The Identity Management Forum work is fully supported by the Security Forum, whose
members also participated in the whole Identity Management Forum agenda.
Introductions, Agenda, & Actions Review
After a round of introductions, the attendees reviewed and clarified the proposed IdM
meeting agenda, then conducted a review of actions from the previous meeting (Houston, October
17-21, 2005), to establish the current status on each project activity.
Framework for Identity Management
This joint project with INCITS CS1 and ISO JTC1 SC27 includes the Identity Management
project as a formal liaison to INCITS CS1 and we are awaiting formal notice from ISO JTC1 that they
have granted category C liaison to The Open Group for this project. In the meantime, the
first set of review comments from the IdM Forum, developed in the October (Houston)
meeting, were accepted by SC27 in their November 2005 meeting in Kuala Lumpur. We now await
the revised draft of this document from the three SC27 rapporteurs. This is due by the end of
January 2006. Meanwhile, recognizing that ensuring we include all issues in the initial key
section of the document, we gathered review feedback on the Introduction (a complete
re-write), Scope, Normative References, and Terms & Definitions.
Architectures for Identity Management
Updating this document to fit the proposed new structure is not yet complete, but is
expected shortly. As soon as it is available, it will be provided to members for wider
review aimed at achieving a recommendation for publication.
IdM Design Patterns Workshop
In two highly interactive workshop sessions, members reviewed the draft
Third-Party
Identification design pattern, arriving at agreement on major revisions that are expected
to deliver a high-value fit-for-purpose Third-Party identification design pattern that will
form the basis for other identification patterns and indicate significant
requirements for our proposed "authentication" pattern.
Identity Management Catalog
This IdM Catalog is intended as a source of comparative information on identity
management products. It comprises a template of questions which vendors are invited to
fill in to describe their IdM products. Experience of reviewing entries to date
indicated that some areas of the template were inadequately precise, so in a valuable
workshop, a vendor-member conducted a review through the sections of the template that had
given his marketing department the most problems. This yielded significant improvements
which will be implemented in a revised template. The result is expected to generate more
interest from vendors in adding entries for their IdM products and greater value in the
information they provide.
Common Core Identifiers
This CCI project is a joint activity with the Network Applications Consortium (NAC) and
Distributed Management Task Force (DMTF). It was started in response to a challenge issued
in January 2005. Development has progressed to a point where there is agreement on a
common core identifier having a notion of issuer and conformance constraints requiring the
issuer to issue identifiers in accordance with a method, the method being defined in such
a way as to ensure that all issued identifiers are unique. A two-part identifier is
considered an appropriate method. Two deliverables are nearing completion: a Framework
Document which includes a matrix comparing the features of different identifier
mechanisms, and a Business Scenario.
IdM Standards Entry in Standards Information Base
A draft document proposing established standards relating to identity management was
reviewed, and additional standards were proposed. The resulting revised draft will be
presented for final review leading to a recommendation that it should provide the content
for a new Identity Management section of standards in The Open Group's Standards
Information Base (SIB) - which is publicly available at www.opengroup.org/sib.
Best Practice Guide for Directory in IdM
In the previous meeting it was proposed that this new project should be launched in
January 2006. The intending project leader was unavailable in this Barcelona meeting, so the
launch is delayed until after the meeting. It is expected that it will start in
mid-February and figure in our agenda at the next meeting (Washington DC, April 26-28).
