Bringing SOA to Identity Management
This blog is to help you with the first steps toward understanding Identity Management and SOA.
Very few people have heard or a familiar with applying Identity Management services with SOA , However, once you get past the business and marketing hype of Identity Management and SOA, what does it really mean to introduce these services into your organization?
Typically in an environment you have a CRM (Customer Relationship management) System, a Billing System, HR System and an Email system.
The complexity here is you have different applications running on different platforms, some are within your organization and some are cloud based. You also have different platforms; different protocols and you have different API's.
So the CRM is on Linux and the HR system may be cloud based and only accessible through web services. Your billing system, might be on Linux, but supports JMS. And finally your email system may be on Windows but integration is done through .NET services.
So those are some of the challenges that SOA and Identity Management have in common, you have different operating systems, platforms, protocols and you have different API's.
Complexities SOA Addresses
Where this gets complicated is that your CRM system needs to talk HR system and your billing system needs to talk Windows based email service. Your email also wants to speak to the CRM system and it wants to speak to the HR System. And the billing needs to talk to the CRM.
Each of these connections represents an integration challenge, and each one of these integration challenges represents code that you have to write inside your organization and maintain over time. Furthermore, if you need to add functionality to these integration points, such as security, error management, and transactions, you have to build that yourself as well. This adds even more complexity.
Most organization will look like this as they integrate applications over time in this typical point to point manner. The problem is that this approach doesn't scale very well, so the relevant question is what are the alternatives to this flawed point to point integration methodology? An answer to this interesting question is provided further along in this blog
Complexities Identity Management Addresses
Where this gets even more complicated is your identity system must connect and integration efficiently all these system. The identity system or (Vault) must be able to manage user accounts and to timely and efficiently provision, de-provision and provide password synchronization services.
Each of these connections represents an unique integration challenge, and represents propriety and expensive “connectors”, these connector also require a specialized skill sets to manage and maintain inside your organization. f you change A connectors functionality you will need access to specialized skill sets.
Most organization today have this point to point solution sets at the core of their identity management implementations. So the question comes up again as what is the alternative to this non scalable and flawed point to point integration methodology?
The ideal way of doing this is though the implementation of an enterprise service bus. The enterprise service bus gives you a common communication backbone between different applications.
The applications can share information between other applications just by producing and consuming information on that bus. So now if my CRM wants to talk to my reporting, or vice versa, that information will be made available on the bus as a common medium.
The identity Vault can communicate with the applications just by producing and consuming information on that bus. So now if I need to provision or de-provision account or synchronize on my CRM I can do that using the bus as a common medium
The enterprise service bus gives you a communication platform and a common set of services that allow you to easily integrate other applications inside and outside your organization.
This is done simply by identifying the application and then providing the integration service.
So if you're a CIO or an enterprise architect and this situation is familiar to you, or you want an alternative to an expensive point to point integration, the ESB really is your best answer.
Keep update on future blogs by subscribing here.
Want to see more technical stuff? Subscribe to our technical blog here.
