So another player in the identity market has been absorbed. HP is acquiring Trustgenix Reading Andre’s blog entry on this subject got me a nostalgic. Maybe its the season. Maybe its the leftover turkey’s tryptophan. Being part of the 1st generation of user provisioning tools in the market, and having been acquired by a “suite” vendor, I’ve had a ringside seat to watch the industry expand and contract. There was the first wave of expansion with Access360, Business Layers, Waveset, BMC for provisioning and Oblix, Netegrity, Securant, DASCOM, Entegrity for web access control. There was Courion and M-Tech for password management. Among the meta-directory group you had iPlanet, Novell, Siemens, Zoomit. OctectString and RadiantLogic were there for virtual directory services. Then there was the first major market contraction. The bubble had burst. We had blown through our cash. The dreams we had of making a squillion dollars vanished… now we had to actually work for our money. In this first major contraction, we saw CA eat Netegrity who ate Business Layers. IBM swallowed Access360, DASCOM, and Metamerge while Sun consumed Waveset. RSA bought Securant. Microsoft got Zoomit. Oracle bought Oblix and, recently, Thor and OctectString. (The ink has barely dried on this one but I consider the tail end of the first market contraction.) As the first market contraction was going on, the second wave of expansion was beginning. This centered around web services, federation, SOA, and the like. In this second wave, there are players like: Trustgenix, PingIdentity, Sxip, SOA Software, Layer 7, Symlabs. We have started to see the second contraction as HP acquires Trustgenix. There will be more to come. The real question is will the identity suite vendors buy companies from this wave, or more traditional middleware vendors snatch these players up? Federation and web services deals more with a business interaction as it happens. They deal with identity issues on the fly. Vendors from the first wave focused on the setup and tear down of identity around the business interaction. The BEA Weblogics and IBM Webspheres of the world deal with business interactions in flight and probably are more interested in the second wave vendors than the pure identity suite vendors. What’s going on now? The third wave of identity is rolling along now. The third wave focuses on activity in applications, information governance, identity in the network, and role / privilege analysis. Here we find us, Eurikify, Bridgestream, Prodigen, TIzor, Consul, Virsa, and others. This wave brings a new perspective, an identity-focused perspective, to old subjects like network and application activity. This new perspective was long in coming. Where is this market going? We have yet to see a second and third wave of contraction in the market, and we are bound to. The quest for the complete identity suite is winding down as vendors realize how hard it is to stitch together all the peices they need. Instead of unifying policy tools, we’ll get unified reporting in the name of compliance. Business orchestration tools will consume a lot of the federated and SOA players out there. As one vendors gets absorbed into another, new ones spring up. We are starting see a lot of activity reputation, portable identity, Identity 2.0, etc. As this market matures, it keeps getting more and more interesting. Technorati Tag: identity