You are here: The Open Group > Architecting to the Edge™ > Proceedings > Report

Identity Management Forum

Objective of Meeting

The Identity Management Forum met in Washington DC on Wednesday April 26.

This meeting included all members of the Security Forum. The meeting aimed to progress all the IdM projects in its current work program. These included:

  • Framework for Identity Management (joint with INCITS CS1 & ISO JTC1 SC27)
  • Architectures for Identity Management
  • IdM Design Patterns
  • Identity Management Catalog
  • Common Core Identifiers (joint with NAC and DMTF)
  • Best Practice Guide for Directory in IdM
  • IdM Standards Entry in Standards Information Base


A slide set covering the agenda and project status for Identity Management Forum activities is available here.

Framework for Identity Management

This is a joint project with international standards bodies INCITS CS1 and  ISO JTC1 SC27; we are awaiting formal notification that we have been granted category C liaison status with ISO JTC1 SC27, which will entitle us to make direct review representations to their drafting the ISO Standard on this topic. SC27 is currently revising its working groups structure into five working groups. This restructuring activity is delaying their progress on project work, including this framework standard. ISO JTC1 SC27 Working Groups are meeting in Madrid Spain on May 8-12. We may expect a pre-Madrid meeting draft next week, and may submit comments on it before their May 8-12 meeting if we so wish. We look forward to progress from their Madrid meeting, although we understand they have allocated only one hour to developing this IdM Standards framework document.

Architectures for Identity Management

Due to other work priorities, little progress has been made on this document since the previous meeting in Barcelona. The situation remains that the co-editors have yet to decide whether to develop new material to fit into the revised structure so it presents a balanced view, or to revise the structure (yet again) to fit the material that they currently have. They are looking for additional resources to complete this project. Noting that there is significant value in the existing draft, we will make the latest draft available to all members on our IdM web page and invite renewed review to establish exactly what additional contributions are needed, and establish a realistic plan for completing it.

IdM Design Patterns

The revisions for our 3rd Party Identification and 2nd Party Identification design patterns are captured in  notes from the design patterns workshop session held in Barcelona, but are not yet available in revised pattern definitions. Work will continue to complete this activity, which is expected to result in almost final patterns. We are also interested in developing an authenticator design pattern, and have hopes of developing a draft for it for review in the next conference (Miami, July 17-21). Members also noted that several new books on security design patterns have been published recently. Members agreed to take our design patterns work forward by reviewing our current work in the light of these new publications, and shifting our focus between now and the next meeting to considering applying existing design patterns to specific security problems - such as are being proposed in the Jericho Forum's de-perimeterization space - to demonstrate the value of using a design patterns approach to solving today's IT security problems.

Identity Management Catalog

We have now resolved the final issues on updating our questions in the IdM Catalog template, so will update the template as soon as possible, and then invite those with existing entries in the Catalog to revisit their responses in the light of the clarifications the revised questions provide. Work is progressing well on development of an  advanced web page display system for our Identity Management Catalog, and we will drive this through to completion as rapidly as time permits. It was agreed that we will aim for launch of our IdM catalog at the July Conference in Miami - this will require a deadline of June 30 for close of entries by vendors, allowing time for approval by our Editorial Advisory Board, and preparation of a press release involving the vendors who have provided entries.

Common Core Identifiers (joint with NAC and DMTF)

The Company Review of the CCI Business Scenario and the CCI Framework (comprising the framework document, and the framework matrix spreadsheet) closed on April 11, and the ballot on change requests closed on the day of this meeting (April 26). Members of the IdM Forum were the prime review and balloting constituency in The Open Group. The NAC are running their review of this document concurrently and we are coordinating their feedback in order to close on mutually agreeable solutions. The DMTF has not participated in the CCI work in recent months and has indicated that they have copyright problems with joint publication, so publication of the approved document may not include them. There is also liaison activity underway with W3C to explain why their URN does not serve the requirement for a CCI (the reason is because URN is tied to a protocol), and with OASIS to follow up on evolving their XRI standard so it meets the requirements that have been identified for CCI. The resulting published CCI documents are expected to provide high value to those engaged in the area of shared identifier usage across organizational boundaries - a very difficult area because of problems migrating from the many legacy systems that currently exist, business reluctance to invest in moving from solutions that currently provide adequate solutions for today (though probably not tomorrow), and the purist problem of agreeing what is a "final" solution for an enduring (permanent) universal unique identifier scheme in an industry that is characterized by adaptability and change.

Best Practice Guide for Directory in IdM

Members received a presentation proposing this new project - to develop a best practices guide to Identity and Access Management Framework (IAMF), covering what IT needs from the infrastructure and why. The presenter declared willingness to lead this project. The outline structure proposed addressing this under several key headings: high availability, serviceability, leveraging mature & established industry standards, performance, security, compliance with legislation & regulations, hardware, and case studies. All members were invited to review this proposal, provide their feedback, and indicate their interest in being an active contributor/participant.

IdM Standards Entry in Standards Information Base

Members reviewed the final draft preparatory to submitting it for Company Review, made further additions to include standards called out in the CCI matrix, and deleted some that were viewed as peripheral or not current. The resulting draft will be submitted for Company Review directly following this meeting.


Agreement on a set of actions to progress the work discussed in this meeting.

Next Steps

Issue and progress completion of the agreed set of actions arising from the meeting.


See above.

   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page