Identity experts don’t think much of Gartner’s identity summit

* Identity experts’ view of Gartner’s identity show

When Gartner in October announced its Identity Access and Management Summit I pooh-poohed the idea. When it actually happened in Las Vegas last month, others joined me. Digital ID World conference organizer Phil Becker, in his newsletter, called it “a Gartner conference where the session content was thin gruel indeed.” (He didn’t go either.)

One person who did go was Nishant Kaushik, Oracle’s architect for identity management products, and what he found wasn't all that encouraging. He notes in his blog: “The session that generated the most discussion between me and my colleagues was Roberta Witty's session on User Provisioning.” (Witty is Gartner research VP for security and privacy.)

Kaushik reports that Witty claimed: “that the emergence of Web Services and SOA architectures would mean that the need for provisioning would start to disappear, as soon as 2010”! Provisioning needs might change, we might even need to provide fewer connectors and drivers for the provisioning engine. The widespread adoption of the Service Provisioning Markup Language (SPML) could mean much less reliance on manual or semi-automated provisioning steps. But as long as there are applications, services and resources to access and as long as there are security and authorization concerns, we will need a way to properly provision these services.

The second point Kaushik makes is that Witty espoused the view that “role management systems will become the central point of compliance shortly.” This, he says, “is based on her opinion that since role mining tools need to have information about access privileges in order to discover privilege patterns as roles, they are ideally placed to do compliance activities like attestation.” Now isn’t that putting the cart before the horse! Role mining is a wonderful tool, one I think everyone should use. Role-based access control (RBAC) is the “coming thing” for access. But compliance has to be based, first and foremost, on audited results, something that fits in well with today’s provisioning systems and is less comfortable tacked on to role engines.

Witty’s remarks might have been interesting, as a provocative means of stimulating conversation among veterans of provisioning battles. Unfortunately, they were delivered to what Kaushik called “a crowd more generic than the crowd you would encounter at, say, Catalyst,” while Becker noted: “I wonder if I should offer a big discount to the next Digital ID World conference for anyone who can prove they attended [Gartner’s] event so they can see what robust, real world experience based content looks like and learn what they really need to know?”

It’s nice to be proven right about something, isn’t it?

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: 10 new UI features coming to Windows 10