Gluu CEO Mike Schwartz delivers keynote at ID Next 2013
Mike Schwartz, Gluu’s CEO and Head of Sales delivered the ID Next 2013 keynote address to digital identity and privacy experts.
November 21, 2013 – The Hague, Netherlands — On Tuesday, November 19th, Gluu CEO Mike Schwartz delivered the opening IDentityNext 2013 keynote address to industry peers about the importance of the emerging OAuth2 profiles OpenID Connect and UMA for digital authentication and authorization. Specifically he outlined a use case for ecosystems of organizations to form multi-lateral OAuth2 federations to drive down the cost of inter-domain single sign-on and web access management.
IDentityNext is a user driven conference that features an exclusive mix of presentations and panel discussions where existing and emerging development related to digital identity provides the background for un-conference, workshops, discussions and debates.
Speaking about “tools and rules” in his address, Schwartz emphasized the need for better open source software and industry alignment on OAuth2 in order to achieve scalable peer to peer, peer to organization, and organization to organization trust on the Internet.
“Not until now has there been a standard mechanism for implementing federated authentication and authorization on the Internet that every domain can support,” said Schwartz. “OpenID Connect will be that standard, and will ultimately enable the next evolution of the Internet.”
OpenID Connect defines a specific way to use OAuth2 to authenticate a person similar to older protocols like SAML. However, the new specification, which has been developed in coordination by leading consumer identity providers like Google, Microsoft and Facebook, is flexible enough to handle both the API access requirements of mobile applications and the federated identity requirements of the enterprise.
“There are expected to be 50 billion connected devices by 2020,” continued Schwartz. “That means all the Internet users in the world plus an additional 50 billion machines will be authenticating to websites and applications to access content and services. Simply put, current standards were not built to handle that type of scale.”
In addition to emerging standards, Schwartz also discussed in his address how current trust models like multi-party federation are allowing large networks of autonomous organizations to achieve scalable trust using existing open standards. He referred to the United States higher education federation, InCommon, as an example of a multi-party federation that has scaled to include more than 500 trusted higher education institutions and commercial and nonprofit service providers.
Gluu provides design, build, and operational services to organizations that want to deploy OX for single sign-on, strong authentication, and web access management. The “OX” open source project, maintained by Gluu, implements two profiles of OAuth 2.0: OpenID Connect for authentication and UMA for authorization. A subscription to the Gluu Server, Gluu’s flagship service, enables an organization to more quickly deploy and more easily operate one or more OX instances for their Internet domain, on the IAAS platform of their choice, to enable centralized authentication and access management.