Identity Cloud: A New Term For An Old Concept


Posted by Neil Wilson on 11/3/11 4:52 AM

Given the increase in the cloud gobbledygook that we are faced with in the high tech world today, it’s with some apprehension that I add another cloud term to the pile – Identity Cloud. It’s not the first time that the terms identity and cloud have been married together. Most often they are seen together in the reverse order (Cloud Identity), but I’ll explain below how this is a bit different. Let me first say that what I am about to describe is nothing new. In fact, the same can arguably be said about the entire cloud phenomenon.

Heck, if you want to get all spiritual and philosophical, this sums it up pretty well:

“What has been will be again,
what has been done will be done again;
there is nothing new under the sun.”

All that said, new terms can lead to a better understanding of concepts that were either difficult to understand in their old lexicon or that were forgotten with the passing of time.

At UnboundID, we believe that properly managing, securing, and delivering customer identity (subscriber) data is critical to companies providing products and services directly to consumers on the Internet. Further, for companies that are managing millions of identities (subscribers) and multiple online services, this challenge is exacerbated by the need for scale. In fact, when you consider the types of transactions that identity data enables: authentication and authorization, verification, location-based notifications, online billing and charging, application personalization, etc., you also realize that identity data must also be delivered in real-time. We work a lot with Telcos, and it has often been said that identity data (or subscriber data in that world) is critical because it is “in the call path”. That is, it’s necessary to complete calls (i.e. make money). I wish I could say that this same realization exists for Cloud Service Providers – whether SaaS, PaaS, IaaS, or some combination thereof – who have a lot of similarities to Telcos (a.k.a. Communication Service Providers). They are both Service Providers; however, many of the Cloud types have yet to realize what the Communication types have learned – the customer and their experience should be central to everything. We believe that effectively managing and leveraging customer identity data is a key component of a positive customer experience (you can read more about that here).

In the end, whether realized or not, identity data is always in the “call path”. And if it is not handled properly, then the proverbial cash faucet will be shut off.

One way of ensuring that identity data is given proper attention is to carve it out as a reusable set of services that are managed separately and shared across the application infrastructure. This separate, reusable unified-identity architecture is what we are calling an Identity Cloud. Unfortunately, all too often the norm is to recreate identity for every new application that is offered by a provider. Just check out the archives of this blog for a lot of discussion on this topic. In the Telco world, they have a solution category, Subscriber Data Management, and a defined set of standards, User Data Convergence (UDC), that support the concept of separating identity data from the applications. An Identity Cloud is to a Cloud Service Provider what Subscriber Data Management or UDC is to a Telco. You could also think of it as a private cloud within your public or private cloud infrastructure. Yes – there’s layers in them there clouds! We love using Apple as an example of this in practice. Almost everyone has experienced the iTunes model where every purchase or customer interaction is driven through a single unified storefront. This entire model is predicated on a single unified identity: a single profile, payment method, and set of preferences or settings that Apple can use as a basis upon which to sell you the next iThingee. The devices they sell, while beautiful and elegant, are enabling a content-based business that is held together by a unified identity. Telcos are also pretty good at this model, but I believe there’s still plenty of room for improvement in that industry.

There you have it – an Identity Cloud is simply a reusable set of services for leveraging identity data. So, why do we need to use the word “cloud” to describe an existing concept? It’s simple: cloud is becoming the ubiquitous term for all things IT, and if it helps cloud heads to understand something that is critical to the success of their business, then so be it.

Topics: Cloud Computing