True IDaaS . . . .

Pondering over the current state of IDaaS……

So what’s IDaaS to begin with ??

This post is not dedicated to defining IDaaS in depth. There are loads of other material you can read up if you are just interested in general theoretical stuff. But I’ll cover this briefly, just to set the tone…. I am not a sales rep, so let me keep this short and simple (just like an ideal program !) – IDaaS (Identity As A Service) is just a way to provide Identity Management solutions via a SaaS (Software As A Service) model. All your on-premise IDAM setup will be hosted in the cloud – that’s basically it. Of course its not black and white – there are pros and cons etc – but hey I am not Gartner or Forrester, so I am not going to deep dive into that stuff

What’s the perception of IDaaS today ?

For e.g. if I take a IDAM product from vendor X, deploy it in an IaaS (Infrastructure As A Service) provider Y (or even my own private cloud! doesn’t matter), does that make it an IDaaS solution ?

NO. I don’t think so. But this what I have been hearing… This is how people imagine IDaaS – IDAM product hosted in the cloud. From a customer perspective, it might be a big relief. Agreed ! No more infrastructure management cost and overhead and other good stuff like better pricing models etc….

But how does all this solve the problem from a technical standpoint??

Behind the scenes (from a technical implementation perspective) one still needs to go through the same set of processes – install, configure, deploy, provide HA, upgrade, migrate …. and the list just goes on …..
So, from what I see, everything is still the same, it’s just executed on some remote machine on the internet rather that the customer’s premise. In fact there are other things like exposing the customer’s internal systems to the cloud – of course they are going to be skeptical about this! One would need to resort to alternate solutions (none of which really makes sense to me.. I am not a networking wizard). We are introducing another variable. I was better off on-premise !

SO, is that really what we are looking for? Is that how we leverage the Cloud as we know it today in 2015 ?

Here is what I think…. [ and of course I am not perfect 😉 ]

True IDaaS cannot be realized without PaaS. This also implies that the IDAM product should be cloud and PaaS compatible (to an extent at least)

An IDAM SaaS product on top of PaaS = IDaaS. Yes. Think about things from a hardcore technical point of view – ease of deployment and installation, flexible configuration options, automatic scaling based on load (elastic), monitoring, developer friendly cloud tools, integration of continuous deployment and build tools and much more….

Let me explain it with an example. Think of Oracle Identity Manager implementation in a true IDaaS format.

  • Automated install: Ideally, I should be able to provision a cloud ready instance of Oracle IDM by using a simple GUI or a remote CLI rather than downloading 10 installer packages and hopping from machine to machine (on the cloud !!!)
  • Highly Available.. out of the box: I should be able to choose how many instances need to provisioned based on HA requirements, rather than going through a 2 month process for scaling out an instance.
  • On-demand scalability: I should be able to define policies based on which there should be automatic provisioning of additional instances based on load (think about OAM in cloud catering to millions of authentication requests in a day). I should be able to scale down on demand as well based on usage spikes (cost savings for the customer)
  • Simpler upgrades: Upgrading to the latest version should be simpler than what it is now. IMO upgrades are generally quite tricky but there should be some components which offer one click (ok maybe 3-5 clicks) upgrade
  • Monitoring: I should be able to monitor my IDAM components like Application Server, Database, LDAP directories etc
  • Developer friendly: MY development team should be able to leverage cloud ready dev tools (like IDEs etc) as well as automatic build tools (avoid manual intervention in deployment)

I am sure there are things I am missing.. but I hope you get the point.

PaaS is not a magic pill

Let’s not fool ourselves into thinking that way. Deep down, a lot depends on the core technology stack on top of which the IDAM product is implemented, since that what the PaaS product be closely tied to! e.g. For Oracle IDM, its Weblogic (As well as Webshpere). A lot depends on this container (or application server as we commonly call it). Hardcore SaaS products need to multi-tenant – without a doubt. The same applies for IDaaS products…. Dwelling into how Weblogic or Java EE supports cloud is another book in itself. So I’ll stop here.

End of rant, and I live happily ever after 🙂

Until next time….
Stay curious !


About Abhishek

Java EE & distributed systems junkie who frequently blogs at as well as Oh, I have also authored a few (mini) books, articles, Refcards etc. :-)
This entry was posted in Cloud, Oracle Identity Governance, Oracle Identity Manager and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s