I am helping a government policy body work out the potential
division of labor between agencies and systems integrators when
deploying federated identity services. A classic case is an agency
wishing to use a third party IdP (like a commercial service, or
another government agency IdP); assuming such an agency does not
have a core team of IDAM experts and engineers sitting on the bench
(!), the agency needs to access varying amounts of policy advice,
IDAM know-how, software modules, template user documents, training,
integration resources and testers.
A few years ago, as FIPS-201/PIV was taking off, there was an
emerging ecosystem of big SIs (HP, IBM, CSC etc IIRC) standing by to
help get US govt agencies on board. This experience would be
instructive. I think the SIs were getting close to a cafeteria model
where expert IDAM implementation assistance could be tailored to
each agencies' capabilities.
More recently, we obviously have a number of NSTIC pilots ramping
up. Maybe there has been some lessons already in those environments
of how to do systems integration.
My question is, does anyone know of best practices or lessons
learned for IDAM systems integration?
Lockstep
Consulting
provides independent specialist advice and analysis
on digital identity and privacy.Lockstep Technologies develops unique
new smart ID solutions that enhance privacy and prevent identity
theft.