Keynote at the European Identity & Cloud Conference 2013
May 14-17, 2013 at Munich, Germany
KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Keynote at the European Identity & Cloud Conference 2013
May 14-17, 2013 at Munich, Germany
Keynote at the European Identity & Cloud Conference 2013
May 14-17, 2013 at Munich, Germany
I give you Craig Barton. Alright, This is my quick agenda. So I'm gonna 10 to provide some definition. And it's hard. I spent a lot of time thinking about this, but so let me, let me start. Like management platforms allow individuals to consolidate all relevant data from daily life in particular data, which is sensitive and typically paper bound today. That's one aspect and asked to do it in a, in a secure and private way, but I'm gonna add some more dimension to this. I believe that your life management platform, isn't a product.
Now, Marcel showed you a product, but he's only shown you that because you know, people have a hard time thinking about a framework just by itself. So they have a product that's an instantiation of what a life management platform might be using. The framework that they're defining.
Now, I like that a lot, but I'm also concerned about a single vendor or government or foundation being the single provider of a definition of what that platform will be. So it's a little more complicated than that. It needs to be extensible so that I can, you know, I don't think we really know what it's gonna end up being yet. We're in the process of figuring that out. And so it needs to be an architecture that can evolve. So at the foundation of that, there are these five components.
And I, I, I won't go over those right now cuz I do it again at the end. So I'll get to that a little bit. That might help is to say what a life management platform isn't, it's not a personal data store. That's an element of the matter. It's not a social network. It's not to say that it doesn't use social network information that you can't choose to be a customer of that network that like Marcella is showing you once you approve it and say, it's okay that they're gonna try and sell you stuff that you like. Maybe I don't want you to be selling me anything ever.
That's not what I want to use this for. It's I, it's not a place for me to go to look and see what you have on sale. It's I'm using it for something else. This particular list of features helps. I think we're not done with it. It's a good place to start. Make sure you look at these. We're gonna have some more. There is a, the key document does have this kind of stuff in it. We'll have some more talking about life management platforms, as we define it a little better.
The, the, the key, one of the key elements that I want you to get from this is what's called controlled push and informed pull with privacy enabled. So you are in control of who gets stuff outta your out of your platform and who puts things in. And that's this informed pull and controlled push a permissioned data flow environment.
Now, The Question that has to arrive here is why do companies want to do this? Why does the company want to help you? Why do organ, why should organizations be thinking about enabling their employees or other constituents to be able to do a life management platform? And I think doc Earl's addressed it in a great way in saying, well, it's about the data and who's in control of it, which how does it flow which way, and how does it protect my privacy while doing that?
So some of the core principles, our control and privacy for that personal data by design a personal domain, which I liked a lot from, from what MARCE was saying, informed pull controlled push. And I, what I'm adding is the API economy to the equation. One of the tenants of the API economy from cup Cola is that everything and every, I think I have that in the next slide, right? Nope. Is that everything and everyone will be API enabled, including all the aspects of your life management platform, very critical for you as an individual to get access to your platform through APIs.
So let me give you a little status update from my perspective, the principles or understood in general, you know, this informed push control pull like doc pointed out. A lot of there's a lot of talk about personal data stores emerging to be what the life management platform is.
Well, it's not quite that is that personal cloud. My personal opinion is that they're pretty close to the same thing. It's a semantic question. There's no question that the API economy and access to the elements, the components of your platform via APIs is on fire. And that the approach that needs to be used to make that work is restful calls with oof doing authentication. But in general, we're actually seeing that life management platforms are moving a little bit slowly because these other things are start, are still in, in maturity stages.
So again, go over some of the business requirements. I, I call it LPM here. Life management platforms must be extensible for both services and apps. They've gotta be open and completely vendor independent. I can't be put in a silo like a Facebook or a Google silo for my platform. I need to really be able to choose which vendor is gonna provide me what service.
So I've added some of the tech requirements, just for those who are thinking about this from that perspective, restful API architecture with O based authorization and actions control web hooks, loosely coupled I left out event driven and this new thing called a facade proxy. And on my blog post, if you go read that, you'll see what it does is let you use trust frameworks that I can get to through like keys framework, to assure who I am and still maintain my privacy. So it's just a mechanism to be able to do that from So futures for customers.
It's important to understand that life management platform is a, is a concept. It's not a product insists that the services and apps meet business and technology baseline requirements. As I define there for the vendors who wanna play in this space, don't lock me in.
If I do, I'm probably not gonna buy your stuff or, or at least reject it later, use best practices for restful. Those are emerging well enough to be able to use 'em and use identity management as a service, which were possible inappropriate. There's been a whole slew of, of discuss about what that is today. So the one thing that's sticky for me is schema what's schema.
Well, schema is, you know, category definitions for a database architecture. So you know what to put in the, in the slots there, my rule of thumb for schema is that it takes approx approximately one year at time per schema element. So if you had 10 elements in schema, it'd take 10 years before we'd get a standard. It moves really slow. The one thing I like about where M Microsoft's going with Azure active directory is that I can use a grass store, which is scheme independent. But then again, I don't want to get it locked into a vendor.
So I, I want have a choice of how I do that. So I, my conclusion, the definitions are becoming more concrete. I want controlled push and informed pull. It's not a data store. It's not a social network. The framework's gotta really be render independent and scheme is an issue we'll need to resolve that. And that's all I'm gonna say about it.