Federation enters a new phase

Two recent releases in the federated identity marketplace caught my eye -- and may speak to the development of federation deployments:1. Ping Identity announced that the U.

Two recent releases in the federated identity marketplace caught my eye -- and may speak to the development of federation deployments:

1. Ping Identity announced that the U.S. Department of Justice selected them to provide federation to over 7,300 local law enforcement agencies and 700,000 law enforcement officials. (Disclosure: I was the third guy in the door at Ping, and served as their VP of Marketing until July 2005.)

2. Sun Microsystems open sourced the code for their identity federation and web services framework (SAML and Liberty) - the core of federation in their Access Manager and Federation Manager products. The initiative is related to their recent OpenSSO effort and is dubbed Open Federation.

The federated identity marketplace has been growing nicely over the past several years, and all of the large identity management vendors have *some* level of federation functionality in their product sets. At the same time, some have questioned the adoption of federation. I take these two announcements together to signal that federation is now at the cusp of mainstream adoption in the large enterprise sector.

I think these announcements signal that for a couple of reasons. Ping's customer list is now representative of a clear, growing trend toward the adoption of federation technologies. Also, the "open sourcing" of products tends to signify a level of maturity in the market itself. Combining a major initiative at the DoJ and a major open source announcement would seem to indicate a market that is now past the stage of having to prove the worth of the initiative. Am I saying that federation is now "mainstream" in its adoption? No. But I am saying that the federation market has entered the mainstream adoption phase -- and its growth over the next 18-24 months should be roughly analogous to the growth of web access control and provisioning over the past 18-24 months.

One last note: I've just heard from Sun's PR firm that Sara Gates (who was the VP of Identity at Sun) has left the company. I take this tidbit of news to be quite important, as Sara has been a driving force for both the industry and inside of Sun. Interestingly, Mark McClain, who founded Waveset (the company that Sun bought -- and with that acquisition got Sara Gates), has started a new venture in the identity compliance space - Sailpoint. Will Sara be joining her old cohorts on a new water-related identity venture (Waveset and Sailpoint)? We'll let you know...