Symantec is looking to develop a service that would position the company as a third-party broker of identity management services for the web.
Speaking at the Enterprise Ventures 2006 conference, Mark Bregman, senior vice president and chief evangelist at Symantec, noted a growing hesitance on the part of some consumers and businesses to conduct business online.
A new wave is emerging in which consumers rather than enterprises are driving the web, but this could be jeopardised by fears about security, Bregman said.
"If that fear builds up too much, this could disrupt that transition," he said.
Safety concerns have arisen not only for applications such as Internet banking but also for social interaction, with identity verification an issue, Bregman added.
"One of the big areas we're focused on is: How do you solve that identity problem?"
A third party will emerge that provides identity management services on the Internet, said Bregman. An identity clearinghouse would hold enough information to verify identity but would not need other personal information, such as health records, according to Bregman.
Asked afterward if Symantec was considering becoming that identity clearinghouse, as a software as a service (SaaS) organisation, Bregman acknowledged it is under consideration.
"I think it's an area we're looking at," he said. Symantec is already in the SaaS space with its Norton 360 security service for consumers, he added.
Most technologies available today pertain to enterprise identity management, Bregman said. But the issue is establishing and maintaining an identity on the Internet, he said.
"The key is, how do you make it easy enough to establish that, but hard enough not to make it worth your while to establish a fake ID," he said.
Authentication from a user's own PC presents a higher level of confidence than that of the same user logging on from, for example, an Internet cafe in Istanbul, said Bregman. "In the enterprise, it's either you or it's not. In the broad Internet world, it's how confident am I that it's you," he said.
Rather than charging consumers for the identity management service, the clearinghouse would likely function similar to credit card services, in which merchants pay for the service, Bregman explained.
Asked to compare the clearinghouse idea to the Liberty Alliance identity management effort, Bregman said Liberty focuses on standards for communicating identities. But it does not define how to establish identities, he said.
Also at the conference, venture capital executives who have experience as CIOs offered mixed reviews on how much the SaaS model can penetrate the enterprise. They spoke on the topic after an audience member cited Google's ambitions to provide desktop applications over the web and asked how far SaaS could go in the enterprise.
Donald Haile, venture partner and site general manager with Fidelity Ventures, said that three years ago, his firm would never have bought into SaaS. But that view has changed. "I'm in the process of changing my opinion," said Haile.
Peter Solvik, managing director at Sigma Partners and a former Cisco CIO, was not as sold on the concept of SaaS. "I think it's going to be a while [before] a large enterprise is going to take things like core desktop applications and email and have it be entirely hosted" on a consumer platform, he said.
Mark Iwanowski, a former Oracle CIO and current venture partner at Trident Capital, said the question on SaaS in the enterprise was a matter of "how fast it's going to happen."
Thomas Hale, senior vice president of the Knowledge Worker Business Unit at Adobe Systems, said there is a need for technology to be developed that melds collaboration capabilities and content in a single UI. But a conference attendee responded that collaborating is difficult already because of time issues.