ID mgmt. poised for next stage

Existing identity management practices and standards in combination with Web services security protocols will provide needed protection to support distributed computing between corporations and their partners.

That concept, and the ultimate benefits for corporate users, will be main themes at the annual Burton Group Catalyst Conference, which officials say could host 1,200 attendees this week in San Francisco.

The conference also is expected to showcase vendor announcements of a number of identity management products, and the Organization for the Advancement of Structured Information Standards (OASIS) will hold an interoperability test focused on Service Provisioning Markup Language (SPML) and announce ratification of the specification.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Existing identity management practices and standards in combination with Web services security protocols will provide needed protection to support distributed computing between corporations and their partners.

That concept, and the ultimate benefits for corporate users, will be main themes at the annual Burton Group Catalyst Conference, which officials say could host 1,200 attendees this week in San Francisco.

The conference also is expected to showcase vendor announcements of a number of identity management products, and the Organization for the Advancement of Structured Information Standards (OASIS) will hold an interoperability test focused on Service Provisioning Markup Language (SPML) and announce ratification of the specification.

The Catalyst conference, now on its 10th edition, has been at the forefront in espousing the benefits of directories and most recently the concept of a virtual enterprise network, in which network boundaries between companies are blurred.

This year the focus is on identity management as a key to securing and managing the virtual enterprise network. Identity management is defined as a set of business processes and an infrastructure for the creation, maintenance and use of digital identifies under strict policies and legal constraints.

A milestone in the evolution of the virtual enterprise network concept is coming up on corporate IT executives who believe that digital identities and identity-based security and policies are fundamental for the next era of distributed computing based on Web services.

"It's fair to say we have exploited the existing generation of Web-enabled identity infrastructure about as well as is possible," says Jamie Lewis, president of Burton Group. That infrastructure consists of directories, Web access management products for single sign-on, provisioning, and delegated and self-service administration.

"Low- to medium-value applications are fairly pervasive. You can log into Web sites, you can get self-service interfaces, but if we really want to take it to the next level with higher-value transactions, more automation of processes is needed," Lewis says.

Those automated processes will rely more on federated identity, a concept that lets identity credentials be shared across corporate boundaries.

The important evolution, however, is to go beyond identities just for end users and use identity for applications and services so applications can talk securely to other applications, so Web services can talk to Web services and Web services can talk to applications.

"We can't do that without stronger security, and one of the first predicates for stronger security is well-formed and well-understood forms of identity," Lewis says.

Those identities will be tied to users, applications or computers. "Identities can be linked with policies that govern activity and draw boundaries around acceptable and allowable use," he says.