Mark Diodati looks more silent assassin than revolutionary, but either way one of his key messages at July's Cloud Identity Summit surrounds the fact change is required before cloud identity sees broad adoption.
"The distributed nature of the --and the explosion of user constituencies with meaningful access--have pushed our identity systems to the breaking point," says Diodati, the conference chair for CIS who created the agenda and is one of the featured keynote speakers. At the conference, Diodati plans to outline the future of modern identity, a sort of CIS table of contents, and then transition the conference over to the 100 identity expert speakers.
He will touch upon four pressing issues in his keynote that he colorfully describes as Enterprise-Grade IDaaS, Adapt or Die, Governance Matters and Protocol Pimping.
In terms of IDaaS, Diodati says, "identity management as a service (IDaaS) must evolve to be more 'enterprise grade.' IDaaS products must provide robust services for both cloud and on-premises applications--before large enterprises will fully embrace it."
His "Adapt or Die" theme, will point out frailties in the infrastructure and the need for adaptive and contextual methods. "The distributed cloud architecture--and the explosion of user constituencies with meaningful access--have pushed our authentication and authorization systems to the breaking point. The only way forward is the broad application of adaptive and contextual methods to identity management," says Diodati.
In the area of governance, he says, compliance mandates, separation of duties, and privileged identity management are a few of the forcing functions. "They all depend on the ability to answer identity's Cartesian question: 'Who has access to what?' " says Diodati. "That question is now much more difficult to answer because applications, identity stores, and authentication systems are distributed across the cloud. But the answer is more important than ever as organizations shift mission-critical applications to an externalized service model."
Finally, his "Protocol Pimping" viewpoint stresses identity as a whole with less emphasis on it parts. "New school identity protocols are essential for the modern identity revolution," he says. "Frequently, protocols get the 'kitchen sink' treatment: too many features are added, which delays their ratification and makes it too complicated to use. Sometimes the protocol alone is mistaken as a complete solution; protocols are just a part of a solution that solves a real problem."
Diodati is drawing on a 24-year notable career in identity, including as a Gartner research vice president, to create this frame around a picture of modern identity. And he is excited about the expertise of the CIS speakers and the issues and energy attendees will bring.
"For four days in July, CIS is the epicenter of identity. We have over 100 speakers at the vanguard of API security, Internet of Things, identity at scale, next-gen authorization, mobile authentication, enterprise cloud identity ... the list goes on. They will help our attendees create the blueprints they need to be successful now and in the long-term," he says.
Registration is now open for the Cloud Identity Summit 2014, July 19-22, in Monterey, Calif.