- Google I/O 2013's Coolest Products and Services
- 10 Star Trek Technologies That are Almost Here
- 19 Generations of Computer Programmers
- 25 Must-Have Technologies for SMBs
Network World - There's a thunderbolt of change coming in cloud-based identity management, with new possibilities for single sign-on (SSO) and provisioning through cloud-based services.
Symantec and VMware are separately working on their own approaches to cloud-based SSO and identity management, Symantec with its "Project Ozone" and VMware with "Project Horizon."
While discussed at VMworld recently, Project Horizon still seems to be exactly that, on the horizon. There's a little more light being shed on Symantec's Project Ozone, which now has officially been given the product name "O3."
Expected to debut next year, O3 will be a way that information technology managers can exert policy-based access control for employees whether they have mobile devices or traditional computers. The O3 service will grant the managers access to any authorized cloud-based service or network, while this access record is maintained for audit and compliance purposes. O3 will be the central point for provisioning and de-provisioning of user access privileges based on a wide means of authentication varying from simple password to stronger means, such as two-factor tokens.
With cloud-based SSO, Symantec will be following where others, in their own approaches, have gone before, including Hitachi, Symplified, Okta, IBM Tivoli, Courion and Ping Identity. It's still a nascent market, ripe with the expectation that IT managers will need cloud-based provisioning of users in a world of cloud-based applications.
"It's targeted as a security service," says Rob Koeten, senior technical director for O3, which he calls a "security layer" to encompass employee mobile devices or PCs. Essentially, O3 calls for funneling traffic through a proxy-like service and gateway associated with identity. For enterprise use, O3 could exert granular control over exactly how a sales employee could use the Salesforce software as a service, for example, says Koeten. When it debuts next year, which is Symantec's goal, O3 will support the top 200 cloud-based services, he says.
Like Symantec, VMware has long been eyeing cloud-based identity management. With its Project Horizon ballyhooed for more than a year, VMware is nurturing its aspirations without tipping its hand too much. (Coincidentally, Symantec CEO Enrique Salem alluded to O3 during his keynote at this February's RSA Conference, on the same day RSA president Art Coviello was touting Project Horizon, in which he said RSA is working with VMware on compliance-based security for cloud-based services.)
Project Horizon is still largely a vision statement made in 2010 with no specific delivery date. But VMware CEO Paul Maritz highlighted the ongoing development in his recent VMworld keynote address, saying Project Horizon is "a set of technologies" that will offer "the ability to associate information to people, not devices." Using cloud-based identity management, it will be possible to control user access to applications, including where they may be downloaded, such as to Android devices, something VMware demoed at the show.