The 2015 edition of the Cloud Identity Summit was a pretty mind-blowing week. Nowhere else is there such a critical mass of people trying to dig deep into the deep pockets and crevices of what it means to architect and implement identity systems. We recorded most of the sessions, which is great because I had so many responsibilities that I just couldn't see all the talks I wanted to. I highly recommend you browse through the sessions and look for what interests you.
Which brings me to my presentation at CIS -- entitled, "Snowflake as a Service" -- that addresses the current state of cloud provisioning, which, frankly, sucks. We are in a nasty state where automated systems are our best hope for ensuring that the right people have access to the right applications, regardless of who operates the domain. Pressure is being placed on SaaS and IaaS vendors to open up APIs so that external systems can manage accounts, user attributes, and authorization rights -- but the nightmare scenario occurs when every application out there writes their APIs as externally facing impressions of their own organization, rather than adopting a common understanding. Hopefully I make decent arguments in the video as to why it matters, why engineers at SaaS companies need to walk a mile in their customer's shoes and adopt standardized provisioning API interfaces, rather than take the easy way out and punt on the complexity.
Even if you don't have time to watch the video, I would ask you to consider this -- if our goal as an industry is seamless secure sharing of identity data between domains in an accountable and time-appropriate fashion, then how many steps back must each separate snowflake of a provisioning API take us? We have to nail down the plumbing - so that we can proceed on to the *really* cool task of not just sending mapped attributes back and forth, but forming a common understanding of the meaning of each of those attributes, in such a way that the understanding can one day precede the plumbing connections, rather than the other way around.
Ok, now I'm out way over my ski tips. But you get the idea. We have the technology, just barely. Let's embrace it, get some work done, and see if we can't push for a little progress. If you want to see me attempt to make that point rather than just read about it, the CIS 2015 video is here.