Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole
description
Transcript of Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole
![Page 1: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/1.jpg)
Craig BurtonDistinguished Analyst, [email protected]
Date: Sept. 14, 2012| Time: 10:00 am MDT
Identity in an API Economy
![Page 2: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/2.jpg)
2
Identity in an API Economy
The API Economy and SAML
• Introduction to the The API Economy Ecosystem• The Cambrian Explosion of Everything• An API for Everyone and Everything• Admin-based mapping is broken• E2S (Entity to Service) automation—beyond SAML• Summary
![Page 3: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/3.jpg)
3
Identity in an API Economy
The API Economy
• The Five KuppingerCole API tenets1. Everything and everyone will be API-enabled2. The API Ecosystem is core to any cloud strategy3. Baking core competency in and API-set is an economic
imperative4. Enterprise inside-out 5. Enterprise outside-in
![Page 4: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/4.jpg)
4
The API Ecosystem
Understanding the API Ecosystem
• The API Ecosystem is divided into to type of API designs– The API Provider—the enterprise inside-out– The API Consumer—the enterprise outside-in
![Page 5: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/5.jpg)
5
The API Ecosystem
Understanding the API Ecosystem
• The API Provider—the enterprise inside-out– API types
• Open APIs—published APIs for public consumption• Dark APIs—unpublished APIs for closed consumption
• The API Consumer—the enterprise outside-in– API types
• Open APIs—published APIs for public consumption• Dark APIs—unpublished APIs for closed consumption• Internal APIs—legacy applications with traditional information
and resources
![Page 6: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/6.jpg)
6
The API Ecosystem
Understanding the API Economy—the billionaire club
![Page 7: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/7.jpg)
7
The API Ecosystem
Understanding the API Economy—Twitter unpacked
• 13 billion API calls a day• 54 million+ calls an hour• 900,000+ calls per minute• 15,000+ calls per second
Twitter traffic drove 2012 Olympic Coverage—All API-driven
![Page 8: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/8.jpg)
8
The API Ecosystem
Understanding the API Ecosystem
![Page 9: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/9.jpg)
9
The API Ecosystem
Open API Growth Rate
![Page 10: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/10.jpg)
10
The API Ecosystem
API Growth Rate
• Open APIs– We just hit the 7,000 API mark– 8,000 by year end– 16,000 by 2015
• Dark APIs– Dark APIs are 5x+/- Open API growth rate– 80,000 by 2015
![Page 11: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/11.jpg)
11
The Cambrian Explosion of Everything
Growth In the Cambrian Era—unprecedented growth of life
Source: Adapted from Wikipedia
![Page 12: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/12.jpg)
12
The Cambrian Explosion of Everything
Apple’s numbers
• 400 million iOS devices• 700,000 apps• Average person uses 100+ apps per device• 84 million iPads• 68% market share in 2012• 17 million iPads sold in April-June 2012• More iPads than any PC vendor’s entire product line• 94% of Fortune 500 are investing in or deploying iPads at work
Source: Apple iPhone5 rollout
![Page 13: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/13.jpg)
13
The Cambrian Explosion of Everything
Cisco’s predictions and KC API tenet #1
• 2.8x devices per person on the planet by 2015• 19.6b devices• 7 billion people
• Tenet #1: Everyone and Everything is API-enabled– 26.6 billion APIs
![Page 14: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/14.jpg)
14
Broken Model
The Admin-based mapping model Is broken
• Identity model for ALL current SAML-based systems do not scale• Identity model is Admin-based• All entities are mapped to services by people (Admins)
• The Math– Mapping 26.6 billion entities to just one service– 640,000 admins 24 hours a day for 5 years– Apple numbers 100+/10 apps per device
• Broken
![Page 15: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/15.jpg)
Federation is evolving
Approach IdPs SPs Type of IdP
1:1 – e.g. with a specific supplier
1 1 Owned by federation partner
1:n – e.g. authN to many cloud services
1 n Owned by company
n:1 – e.g. a service for many suppliers or cloud service customers
n 1 Owned by many federation partners
n:1 – e.g. supporting different logins
n 1 Owned by whomever – Facebook, enterprise, government (eID),…
n:n – reality, if you look at the big picture
n n Look at all the federations of your company and you have a mix
15
![Page 16: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/16.jpg)
The traditional federation approach: Direct connections
16
Users Apps
![Page 17: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/17.jpg)
The future federation approach: Meshed/service-focused
17
Users Apps
![Page 18: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/18.jpg)
18
E2S Automation
e2s (Entity to Service) Automation—Beyond Admin-based SAML
• Scalable SAML will require automation• Automation is enabled via APIs• The future of e2s identity mapping must be API-based to meet
today’s demand– 400 million+ iOS devices– 26.6 billion APIs– These numbers are conservative
![Page 19: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/19.jpg)
19
E2S Automation
e2s (Entity to Service) Automation—Beyond Admin-based SAML
• OpenID Connect is SAML’s API future– Tractability unknown– No vendor is using it for automation yet– No vendor is doing e2s automation yet
• SCIM (System for Cross-domain Identity Management) is potential e2s automation protocol
• Note: Salesforce Identity gives both of these standards a boost of reality.
![Page 20: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/20.jpg)
20
Identity in the API Economy
Summary
• SAML will not support all use cases (but some)• Other standards are not as mature
• That means:– Don’t rely on an approach that is focused on traditional
approaches– Understand these approaches as a subset of the big picture– Design your architecture for hat big picture– Start with the subset you need– Look for technology which is built for (or who’s suppliers are
devoted to) the big picture
![Page 21: Craig Burton Distinguished Analyst , KuppingerCole cb@kuppingercole](https://reader035.fdocuments.us/reader035/viewer/2022062410/56815cab550346895dcaaca7/html5/thumbnails/21.jpg)
21