02.23.07

Bandit, Community, and Corporate Deployments

Posted in Identity at 11:02 am by dale

In my last post, I talk about three ways that the Bandit Project is contributing to emerging Internet identity space. In this post I want to expand on the third area of that post. This area will be an increased focus of the Bandit project this year. Since the Internet identity systems are happening, we are betting that the Bandit components will be strongly needed, and we expect them to be deployed in real world installations. And we want to accelerate that process.

So we are starting to visit deployment sites and validating these concepts, as well as our component designs and project communication. We’ve been learning a lot. What follows is an excerpt from a letter I sent to some enterprise sites to illustrate our reasoning. It was sent to some Novell customers, hence the Novell focus, but don’t take that too strongly either. Often Novell customers write custom code to integrate web applications, and we want to make the identity integration at those points as easy as possible. But we work with non-Novell customers, partners, and other vendors just as well. Bandit components do not require Novell products (though we do try to make them work well together). Here’s part of the letter:

Bandit is an open source project, sponsored by Novell, that takes an evolutionary approach to reducing the difficulties of developing, deploying and integrating identity services into enterprise environments. We currently focus on simple components that implement runtime authentication, authorization, and auditing services. Novell products, partner products, and custom applications that use these components can consume identity from any source, make flexible and powerful authorization policy decisions, and ensure that access is audited in a consistent manner.Open source projects such as Bandit give Novell a very effective way to collaborate with their customers. Developers at customer sites can have direct access to the project team and Novell engineers. They have full access to all aspects of the development process. Features and project road map are directly and transparently determined.Open source development has consistently done well in areas that require interoperability and implementation of standards. This seems like a perfect fit for identity services in most enterprise environments. Multiple identity systems and standards, mismatched products from a variety of vendors, and constantly changing company boundaries all conspire to make identity services difficult to deploy and maintain. Yet identity services are most critical to company information, processes, and compliance verification.Bandit is completely open source in code and development style. We implement standards and use existing APIs and frameworks when possible. We work with many other open source projects to integrate, reuse, and collaborate.

All this makes sense to me and the Bandit team, but we intend to validate and evolve this project vision with the community, customers and partners. Also, we intend to actively explain how and why we believe this project works. We would like enterprise developers to work with us. The project is still in early stages, but real value is there now. We want to provide open source code to access existing and future systems — yet early involvement also will give greater influence in project direction.

The Internet identity foundation is coming together quickly. Useful Bandit components are already available. Over the next year, the Bandit team will be focusing more on integrating our development with the community, customers and partners to validate and evolve the project vision.

It also sounds like great fun to me! I’m looking forward to it.