Will identity be open source?

Not only have project managers had to explain and defend the need for secure identities to a consumer audience which thinks it Big Brother, but they had to navigate among the interests of several big-name vendors -- Sun, Oracle and IBM among them.

OpenLiberty logo
The release of ArisIS, a Version 1.0 identity framework from Open Liberty, could be a milestone in corporate identity.

It could be Sun's second biggest contribution to open source, second only to Java in importance.

It combines two projects formerly code-named Aristotle and Wakame,  the first a governance framework, the second a client library.

Classics scholars may remember Aristotle as the first Greek to take identity seriously. Try the wakame with sake and some rice crackers before the sushi comes out -- yum-o.

The release follows six months of relative radio silence from Liberty, which last posted news in May. One of the last missives before this announcement began as follows:

I am in Mountain View, surfing on google’s ubiquitous wifi, finishing up preparations for my IIW demo. It has been a very busy (yet somewhat behind the scene) couple of months for OpenLiberty

It's fun to imagine that right after this the monolith got him.

Seriously this may have been one of the the toughest jobs open source has yet attempted. Not from a coding standpoint, but from a political standpoint.

Not only have project managers had to explain and defend the need for secure identities to a consumer audience which thinks it Big Brother, but they had to navigate among the interests of several big-name vendors -- Sun, Oracle and IBM among them.

The biggest achievement was to implement CARML (Client Attribute Requirements Markup Language), a sort of HTML for identity management, over existing protocols like LDAP, SAML, WS-Trust, ID-WSF, and others.

Client code is simplified in what are called ArisID-Beans, based on CARML declarations created at the top of an application -- so it takes the skills of a web developer, not a programmer, to make it happen and follow the work.

That's important because following the work, not just that of the people on a project but the person who set up the rules, is an essential element in achieving transparency.

Transparency, it turns out, may be the key that unlocks the use of secure identity to the world. Watching the watchers is as vital as watching what the watcher watches.