Back to the main page
Trend Watch: Identity Management Top 5
To help keep our readers ahead of the game in 2013, we asked industry visionary Vadim Lander, Oracle's chief identity architect, to identify the key trends that will shape identity management in 2013 and beyond. Here's what he told us.
Mobility Is Gaining Momentum
Applications are getting smaller and smaller, and at the same time, they're moving from a Web server–based model to a combination mobile-app-plus-Web-server model. This means that, in order to offer a native user experience, identity verification—formerly required only by business services—now has to be made available to the mobile application. This includes user authentication, validation of PIN codes, secure access to back-end identity services, etc.
As a result, identity management capabilities must be exposed as loosely coupled services delivered by servers over HTTP-based protocols. The broader term coined for the overall trend is “API Economy." Oracle’s platform approach to identity management, has been built to support exactly this model. Demand for this model is expected to grow stronger in 2013 and beyond.
Identity Management as a Service Is Emerging
Much has been written about software as a service (SaaS). However, adoption of the concept of identity management as a service has been much slower. Why? Because identity management is mission-critical. It also requires integration with other mission-critical processes inside organizations. Pushing these capabilities into the cloud means mission-critical systems would depend on a third-party provider. Yet the ability to failover to a secondary identity management provider is not quite the same as switching over to another network provider or a local electrical generator.
In response, I expect to see private clouds offering organizations identity management as a service, with full, preintegrated packages that include software, hardware, services, expertise, and vertical integration such as federation. As a result, organizations will be able to simplify their IT stack while maintaining security, control, and flexibility. Also, they could continue to externalize their IT stacks yet still integrate applications with identity management running in the private cloud.
A Trend Towards Portable Identity
As users start using more and more SaaS, they have to manage more and more identities. I expect Oracle customers using Oracle applications via SaaS will increasingly use their Oracle Cloud identity as the identity for a chunk of their user populations, rather than trying to maintain multiple identities in their on-premises system.
Since Oracle is already maintaining a cloud identity for every Oracle Cloud user, that identity is portable as far as the user is concerned. Even if users leave the organization, their Oracle identity can still belong to them as they change jobs. Just as your Google or Facebook identity can provide portability, your Oracle identity may be able to provide the equivalent in a business context.
Authentication Services Are Evolving
As mobile technologies get smaller, more ubiquitous, and more fragmented, the authentication process is becoming both harder and more expensive to manage. There is a real need for a scalable and generally available nonpassword-based, lower-cost authentication that spans a user’s complete digital experience—from enterprise systems to social, mobile, and cloud.
Since all business trust models rely on identity, the question becomes, how can you identify people inexpensively while still maintaining privacy controls when necessary? Passwords clearly have their limitations. Authentication services will become an increasingly important focus in the next two to three years.
Organizations Continue to Move from Silos to Centralized Systems
Looking back over the first four items above, a pattern becomes clear. The challenge of mobility requires authentication services. This, in turn, drives the need for portable identity, which, finally, drives the need for identity management as a service. So these four trends are driving the move from identity management silos to increasingly centralized systems.
The way I see it, identity management will look a lot like our food supply chain. Both need to be ubiquitous, which requires a massive delivery system to meet all our needs. So on one hand, identity management will still need to satisfy minor needs with individual, customized, small-footprint solutions. But at the same time it will have to meet large-scale, public needs with massive, service-based infrastructures.
Find out more about how Oracle is delivering identity management at internet scale today.
Learn more about Oracle Identity Management solutions and read the Oracle identity management blog.