Directory and security services are beginning to merge – a development that will greatly further the role corporate networks play in e-commerce. This is according to Jamie Lewis, president of The Burton Group.
“We’ve seen the directory and security emerge first in and of themselves,” Lewis said. “But now they are starting to combine into identity and access management. We are starting to see the need to extend the two and make them portable across enterprise boundaries. It is an important trend,” he added.
Lewis said the merger of the two network services complements the Web services theme being trumpeted by major vendors, including Hewlett-Packard Co., IBM Corp., Microsoft Corp., Oracle Corp. and Sun Microsystems Inc.
“These Web services are proposals for building distributed applications,” Lewis said. “The key question is how will those applications link to user identity information and access management.” Those links will have to happen across business-to-business trading communities, exchanges and portals.
He said companies must simplify their existing network infrastructure and create a network that can scale for use by internal users and external customers and business partners.
Lewis said standards will be key and he pointed to two emerging efforts: the Security Assertion Markup Language (SAML), which is a common XML security standard for exchanging authentication and authorization information. The other is the XML Key Management System (XKMS), which is a standard key management service comparable to public-key infrastructure (PKI).
“If you log into a portal site that is an aggregation of services [from multiple companies], how do you gain access to all the piece parts? You use SAML to log into one site but gain access across enterprise systems,” Lewis said.
The SAML specification is under development at the Organization for the Advancement of Structured Information Standards.
Lewis said XKMS is important because it subtracts some of the complexity from PKI, a system for secure communication. XKMS is under development at the World Wide Web Consortium.