In February, Odette will publish its recommendation for Federated Identity Management in the Automotive Industry. The recommendation is the culmination of 2 years work by an Odette project team comprising BMW, Daimler, Bosch, Hella, ZF and Covisint supported by PingIdentity, Siemens, and Microsoft. The idea of Federation Identity Management is to enable Single-Sign-On (SSO) functionality across different security infrastructures in a standardised way. It is an enabling technology for addressing the demands of new business models (e.g. virtual companies, joint development programs, co-operation between companies etc.)

All of these put enormous pressure on IT departments to deliver appropriate, and easy to deploy solutions. We see enterprise boundaries (e.g. “my infrastructure”, “my accounts”, “my development team”) disappearing and being replaced by an “on demand” enterprise model.

There are various areas of application of Federation Services and SSO: Even within a single company there is a need to face the challenge of different applications (e.g. ERP systems, network domains, host computers etc.) each having their own access management system and needing to be administered individually. Business, however, takes place where the appropriate knowledge (“human capital”) can be aggregated and investment can be optimised . This situation will increasingly be achieved with “on demand” teams, which come together to achieve one or more specific project targets and disperse again afterwards.

Most industries are facing enormous challenges today, when it comes to supporting these business models with appropriate IT solutions, and Federation Services is one of the central technologies that can really help both OEMs and suppliers to interact in a seamless standardised way.

There are challenges, which are common to all businesses:

• Business processes and relationships are changing rapidly – IT must be flexible and adaptive towards the changing business needs.
• IT must support enterprise aggregation and disaggregation (“virtual companies”, mergers etc.) with minimum impact on already existing investments in processes and infrastructures.
• Over the next 3 to 5 years, we will see a dramatic increase in businesses facing the challenge of driving joint development programs with various partners, setting up those development programs in a standardised, easy and secure way.
• 80% of all business relationships have similar requirements:

• Quicker “Time to Relationship” becomes ever more critical (i.e. time between the business decision for a new collaboration and the actual IT support for the collaboration).
• New technologies used for establishing the relationship in the IT infrastructure must be easy to adapt and have a low maintenance cost.
• Allow staff to work with systems and accounts they already have instead of adding more and more new systems and applications for them to master.
• Leverage already existing processes and investments (user helpdesk processes, etc.).
• Make access and communications secure.

Some of the potential benefits that drive the requirement for such a solution are:

• At least 30% of IT costs which occur when setting up new joint development projects could be saved by using the same infrastructure and following the same processes.
• No management (e.g. password resets) of “foreign” (i.e. external partner) accounts would be necessary. Staff would not need to be trained to use additional accounts, leaving them to work with those accounts and environments they are already used to.
• Support calls for a typical medium sized enterprise when managing foreign accounts should drop by 50%.
• Costs for setting up new business relationships should drop to 70% of today’s costs.

The new Odette recommendation will set a significant standard for future collaboration scenarios and bring substantial cost savings to those who use it with their partners

For more information, please contact Joerg Walther.