Monday, December 10, 2007

SSO Market History and My thoughts

It wasn't that long ago that if you were considering an access control project that reached into the millions of authentications you had two choices, IBM Tivoli, or Netegrity's Siteminder.

As of the end of 2007 all of the niche players have all been gobbled up by the large vendors. Oracle bought Oblix, and CA bought Netegrity. Oracle has been buying its way with many purchases like OctetString and Thor Accelerate.

Sun has gladly given its code base to the OpenSSO group. Ultimately if you were a company that had a decent customer base and related in any way to the umbrella of Identity Management products you were probably bought.

As Oracle and Sun have made their products more available for more projects I see an increase in the overall use of more products. However, I still don't see these newly acquired products performing any better than the technology that was built into the Netegrity Siteminder many years prior.

Its odd to think that when Oblix existed it had very poor relational database support. During a trial in 2004 the product had no built in connectors to any relational database and the use of the api was required if you wanted to authenticate to a relational database. Now they have been purchased by the largest relational database vendor on the planet. It seems like an odd fit to me, but it may have been more of a defensive move because of the surprise purchase by CA of Netegrity.

Overall, I think the major software vendors will eventually help equalize all the SSO, IDM products. The availability of all the products and new marketing has created new opportunities for these projects. All the products are still not created equal. Old product line core competencies still exist and thus not all products are a perfect fit for all projects.

No comments: