The first objective was to address the structure of the DIF and the Identity Management Work Area within The Open Group, as the
focus of interest had shifted from Directory Interoperability to Identity Management, and the current structure in which
Identity Management was a joint work area of the DIF with the Security and Messaging
Forums was no longer ideal.
In addition, the meeting aimed to progress The Open Group's Directory Interoperability and Identity Management
work items:
- Directory Good Practice Guide
- Identity Management Implementation Catalog
- Identity Management Framework
- Identity Management Design Patterns
- Identity Management Architecture Guide
The Common Core Identifiers work item, which is being pursued jointly with the DMTF and the NAC, was
the subject of another meeting, which is reported separately.
The meeting also included an update on the current state of standardization for Identity Management.
Forum Structure
A new Identity Management Forum will be formed to progress The Open Group's work on
Identity Management. The DIF will no longer be a Forum. Its work, including responsibility for the LDAP Certified
program, will be transferred to the new Identity Management Forum, as will its membership. Collaboration
between the DIF and the Security Forum will continue in the new Forum, with existing Identity Management projects
becoming joint projects of the Identity Management Forum and the Security Forum.
Directory Good Practice Guide
The aim of the Directory Good Practice Guide is to provide guidance to directory application developers on
how to produce applications that will work with any standard LDAP server.
This DIF project had been held up for lack of effort. It is hoped that progress can now be made
within the wider context of the new Identity Management Forum.
Identity Management Implementation Catalog
The Implementation Catalog is designed to enable identity management product vendors to produce product
descriptions in a standard format where they can be compared on a like-for-like basis by prospective
customers. The web infrastructure had recently been completed. The meeting reviewed it, and discussed
how to solicit vendors to provide input to the catalog.
Identity Management Framework
The Open Group is working jointly with the US InterNational Committee for Information Technology
Standards (INCITS) to develop input to ISO for an International Standard Framework for Identity
Management. INCITS serves as the US Technical Advisory Group to ISO/IEC JTC1.
The meeting discussed liaison arrangements with INCITS (whose relevant subcommittees had been
reorganized) and reviewed the state of the discussions in ISO on whether to adopt the Identity Management Framework
as a new work item.
Identity Management Design Patterns
Design patterns help enterprise IT architects to apply proven solutions to known problems.
A library of Identity Management design patterns will be a valuable adjunct to the
Identity Management Architecture Guide.
A workshop session discussed the potential Identity Management design pattern of Second
Party Authentication in depth. This gave everyone an understanding of the value of design patterns, and of
how to develop them.
Preparations were made to develop this design pattern, and two others, as a starting point for the library.
Identity Management Architecture Guide
The Identity management Architecture Guide is designed to give information systems architects
working in and for enterprises a better conceptual understanding of the role of identity management and how to design for it,
plus specific practical recommendations and advice.
The meeting reviewed the input for the Guide that had been collected to date,
decided that it is complete but needs re-organizing, and agreed on a schedule to prepare
it for publication.
Standards Update
The meeting reviewed the latest developments of identity management standardization in the IETF, the Liberty Alliance,
OASIS, WS-I, WS*, and X.500.
The Open Group's website will change to reflect the new Forum structure.
This will enable due prominence to be given to identity management activities. There will be no
significant impact on entitlement of members to participate in activities.
The new Identity Management Forum will discuss the Directory Good Practice Guide. An initial
section will be produced as a starting point and as an example for development of further sections.
Vendors will be asked to input product descriptions to the Identity Management Implementation Catalog.
The Identity Management Forum will continue discussions with INCITS on input to the proposed
International Standard Identity Management Framework.
Three initial Identity Management Design Patterns will be developed.
The Forum will reorganize the existing input material for the Identity Management Architecture Guide, with the
aim of completing a Company Review of the Guide prior to the Houston conference.
