Journal 16

The Architecture Journal

July 2008


Dear Architect,

In the previous issue of the Journal, we explored the role of the architect across a number of dimensions. After being the editor of the Journal for 10 issues, I myself have accepted a new role leading the Platform Architecture Team here at Microsoft. I would like to introduce the new editor-in-chief of the Microsoft Architecture Journal, Diego Dagum. Diego has a long career as an architect and is the current editor behind the MSDN architecture center. Please join me in welcoming Diego to the new role as editor-in-chief; and, as always, we welcome all your feedback at

Simon Guest


Two years ago, when an article of mine about evolving architectures was published in an independent IT magazine, a colleague said to me, “You should write for The Architecture Journal.” I couldn’t have predicted that I would now find myself writing for this magazine as its editor. I want to thank Simon Guest for this opportunity and these big shoes to fill; during his tenure, readership has more than doubled, increasing from 30,000 to 62,000+.

In this issue, we invite you to think about the identity architecture in your organization. Identity management today is evolving from the single, isolated scenario to a federated one, in ways that might surprise you.

We begin this sixteenth journey with Fernando Gebara Filho’s introduction to identity concepts and strategies, how they have evolved and the road ahead. Next, Jesus Rodriguez and Joe Klug examine an assortment of strategies for making identity a first-class citizen in the portfolio of federated applications. Gerrit van der Geest and Carmen de Ruijter Korver consider the challenge of establishing an application-level trust environment, as user identities, in a service-oriented world, must flow from a service consumer to a provider.

For this issue’s profile, we caught up with Kim Cameron, author of “The Laws of Identity,” whose ideas on federated identities are shaping the next generation of Microsoft identity technologies. (A funny thing happened the day I visited Kim for this interview: I forgot my ID badge, so I needed Kim to “certify” my identity to the lobby.)

Resuming our journey, Mario Szpuszta describes how the Austrian healthcare system turned an administrative provisioning crisis into a clear opportunity for creating an open identity federation. Then Vittorio Bertocci explains how architectural patterns allow us to build claim-aware solutions, so that when the cloud arrives to companies, identity management won’t necessarily look cloudy.

Finally, Mike Morley and Barry Lawrence reveal how they synchronized identities on multiple systems and legacy applications from a single administrative console through a consolidating framework.


Dear reader, I’d like to be the first to welcome you to the issue, and hope that you’ll identify with the articles within. Enjoy!


Diego Dagum

Articles in This Issue

The Evolving Role of the Identity: From the Lone User to the Internet

by Fernando Gebara Filho

A report on how identity technologies have evolved to accommodate current needs, and what the challenges are from here to the future.

Federated Identity Patterns in a Service-Oriented World

by Jesus Rodriguez and Joe Klug

A sequence of strategies intended to make applications trust each other. How scenarios challenge the real success of each strategy and what can we do to address those challenges.

Managing Identity Trust for Access Control

by Gerrit J. van der Geest and Carmen de Ruijter Korver

A reference architecture for the management of Identity Trust within the context of Identity and Access Management.

Architecture Journal Profile: Kim Cameron

Kim Cameron is an Identity architect at Microsoft Corp. Learn what the founder of “the Laws of Identity” has to say about his career.

Federated Identity and Healthcare

by Mario Szpuszta

A real-world example of federated identifi cation implemented in the Austrian National Healthcare System.

Claims and Identity: On-Premise and Cloud Solutions

by Vittorio Bertocci

How the lessons learned from current efforts on federated identities are determining upcoming trends in cloud-hosted applications.

Enterprise Identity Synchronization Architecture

by Mike Morley and Barry Lawrence

A case study on smart provisioning strategies for controlled and legacy environments.

Download this issue here

This article was published in the Architecture Journal, a print and online publication produced by Microsoft. For more articles from this publication, please visit the Architecture Journal Web site.