That's why Sun's announcement last week of the Sun One Platform for Network Identity seems right on target. The Liberty Alliance specification isn't baked yet--and probably won't be until the end of the year--so the hardware/software bundles released by Sun address the complex problem of single-sign-on authentication and security rights for users that are both internal and external to the enterprise right now. There's nothing new here: Basically, the Enterprise and Internet bundles wrap Sun's iPlanet Directory Server software around some Sun hardware and consulting. But it's a solid offering that builds on Sun's success in this area, where iPlanet Directory enjoys 22.8 percent of the market.
Today, internal and external users of enterprise systems may use a half-dozen apps and have a different security profile for each one. Providing a way to manage that centrally--as well as the rights of other companies' systems in B2B relationships--lowers both security risks and administrative costs. If you're an IT manager, this is the stuff that keeps you up at night.
Microsoft has its own Active Directory software for enterprises, but it's more targeted toward network access rights. And the relationship between Active Directory and Passport (the Microsoft authentication mechanism for .Net My Services) has never been clear. Sun's strategy of building from the enterprise out with iPlanet Directory Server seems exactly right, even though the Liberty Alliance spec is months behind that of .Net My Services.
I have no doubt that one day killer apps will emerge that make an identity service irresistible to consumers. Meanwhile, enterprises that implement such schemes for employees and business customers will reap immediate benefit--and by extending infrastructure already in place, be first to cash in when consumers finally join the party.
Have you implemented single sign-on for your enterprise? Are you considering it? Why or why not? E-mail Eric or Talk Back below.
