Digital ID World is no cartoon stuff

09/03/08

Digital ID World takes place in Anaheim next week and it's sure to be, once again, a hot bed of discussion about identity topics. While I hope all the attendees will try to fight their way into the two sessions I'll be doing, there's also a lot of other stuff going on that should whet your appetite for learning.

The nitty-gritty of information cards and OpenID interoperability

09/01/08

Sometimes an idea occurs simply because it's time for it to occur. It occurs to multiple people in multiple places at, roughly, the same time. Often those ideas, brilliant though they may be in their own right, are simply the extension of the ideas of others - a synthesis of many thoughts to arrive at a new conclusion. That appears to be happening in identity right now. The last two issues have talked about the grand unified theory of so-called "enterprise-centric" and "user-centric" identity. Now comes a paper talking about the interoperability of the two major user-centric models: information cards and OpenID.

Why there's no 'user-centric' or 'enterprise-centric' identity

08/27/08

Last issue, we examined the difference between what are termed "user-centric" and "enterprise-centric" identity management schemes. Enterprise-centric identity management, we postulated, is really all about tying together all the activities and attributes of a single entity into a readily accessible (and reportable and auditable) form; while user-centric identity is about keeping various parts of your online life totally separated so that they aren't accessible and no report can be drawn. I ended the newsletter by asking if there was a way to unify these two seemingly disparate objectives. And I believe there is.

The difference between user-centric and enterprise-centric identity, explained

08/25/08

I'm sometimes asked why there's a division between so-called "user-centric" identity and "enterprise-centric" identity. And as it's true that both approaches have a lot in common, I've struggled a bit to find the definitive differentiator, but I think a couple of friends have given me the pointers I need.

Validation, authorization: The next steps to identity management

08/20/08

As someone pointed out to me last week, we're still spending an inordinate amount of time talking about authentication, and still trying to find a way to obviate the need for users to either memorize or write down lists of passwords and account names. Certainly that issue has come up in this newsletter a number of times over the past few weeks and months.

Provisioning/deprovisioning problematic for a third of organizations

08/18/08

Every time we think we've finally gotten a handle on the user provisioning/deprovisioning issue something comes along to disabuse us of that notion. In this case it's the results of a survey of attendees at last spring's Directory Experts Conference (DEC) put on by NetPro.

One security implementer shares his single sign-on best practices

08/13/08

At the recent SSO Summit I moderated a panel of single sign-on implementers. One of them, Christopher Paidhrin HIPAA & IT security officer for ACS Healthcare Solutions, was kind enough to let me share with you his "best practices" list which he calls: "To Do & Not To Do: SSO implementation lessons learned."

Microsoft's Zermatt aims to ease development of claims-based identity apps

08/11/08

Last week's issue on so-called user-centric identity technologies in the enterprise ("Where do OpenID and InfoCards fit?") reminded me that there was a Microsoft announcement in early July that I should have written about but hadn't as yet. So today we'll correct that oversight.

Where do OpenID and InfoCards fit?

08/06/08

As I was saying last issue, one of the more interesting sessions I attended at the recent "first annual SSO Summit" was an open space presentation (i.e., the dozen or so attendees all participated led by our discussion leader, Ping Identity's CTO, Patrick Harding) called "Where do OpenID and InfoCards fit?"

The first annual SSO Summit

08/04/08

I recently attended the first annual SSO Summit at the Keystone resort near Denver and I was very much impressed by the level of discussion that took place. The attendance was small (a little over 100 attendees), but most were security and/or IT managers, execs and implementers from fairly large organizations. And all were willing to share their own experiences, and their questions, about the right path to take and the right reasons to take it for reducing the number of authentication points a user needed to see during the course of the business day.

Fingerprint biometrics bring 360 degrees of navigation to cell phones

07/30/08

Last week's newsletter about Upek's fingerprint reader with built in single sign-on (SSO) properties was written just a day before another big announcement in the biometric/fingerprint space, one which was just as interesting - at least to me - because it highlights another area I believe fingerprint biometrics are crucial - cell phones.

Oracle finds success in the identity sphere

07/28/08

There was big news out of Oracle last week. Not the announcement of Oracle Access Management Suite (relatively big news), but a personnel change that speaks volumes for the success that Oracle has had in the identity sphere.

The time may finally be right for biometrics

07/23/08

I've been following biometrics and, specifically, fingerprint technology for a past 10-12 years. Each time I think it's about to take off, the sizzle turns to a fizzle once again. But now the time might be right. Not that biometrics are any more acceptable (even though they are), nor that the accuracy has improved (even though it has), but because the right application has come along.

The Texas whirlwind is back

07/21/08

She's ba-a-ck. The woman a called a "Texas whirlwind," the ebullient, peripatetic, indefatigable Sara Gates is back in the saddle.

The 'identity as a service' controversy

07/16/08

Last week I used the phrase "identity as a service (IaaS)" in the newsletter ("The On Demand Identity Company"). I've used the phrase before because it describes what identity with a service-oriented architecture (SOA) is - a service, in the network, providing identity data and management. As a phrase, it's been used for a few years - almost since the day "software as a service" was first coined. It hasn't been controversial until now.

Conversations with established ID vendors at Catalyst

07/14/08

For the past couple of weeks I've been reviewing some of what occurred at this year's Catalyst conference, but there's been so much to cover that I haven't even begun to mention the conversations I had with established identity vendors (IBM, Sun, Novell, ActivIdentity, CA, Passlogix and more). There were a lot of announcements from these folk, most of which got covered in the print and online versions of Network World (my colleague, John Fontana, was also on the conference), but there are a few things I want to mention. First, though, let's talk about next week.

The On Demand Identity Company

07/09/08

During the recent Catalyst Conference I found time to chat with all the usual identity management suspects, but there were also a couple of folks I met with for the first time. On the theory that if I didn't know about them then you don't either (else you would have told me about them, wouldn't you?) I'll introduce them to you today and get to the "old gang" next time.

The call for a new identity standard

07/07/08

For those of you who have just tuned in, we're in the midst of reviewing the recent Catalyst Conference and the various announcements made in and around that get together. Last week I told you about the major themes presented on stage, and later on we'll hear about the new products, new versions of old products and new start-ups that got announced. Today, though, I want to examine the organizational events that occurred - a new release from a standards body, a new promotional organization and the call for a new standard.

This year's Catalyst Conference, very Oprah, very Cosmo

07/02/08

Last week's Burton Group Catalyst Conference might have been subtitled "The Oprah Year" ("Get Health, Beauty, Recipes, Money, Decorating and Relationship Advice on Oprah.com") because the buzz was all about relationships. Burton Vice President and Research Director Bob Blakley even illustrated his presentation with what could have been pictures clipped from Cosmo.

Catalyst keynote speaker: 'We need to think differently'

06/30/08

Last week was the annual Burton Group Catalyst Conference and, like last year, the announcements came fast and furious. There were new products, new companies and even a new organization. It's going to take a few newsletters to cover them all, so I better get started. First, though, I want to capture the overall theme and tone of the conference.

Re-using employee ID numbers, or not

06/25/08

Sometimes a clarification succeeds only in further muddying the waters. That's what I did last week, not for the first time either. Probably won't be the last, though. It's concerning that issue of re-using identifiers and re-using employee ID numbers. At the risk of further muddying things, let's take a final look (for now) at the issues.

Provisioning/de-provisioning in the education sector

06/23/08

Provisioning/de-provisioning in the education sector.

Identity Bus discussion focuses on re-hires

06/18/08

Last week's newsletter about the Identity Bus raised a number of issues in the Network World forums, some of which I addressed last newsletter. But there was another issue raised that deserves its own discussion.

Identity Bus topic sparks community discussion

06/16/08

Last week's newsletter re-visiting the Identity Bus contrasting virtual data storage with persistent data storage brought forth a number of comments on the Network World Web site, which I’d like to address today.

Dealing with orphan accounts and de-provisioning

06/11/08

I want to add just a bit more on orphan accounts and de-provisioning before we move on to the next round of conferences (Burton's Catalyst in two weeks, then next month's inaugural SSO Summit get together).

More

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.