Extrapolating from my thoughts in Elegance, Symmetry and Cost
, I'm converging on the power of symmetry
as an architectural design principle.
The purpose of most software products is to make the asymmetric symmetric.
For example, we saw how, in the early 90's, 4GL tools provided an insulation to all the different dataservers (Oracle, Ingres, Informix, Sybase, Gupta, etc.). 4GL tools provided a symmetric way of designing applications for all the different types of dataservers with different interfaces (asymmetry).
More recently, without the browser/HTTP/HTML technology, access to information on the internet will be on a one-by-one basis, asymmetrically. Each access would be trough a different client, via a different protocol. The browsers with HTTP/HTML provided a standard way (symmetric) to access all that information.
Google is about giving consumers one interface (symmetric) to all the millions of different interfaces provided by the websites on the net... actually the data in those websites.
Three ways of making something symmetric:
(1) define standards that everyone conforms to (e.g. HTTP, HTML, SSL, etc.),
(2) manually integrate through some gateway/agent layer, and,
(3) automate integration (i.e. build software that adapts itself to different interfaces).
If you are very lucky, you'll be in a time and place in history where you can define standards. Most of the time, however, even if you're a government, you'll have a hard time defining standards. Which means software vendors have to do either (2) or (3). In any case, following standards (if they exist) is an entry fee to play, and is insufficient to differentiate or win.
So what's this got to do with digital identities?Justin J. Taylor
(of Novell) in The Business Case for Identity Driven Computing
[pdf] talked about how "all of these architectures and concepts are being designed, built and deployed for one reason: to bring order to the chaos of business." ... i.e. to bring symmetry to a world of digital identities. And you will notice that identity management vendors are pursuing (1), (2), or (3).
Is this observation so basic to the point of being unhelpful? I believe that the relevance of this perspective is that it helps vendors and IT department understand their strategy in addressing the identity management challenge: are they trying to set standards (e.g. using SAML), manually integrate (e.g. Web SSO), or automating integration (e.g. ESSO), or a combination thereof?Resources
:Elegance, Symmetry and Cost