Authentication Update (Siteminder)
Many within ITS and elsewhere are asking me what is going on with the new authentication infrastructure. I realize that their queries highlight my failure to keep people informed, but this entry will be one of many efforts to fix that problem. So here's the deal straight up:
For the sake of reviewing the structure around product development (web authentication is an important product) let me write briefly about product management and project management. The product manager has ownership of the product, and is ultimately responsible for its success or failure. I am the product manager for web authentication. I am not, however, the project manager for web authentication. That is Sonny Olsen, a very capable fellow. The responsibilities of the project manager include managing the timeline of the project, ensuring that deliverables are completed on time, and coordinating resources. This is an oversimplified explanation of the structure, but I gather that these fundamentals are not widely understood. For a better understanding of the role of a product manager, please see Phil's whitepaper.
OK, with that out of the way, here is the deal with web authentication. A group of stakeholders from security, operations, engineering, product management (representing customer interest), and project management have begun the process of determining the vision and scope of web authentication. This is a very important process that we really haven't done for authentication in the past. The result of this effort will be a common understanding of the product and the project to create it, and will be the starting point for complete functional requirements gathering. I know to some of you this may seem like a silly exercise, but it is a best practice and our best bet for creating a product that meets functional requirements and is supported by TSM. Everyone involved with authentication from an operations and an engineering perspective will have a chance to shoot holes at it before it is finalized and agreed to. I will also work to confirm it with customers. This document will be available to everyone, including our customers, once completed.
The vision/scoping document is just the first step. Take a look at this diagram to understand the process better (I will be talking about this more in other entries). Broader participation will occur after the document is completed. We have to make sure we have a common understanding of the problem and the proposed solution before we can go solving problems and engineering the solution. I hope we will be able to complete the vision/scoping document over the next 2 weeks (Nov 15). It is way too soon to estimate when the new web authentication system will be completed, but it will definitely be after the new year. This project is number 2 on the organizational priority sheet behind the acceptance test environment, so it will get that level of attention.
If you have questions or concerns or think we are all screwed up, please feel free to let me know. I am serious about this. If you have questions about product management, project management, or whatever, please contact me.
10:29:16 AM 
|
|
