The aim of the meeting, which was open to all members of the Directory
Interoperability, Messaging, and Security Forums, was to advance the
Identity Management work of The Open Group, in particular on:
- The Open Group Enterprise Identity Management Architecture Guide
- Common Core Identity Representations
Three business models for federation were presented as input to the
Enterprise Identity Management Architecture Guide. The models were
accepted in principle, but will be subject to further detailed comment and
review. The meeting then discussed alignment of the Guide with The Open
Group Architectural Framework (TOGAF). This alignment will help the
authors to concentrate on Identity Management, rather than general
architectural process. It can be achieved by developing Common System
Architectures, Building Blocks, and Patterns for Identity Management.
INCITS is the (ANSI-accredited) US body that makes input to ISO in a
number of areas related to Identity Management. It is interested in
working with The Open Group on Role-Based Access Control (RBAC), and
possibly on a general ISO Identity Management Framework. It was agreed to
discuss this further with INCITS.
The meeting discussed the Common Core Identity Representations Summit
that had been held the previous afternoon. Reaction was positive. The
organizational framework for the work must be established; this will be
done through the Common Core Identifier teleconferences.
The summary of
identity management standards on The Open Group website was reviewed.
There have been important developments in the last three months. These
were discussed, and they will be reflected in updates to the web page.
The infrastructure for the Identity Management Implementation Catalog,
which will enable potential customers to compare vendors' descriptions of
their products on a like-for-like basis, is almost complete. The meeting
reviewed it, and discussed some suggestions for improvements.
The meeting also reviewed, and suggested improvements to, The Open
Group's new website, and in particular to its Identity Management pages.
The Open Group was an early pioneer of information and service
provision via the web. However, its identity management infrastructure is
based on old technology, and does not take advantage of new standards.
These could, for example, enable it to use SAML assertions for
authentication, in place of user IDs and passwords. Transition to these
standards would be good in principle, but there would be practical
difficulties. The idea merits further exploration.
Work will continue on the Architecture Guide, with the aim of having
near-publication-quality material by April.
A teleconference will be held with INCITS to explore the idea of joint
work on RBAC and other Identity Management topics.
Collaboration with the NAC and the DMTF on Common Core Identifiers has
started excellently. The next step is the development of a charter for the
work.
The infrastructure of the Identity Management Implementation Catalog
will be completed, and product vendors will be invited to submit
information.
The possibilities will be explored of making recommendations for
enhancing The Open Group web infrastructure to accommodate modern Identity
Management standards and technology.
