Geeks With Blogs

News Dave's Mug View David Oliver's profile on LinkedIn Add to Technorati Favorites Blog Directory for Guildford, Surrey

Dave Oliver's Blog Enterprise Technology Thought Leadership in a FTSE 100

Over the next few days I will be posting a series of my notes as I finish typing them up on some of the day’s sessions at the Microsoft Architect Forum in London, Mayfair.


I will not be covering every session in detail as there just was so much, I found it hard to take it all in, being mortal and all.

Anyway down to business ...

The first session of the Architect Forum was Connected Systems Strategy by Anthony Saxby, Practice Manager and CTO at Microsoft, a man I have had the pleasure of meeting on more than one occasion.

The talk discuss briefly the different types of modelling, Aspect, Interaction and of course capability. Head-line: Anthony Saxby discloses that Microsoft Big Bet is Services! Really?! Thats was a shock.

This moved us nicely on to discussing the protocol framework and how Microsoft is working together with other partners in the Industry. Anthony wanted to give an indication of the road map for services in the time he was allowed.

Microsoft © 2005

Anthony didn’t want to go into the Framework in any detail as this was really going to the topic of Benjamin Mitchell’s talk later on in the day.

To the main point of the talk which centred around Identity management and the evolving ideas on that. Now this was an area that I hadn’t heard than much about so my ears pricked up at this point.

Identity Management isn’t a subject that has many of us riveted in the Architecture world but I felt it’s just about to become fundament and a whole lot more interesting.

Hmmm, are we talking about Passport? No, but yes, Passport was should as very much Identity management heritage but several important lesson had been learnt from that time, the most important being that organisations do like their privacy and they weren’t about to had that over to a commercial organisation such as Microsoft.

A heckler from the crowd cried “How do you prove that someone is who they say they are?” I instantly thought to myself, what are you on about mate, since the beginning of time there has been impostors and if someone can mimic someone else then that’s life, our challenge is to keep applications accessible to the users who are valid and inaccessible to those that aren’t, it’s a balancing act between security and usability. As far as I’m concern … every little bit helps!  

We saw a slide that should the historic lineage of Identity Meta Data system, from the past, i.e. ID for each system, application focused, limited value to business. To present, i.e. Identity integration, Internal and external to applications, High cost to value. To the future and the ideals, i.e. Federated Identity, Built to Extend and Low cost to value.

So if we break down what that means,

  • Assumes people will have multiple identities

    • Assumes multiple underlying identity providers, platforms and technologies

      • Provides an industry standard framework based on 7 Laws of Identity.

        • Collaboration with Sun and others -Based on WS-* protocols

          • Learnings from previous attempts - Eg Passport

          7 laws of Identity? What are they?

          • Law of Control - Technical identity systems must only reveal information identifying a user with the user's consent.

            • Law of Minimal Disclosure - The solution that discloses the least amount of identifying information and best limits its use is the most stable long-term solution.

              • Law of Fewest Parties - Digital identity systems must be designed so the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship.

                • Law of Directed Identity - A universal identity system must support both "omni-directional" identifiers for use by public entities and "unidirectional" identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.

                  • Law of Pluralism - A universal identity system must channel and enable the inter-working of multiple identity technologies run by multiple identity providers.

                    • Law of Human Integration - The universal identity metasystem must define the human user to be a component of the distributed system integrated through unambiguous human-machine communication mechanisms offering protection against identity attacks.

                      • Law of Contexts - The unifying identity metasystem must guarantee its users a simple, consistent experience while enabling separation of contexts through multiple operators and technologies.

                      For more info the suggested link was Kim Cameron’s Identity Blog here.

                      One of the most notable places that theses laws are being applied is in the UK Government Gateway project.

                      Allowing the Identity issues to flow with ease allows us to get back to concentrating on business capability, with the Business Capability Model the next topic on Anthony’s talk.

                      Edit: I'm going to talk about this more I have decided! There was some great slides here that are worth a post on their own.

                      Now I found this topic intriguing, can you really put the Business and even Business Capability into tidy boxes?

                      Microsoft © 2005

                      Obviously this is at a very high level and the secret as with all good Architects know is how to put in context and place in the appropriate layer of abstraction to reap the full benefit as the picture of the next slide demonstrates all to well.

                      Microsoft © 2005

                      As the talk came to a close Anthony wanted to talk about how capability differs from process, the Hermeneutic in me said Thank Goodness!

                      And the difference is,

                      Process models (though an improvement) are not the optimal view or  management layer, and they expose “how” business is done

                      Capabilities manage “what service at what service level” – which is the most stable and concise level for design and management.

                      The session closed on a sneak-peek on Microsoft project called ‘Motion’ which is still very much being worked on but basically it’s bound to be an application that allows us to model business process!


                      Microsoft © 2005

                      Now I get the feeling from looking at this slide things will change. All I can say is that to any Microsoft people reading this blog, don’t do all that hard work when someone else has already cracked it. Go do what you guys do best and buy a nice company. Casewise.

                      On the whole Anthony had a tough order, fit all this in an hour. Now for my mind he only just pulled it off, I had had a good night sleep before and it was the first session of the day so my eyes where as wide as dinner plates. Saying this I didn’t take it all in, but my notes by the close consisted of 4 sides of A4 showing something must have gone in. Next time the session needed to be longer, in fact this is the criticism I’m going to level at the whole day. There really was enough content there that could have stretched over two or more days and perhaps this should be the format for future Forums.

                      Coming up in later posts, Benjamin Mitchell saves the best till last! House of Fraser really have got a really live SOA that’s even paid for itself, I hate them! The binar-twins, who had ants in their pants and couldn’t stop moving! All this to look forward to …

Posted on Friday, June 17, 2005 11:02 PM Main | Back to top

Comments on this post: Microsoft Architect Forum - June 16th - Connect Systems

Comments are closed.
Comments have been closed on this topic.
Copyright © Dave Oliver | Powered by: