Thursday, March 14, 2013

The Three A’s of Identity Management

The first three A’s of identity management I learned were something like:

  • Authentication
  • Authorization
  • Auditing

These A’s helped me explain identity management to customers at a conceptual level, but rarely helped me deliver the solutions to the problems I was tasked with (I’m not a strategy consultant – I design and deliver working stuff). 

Recently I realized that I spend a LOT of time on a different three A’s:

  • Arrange
  • Act
  • Assert

If you follow my blog you know the first A’s but get bonus points for knowing the second set. 

Identity management tends to be solutions to automate the integration disparate systems and their identities.  Any crafted solution must have a measure of quality.  Small systems deployed by one person may get by without it, but measuring quality is critical to systems especially when team development is involved.  This is obvious to development teams, but onerous for deployment teams.  Over the years I’ve grown from onerous to frustratingly obvious.  Frustrating because testing has such a negative connotation, and is perceived as a tax nobody wants to pay.

So if you find yourself in the business of deploying identity solutions such as FIM, I suggest adding time to your projects for test automation.  No, it won’t be easy.  You will deliver slower at first, but your test automation turtle will win the race.

BTW – some of the test helpers I use are already available on CodePlex, my favourites are:

No comments: