Whilst catching up with everyones feeds after my recent holiday, I came across this post by Nishant Kaushik of Oracle about Application-Centric IdM and its definition.
During his post he states:
“The idea is that instead of each application having to build these
infrastructures as part of their functionality, they can just avail of
them as ready made, standards-based services. Application-centric IdM
moves away from the traditional system management style of IdM,
focusing instead on the creation of an IdM infrastructure that
customers deploy to expose these services for their applications to
plug into their own business processes. It makes identity (and
security) an integral, yet abstracted part of the development process.”
I’m not sure I fully understand the difference between what he is describing as Application-Centric IdM and Enterprise IdM as we have known it for some time.
He seems to be saying that you abstract the IdM and security requirements of the application out into a separate, open standards based layer and then use this from within your application. To me, this is what your access management application (a la SiteMinder, CoreID, Tivoli Access Manager etc) have been doing for years and what each of these vendors have further developed (mainly through acquisition) to encompass IdM as well (a la Identity Manager (CA), Identity Manager (Sun), Tivoli Identity Manager etc). Do these vendors not already provide the functionality that Nishant is referring to in this new term of Application-Centric IdM. Through the use of provisioning, it is already possible to manage application permissions from an abstracted and centralized platform.
I may have missed the point of Nishant’s post. If so, please feel free to correct me but at the moment I aren’t sure why there seems to be this new term for something that has been around for some time.