Identity-driven computing took centrestage at Novell Inc.’s annual Brainshare user conference this week.
The Provo, Utah-based vendor introduced platforms it hopes will help enterprises secure and manage various aspects of their businesses — with a boost from open source technology.
Novell said the architectures, dubbed Identity Services Foundation (ISF) and Application Services Foundation (ASF), will be available as a set of modular software development kits (SDKs) for Novell’s hardware and software partners.
The kits will include an integrated security and application services stack combining open source technology and commercially supported software. Developers will be able to build and deploy open source-based solutions that provide a customized, aggregated view of identity information from different sources, according to Novell. Technology and common services from ISF and ASF will be included in Novell products, as well as partner products.
In his opening keynote on Monday, Novell’s CEO Jack Messman said the identity initiative ties in with the vendor’s expanded partnership with JBoss, also announced Monday. As part of this alliance, Novell will support and contribute code and engineering resources to the open source JBoss Enterprise Middleware System (JEMS) and participate in the architectural design and direction of JBoss projects.
Novell plans to incorporate more open source technologies, including JEMS components, in exteNd, its suite meant for rapid development and deployment of service-oriented Web applications.
The introduction of the ISF and ASF SDKs is part of the overall identity management strategy Novell has been refining over the last year, Messman said. “Security challenges are becoming more complex, which has [led] us to look beyond what security is,” particularly in the identity realm, he said. “Currently managing the what, who and how [of company resource and information access and use] is a messy situation,” Messman said.
Every business has different policies about who has access to what. IT [works] very hard just to deliver basic access to users.”
Despite the effort, he said, the system often collapses when confronted with major changes – such as when an employee leaves and IT cancels his or her access to company e-mail and other information; or when an enterprise introduces a new application that only certain employees are supposed to access.
The goal of Novell’s identity strategy is to “enable organizations to design systems that flexibly adapt to the needs of the business,” Messman said. He said Novell envisions identity as managed through a set of roles and policies that enable process and context automation and “adds intelligence to every part of the IT infrastructure,” by measuring who has access to what, and how, he said.
This is a good time for Novell to concentrate on identity-driven computing, given the “perfect storm” IT departments face when it comes to managing people, applications and resources, added David Litwack, senior vice-president and general manager for Novell’s identity-driven products group.
He said a combination of factors is creating a “volatile time” in the identity management space: enterprises are adding new devices for employees to use and fragmented systems often don’t play well together. This makes it tougher to get a single view of an employee’s identity and role.
On top of that, he said, IT managers are “being asked by business managers to offer audiences for which they were never intended.” Today’s regulatory environment is the toughest it’s ever been with privacy and other legislation putting the onus on enterprises to keep track of what employees can and can’t access — and to do all of this on low budgets.
To encourage the growth of identity-driven systems, Novell is focusing on three target areas: identity access management, where access to company resources is automated, based on policies and people’s roles; the delivery of applications in personalized ways to individuals based on their role within the company; and resource management, which would allow appropriate company resources, whether software or devices, to be delivered to the right people and track which employee is using which resources, Litwack said.
Brad Holub, CIO of Toronto-based Sherritt International Corp., a diversified resource company that produces thermal coal, nickel, cobalt, oil and electricity, said identity issues are traditionally the source of “massive pain points” for enterprises.
Holub is based in Sherritt’s Calgary location, and the company has a metal business unit in Fort Saskatchewan, Alta. Each business unit has traditionally operated as an individual entity, he said, and without an identity management solution, “having the handle on who has the rights to what, and who has the right access to the right information” would be difficult. Sherritt is in the process of rolling out Novell’s NSure identity management product as part of an IBM Websphere portal project — the biggest driver for the firm to embrace identity management, according to Holub.
The project is in the planning and deployment stage right now and will take up the rest of the year, he said.
Regulatory compliance has also pushed Sherritt in the direction of identity, he added. The corporation has 50-per-cent ownership of Luscar Ltd., the largest producer of low-sulphur thermal coal in Canada. Since Luscar is traded on the New York Stock Exchange, it must be Sarbanes-Oxley compliant, which impacts the way Sherritt must keep track of employee identities, roles and access to company resources and information.
For now, Holub said, Sherritt is concentrating on three aspects of identity management: single sign-on, security for the portal and security across the organization.
He said he agrees with Novell’s overall vision of identity-driven computing, though “the work is substantial” and probably not as easy as it appeared during executives’ demos at the conference.
However, the benefits are obvious for both the end user and the IT department, he said.
“Being able to provision (a new employee) into the organization and define their role – that’s a definite value to be had,” he said.
Today, he said, in most organizations there is a disconnect between HR and IT and the latter often find out someone’s hired the day it happens or the day before.
“Getting their computer set up and their e-mail account working becomes a [logistical] nightmare.” With Nsure, he said, an IT manager simply follows a template that automates the process and “eliminates all the issues along the way.”
Being able to manage access to company assets would also make IT more accountable, he said. “Traditionally IT has been viewed as a black hole of spending. If we can start to show where the value is and where it is not (in terms of resource use), identity management can be the toolset used to measure that and make changes if necessary.”