I’ve seen a pattern emerge among enterprise-sized organizations that are trying to keep up with securing an expanding array of applications. The technologies through which they’re delivering applications to users have changed over the years, and their IT folks have implemented new identity systems to secure those applications. As a result, most large enterprises now simultaneously manage separate solutions to control the user experience for each application. For example, Web Access Management products for web applications are deployed alongside provisioning and enterprise single sign-on (ESSO) products for desktop applications. Operating separate solutions like this requires a lot of integration between them in order to provide users with a consistent experience while controlling access and maintaining visibility into what users are doing while logged into those applications. This level of integration is generally unsustainable and ineffective for optimal security.
Symplified is participating in a standards effort that will work to break this pattern and extend existing identity solutions and approaches to mobile applications. We are working to prevent the formation of yet another identity silo within an enterprise.
Started under the auspices of the OpenID Foundation, the Native Apps Working Group (Napps WG) will create a specification that will enable native applications (mobile and otherwise) to leverage the OAuthV2 standard protocol to provide SSO to users on mobile devices. This creates an opportunity to do away with the separate solution operational model and leverage existing federation and web access management technology to extend identity to the mobile space. It is also interesting to note that the specification we deliver will likely be applicable to traditional desktop applications as well. The Napps group is creating a specification that extends the OAuthV2 protocol to define something currently called a “Token Agent” which will enable native mobile applications to authenticate users more easily, ultimately providing a more seamless user experience. The standards-based approach will enable enterprises to use existing technology to secure its new mobile application delivery approach.
If your enterprise is building and deploying multiple applications for your employees, partners, and/or customers, you should pay attention to these developments. I will report on the Napps group’s progress on this blog as we continue to move forward; check back for more news soon.