Microsoft’s technical fellow for cloud identity and access plans to speak on what he sees as a coming storm of open identity protocols and the emergence of a claims-based model tied to those specifications. The plan is to gaze 10-years into the future and discuss challenges users will face with identity in the cloud.

 

“There will be challenges with multiple devices, multiple organizations and with roaming, we’ll look at where authorization is headed and go through some scenarios,” he said.

 

One of those scenarios could involve consumer issues such as determining whose music player a Bluetooth-enabled stereo picks out when a husband and wife get in a car together. “What permissions should you experience in that case?” he said.

 

Innovations happening today will determine if there will be an answer to that question in the future.

 

“If all of this is going to be successful it needs to be built on open protocols,” Shewchuk said. “As we move forward, a lot of work the industry has done with identity in the enterprise space becomes internet protocol based,” he said.

 

In the next 2-3 years convergence could begin around emerging protocols, with OpenID and OAuth 2.0 currently being the popular front runners.

 

Today, Microsoft and others are supporting those new protocols even as they build out platforms based on SAML, WS-Trust and other more familiar standards.

 

But Shewchuk says the convergence of open protocols is producing the foundation for the scenarios flickering within his crystal ball.

 

His car stereo example might include an Apple device, a Sony stereo and a Microsoft service.  A scenario in the business space might center on two companies who want to share documents in an environment that lets administrators from each organization retain access controls for their own user base, and provides IT with auditing and tracking capabilities among other tools.

 

Shewchuk will explain how the goals of those scenarios, and others in health care and government, can be met

 

“We will talk about what is common among these things and what we can conclude,” he said. “I will define the characteristics of what these protocols need to do, and look at all the options.”

 

Register for the Cloud Identity Summit, July 20-22, 2010 at Colorado's Keystone Resort.

Follow John on Twitter and check out our Identity-Conversation Tweet list