Guest Login | Client Login
Skip Navigation Links

Press Releases

Burton Group Catalyst Conference Testing Ground for User-centric Identity Management

Salt Lake City, June 18, 2007 –
Burton Group an IT research firm focused on in-depth analysis of enterprise IT infrastructure, is hosting a user-centric identity interoperability demonstration at Catalyst Conference on June 27 from 6:00 to 9:30 pm to encourage the industry’s work toward a widely adopted identity management model.

Based on an up-and-coming school of thought in the identity management community, user-centric identity management focuses on user empowerment in sharing personal information and self-determination in establishing relationships with relying parties. The primary approaches behind the user-centric model are identifier-based (such as OpenID) and information card (such as CardSpace) systems, plus other supporting standards and infrastructure components.

The purpose of the event is to demonstrate the viability of a user-centric model for use within and outside the enterprise infrastructure. Catalyst attendees, comprised mainly of technologists from Fortune 500 and Global 2000 organizations, are a group crucial to moving the industry toward wide-spread adoption user-centric identity management.

Participants include projects groups Eclipse Higgins Project, Internet2 Shibboleth Project, The Pamela Project, Ian Brown (OpenInfoCard), XMLDAP, and SocialPhysics and vendors BMC Software, CA, FuGen Solutions, IBM, Microsoft, NetMesh, Novell, Nulli Secundus, Oracle, Ping Identity, Sxip Identity, VeriSign, and WSO2.

The demonstration will be centered on a photo sharing application and will show the breadth and maturity of user-centric technologies by executing a variety of information card-based component capabilities including:

  • Protocol and wire format interoperability
  • Card format interoperability
  • Policy interoperability
  • Platform interoperability

According to Gerry Gebel, Burton Group vice president and service director, user-centric identity models can be disruptive to existing federation strategies. However, Gebel maintains that this interoperability event can demonstrate how user-centric and traditional federation protocols can be used in concert to address a broader range of usage scenarios.

Participant Comments

“User-centric identity is a critical component to a comprehensive identity management strategy,” said Hasan Rizvi, vice president, Identity and Security Products, Oracle. “We look forward to continuing our work with the security community in developing these technologies as well as demonstrating Oracle Identity Management’s interoperability with the Eclipse Higgins Project and others during Burton Group Catalyst Conference.”

“In the past year the development velocity of user-centric identity management technologies has greatly increased,” said Dale Olds, Novell distinguished engineer and Bandit Project leader. “Interoperability demonstrations, like this one, are a starting point for showing how these identity systems will function in an enterprise environment. Open source technology is the key to making user-centric technologies work together to deliver a consistent and transparent approach to managing identity information.”

“Broad interoperability is the cornerstone of the emerging user-centric identity layer for the internet. We appreciate the work the Burton Group and all the other participants have done to make this interoperability event possible.” Paul Trevithick and Mary Ruddy, the Eclipse Higgins Project.

“It is exciting to see the Identity 2.0 vision becoming a reality as user-centric identity technologies are solving today’s enterprise security challenges,” said Dick Hardt, Sxip Identity founder & CEO. “At Burton Group’s interoperability event, we’ll show how access to leading on-demand applications from Google and Salesforce.com can be more secure using Sxip Access and InfoCards, such as Microsoft's Windows CardSpace.”

“The interoperability of emerging user-centric identity mechanisms is important as the industry seeks to create a ubiquitous identity meta-system that simplifies and secures access to services and resources across domains. As a leader in both enterprise and federated identity solutions, CA is supporting these efforts in order to help IT organizations reduce costs, improve the customer experience, and accelerate time-to-revenue.” Jeff Broberg, Senior Architect for security management at CA, Inc.

"User-centric identity is the next big wave in identity management,” said Anthony Nadalin, IBM Distinguished Engineer and chief security architect for IBM Tivoli Software. “User-centricity distinguishes itself from other notions of identity management by emphasizing that the user maintains control over ‘what, where, when, and to whom’ a user’s identity attributes are released. Part of this notion enforces user consent which requires that (a) the user’s view of any transaction corresponds to the actual transaction and that (b) the user agrees to the execution of the transaction. For this model to work, we must define an open standard approach -- such as the Eclipse Project Higgins -- that enables software to work across any operating system and related software that communicates with any other identity management system.”

“User-centric identity management has progressed rapidly over the past few years and is at a stage of maturity where enterprises must ask ‘how’ not ‘if’ they will have to create solutions for interoperability with existing identity management systems and services,” said Lena Kannappan, CEO of FuGen Solutions, Inc., a managed identity services provider of IDP/SP scenario hosting, deployment testing, scanning and verification services. “Identity protocols and standards should enable a level of interoperability that provides enhanced experience for the user and ease of management for the enterprise, while also addressing the business, technical, trust, security and policy aspects of identity management.”

Catalyst Conference

Much discussion is expected at Catalyst Conference about how the industry can move forward with identity interoperability. Questions to be addressed during a roundtable session include:

  • Will user-centric identity replace today's federation technologies?
  • How serious are vendors about interoperability? Will Microsoft support SAML? Will Liberty and OASIS support WS-Trust?
  • Are URL-based identity schemes sufficiently safe for business use?
  • When and how will independent identity providers emerge? Is there a government role in getting federations started?

A podcast summarizing the upcoming interoperability demo can be found on Burton Group Inflection Point a complimentary resource that includes podcasts, blogs and research. http://inflectionpoint.burtongroup.com/

About Burton Group

Burton Group is an IT research and advisory services firm that helps technologists make smart enterprise architecture decisions about security; identity management; web services and service-oriented architecture; network and telecom; collaboration and content management, and data center strategies.

MEDIA CONTACT:
Amie G. Johnson
Public Relations Manager
Burton Group
(801) 304-8136

Consulting Services

Burton Group senior-level consultants Consulting Services

Learn More

about Our Consulting Partner Program

Research and Advisory Services

Download Brochure

© 2008 Burton Group. All rights reserved