up with.

Give me Devices and Device Management in the Cloud

Give me a way to put my devices into the cloud and get events from them, manage them, and allow other apps and systems to manage them.

One way to do the whole thing would be to use the Windows Management Instrumentation design and Apples System Profiler.

Both systems are kind of old and have a legacy of issues around them. But that is perhaps the whole point. Make the legacy management namespaces work. Why reinvent them? Just use the moment to fix the inherent problems and move forward. We need a schema for known devices. No sense in creating a new one. Use the namespace we have; despite its complexities and detractors.

Built in to Windows is a management instrumentation framework. It’s called Windows Management Instrumentation. It’s a cool design but old and hard to get to—the rigorous but complicated Common Information Model and SOAP—both keep accessing WMI relatively hard.

The Apple System Profiler is also relatively complicated requires the use of Apples IOKit.

So here it is—give me device registration and management with a RESTful interface and JSON data format.

Here is on step better, when devices raise events, use the evented-api architecture — or an equivalent — and post them to a webhook so other apps can take independent action on the event.

Why Device Management in the cloud would be Cool

The identity explosion is upon us. Cisco recently published a report covered by Network World that predicts there will be 3 times as many devices as people by 2016 (18.9 billion) — I predict this number is conservative. Let’s see if we can securely put the management and profiling identifiers in the cloud, protect privacy, and enable access.

This way we keep things simple and we don’t have to start with people identifiers which tend to get people all worked up. People can readily start to see why device identifiers and claims in the cloud are useful. Other developers can throw in their management expertise and quit spending so much time building identity infrastructure for protection — after all, doing more with less resources is one of the core purposes of IDMaaS.

Do you have a better idea or any request about WAAD? Let me know and I will post it and see how Microsoft responds.

Google+

top
Author info

Craig Burton
Profile | All posts
KuppingerCole Blog
By:
KuppingerCole Select
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live training sessions.
Register now
Spotlight
Consumer Identities
When dealing with consumers and customers directly the most important asset for any forward-thinking organisation is the data provided and collected for these new type of identities. The appropriate management of consumer identities is of utmost importance.
KuppingerCole Services
KuppingerCole offers clients a wide range of reports, consulting options and events enabling aimed at providing companies and organizations with a clear understanding of both technology and markets.
Links
 KuppingerCole News

 KuppingerCole on Facebook

 KuppingerCole on Twitter

 KuppingerCole on Google+

 KuppingerCole on YouTube

 KuppingerCole at LinkedIn

 Our group at LinkedIn

 Our group at Xing
Imprint       General Terms and Conditions       Terms of Use       Privacy policy
© 2003-2015 KuppingerCole