It’s going to be almost magical – the day when knowledge workers can create at will the data infrastructure and integrated architecture they need to complete any job of any size at any time.

Most will be completely oblivious to the incredibly complex backend that incorporates, among other things, the broad federation and interoperability that makes it possible to maintain unified data architectures across multiple clouds both inside and outside the enterprise.

And if all goes as planned, open platforms like OpenStack will rule the roost because of the virtually unlimited number of supporting providers around the world – a collective pool of resources that dwarfs Amazon.

Too bad we’re not there yet. While cloud interoperability is on the agenda, there is quite a lot of work to do to break down the barriers to a fully integrated multi-cloud deployment.

One positive development came from the recent OpenStack Summit in Vancouver when developers including HP, IBM, Red Hat and VMware passed their interoperability tests and won the right to sport the “OpenStack Powered” label. The tests primarily target core OpenStack capabilities, so there are still vast differences when it comes to outlying project areas, but at least it indicates that much of the IT vendor community is anxious to stay within the community’s good graces. But as Fortune’s Barb Darrow notes, Unix is technically a single operating system as well, but try running an application on both HP-UX and Sun Solaris.

The new OpenStack Kilo release offers a number of intriguing developments when it comes to broadening the platform’s reach into distributed cloud architectures. But perhaps the most significant advance is the incorporation of the Keystone identity service. Its primary function is to enhance identity federation across multi-cloud environments, allowing individuals and collaborative groups to foster single-view deployments using two or more independent MSPs. The Keystone project implements OpenStack’s identity API and then ties it to authorization, auditing, library and other functions through a WSGI middleware.

This could be crucial for OpenStack’s success because without authentication of both users and resources,
data productivity is hampered by the limits of a single provider’s physical infrastructure, says CMS Wire’s Scott M. Fulton III. When were’ talking about cloud federation, then, we are really talking about identity federation. While the good news is that such federation is technically possible within Keystone, the bad news is that it is not easy to do, particularly at scale. As well, there is a fear factor at work as data managers realize that such broad authorization and ID management will have to become automated if it is to play a role in the app-to-app and machine-to-machine interactivity of the Internet of Things.

Only by producing a federated cloud will the open source community counter the market influence of both the proprietary platform developers and the hyperscale cloud providers like Amazon and Microsoft. If OpenStack can get this right, it will finally realize the dream of a vendor-, platform- and cloud-agnostic enterprise operating environment.