Craig Burton

Logs, Links, Life and Lexicon: and Code

Craig Burton header image 2

Identity in a Post-PC Era

September 18th, 2012 · No Comments · Daily Thesis, Identity, The API Economy

go ahead and share


How 400M iOS devices changes everything

Most of the planet at least paid a little bit of attention to the announcement of the iPhone 5 on Sept. 12th. The anticipation for the announcement was so high, that sales of the iPhone 4 and iPhone 4s actually dipped some in the last quarter.

While I like all of the things Apple has done with the new iPhone — and I have already ordered mine — I found the other information given at the announcement to be astounding.

The numbers — presented in the keynote by CEO Tim Cook — were more than just significant. Especially when viewed from the perspective of the KuppingerCole API Economy Axioms.

These axioms are based on The API Economy phenomena that is occurring at the same time and the computing troika trends—cloud, social and mobile computing.

The API Economy Axioms

  1. Everyone and everything will be API-enabled
  2. The API Ecosystem is core to any cloud strategy
  3. Baking core competency in an API-set is an economic imperative
  4. Enterprise inside-out
  5. Enterprise outside-in

Axiom #1: Everything and Everyone will be API-enabled

Understanding the first axiom is straight forward. KuppingerCole envisions that everyone — meaning all entities not just people — and everything — even non-smart objects — will be API-enabled. It is also understood that being API-enabled necessarily requires at least one identity for everyone and everything. And in reality, almost everyone will have multiple personas and relevant identifiers and therefore multiple identities.

Now that I have set the context with Axiom #1, let’s look at what Mr. Cook talked about.

He first gave us the total number of iOS devices to date. I knew the total was large but I had no idea just how large. As of the end of June 2012, there are a whopping 400M iOS devices. The rest of the numbers are just as mind boggling.

  • 400 million iOS devices
  • 700,000 apps in the app store
  • Average person uses 100+ apps
  • 84 million iPads
  • 68% market share of the tablet market
  • 17 million iPads sold during April-June 2012
  • 94% of Fortune 500 investing in or deploying iPads at work

Now let’s add Cisco’s recent predictions to the mix.

  • 2.5 connections for every person on earth (19 billion) by 2016
  • 3.4 billion Internet users (45% of the planet’s population) by 2016
  • 1.3 zettabytes of annual IP traffic (Zettabyte = one sextillion or 1E+21) by 2016. This is four times as much traffic as in 2011.

If you follow the logic of my argument, there will be 20+ billion APIs all needing distinct identities by the year 2016.

Apple’s revelation of the actual numbers of iOS devices not only shows us that we are well on our way to that number, but in all likelihood we will surpass all predictions my some margin.

What does all this Mean?

The way we have been federating identities across domains using federated naming systems will simply not scale to address the needs we already have.

The wave of device proliferation isn’t coming in the future, it has already washed over us and is causing big identity related issues.

We all need to understand this phenomena and begin to engage in addressing the matter in an intentional way.

Let me explain a little more.

Today, all federated naming systems designed to map IDs to services are Admin-intensive. They all require and admin to make and verify the mappings by hand. One by one.

If you do the math, it would take more than a 640,000 admins working round the clock 5 years to get all of the mappings completed. And that is if it only takes 10 min or so per mapping and there are no mistakes.

In other words, today’s approach isn’t going to cut it.

We are in much need of an automated method to provision federated naming systems.

The good news is that there are initiatives a foot that could help us in these matters.

  • OpenID Connect — API specification for SAML and other protocols using OAuth 2.0
  • OAuth 2.0 — Standardized authorization delegation protocol
  • SCIM — System for Cross-domain Identity Management — standardized provisioning protocol
  • UMA — User-Managed Access — standardized user-managed Identity management protocol

Summary

The need to understand the identity explosion is not something that is in the future.

It already upon us.

We need to begin understanding the new wave of standards that will allow organizations to automate identity management in the enterprise post-haste.

There are dangers that need to be considered along this post-haste path.

None of the protocols — despite their rapid standardization tracking — have been proven to be tractable or robust enough to handle the extreme situation they are being thrust into.

We are in new — very exciting and rewarding — territory.

It is critical that we educate ourselves about the issues and keep abreast of what is happening.

Stay tuned.

Comments are welcome.

Tags: ·