Network World
Sunday, July 6, 2008
DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools
NetworkWorld.com > Site Resources > Newsletters > Security: Identity Management Alert
Search this newsletter 
Signup for this newsletter now!

This newsletter will give you the information you need to evaluate, install and maintain the right directory services and identity management software for your enterprise. Along the way, Dave Kearns will explain the buzzwords and acronyms and cut through the fog so you'll understand both the basics of the directory as well as advanced concepts of identity management.


Security: Identity Management Alert

 

This year's Catalyst Conference, very Oprah, very Cosmo
07/02/08
Last week's Burton Group Catalyst Conference might have been subtitled "The Oprah Year" ("Get Health, Beauty, Recipes, Money, Decorating and Relationship Advice on Oprah.com") because the buzz was all about relationships. Burton Vice President and Research Director Bob Blakley even illustrated his presentation with what could have been pictures clipped from Cosmo.

Catalyst keynote speaker: 'We need to think differently'
06/30/08
Last week was the annual Burton Group Catalyst Conference and, like last year, the announcements came fast and furious. There were new products, new companies and even a new organization. It's going to take a few newsletters to cover them all, so I better get started. First, though, I want to capture the overall theme and tone of the conference.

Re-using employee ID numbers, or not
06/25/08
Sometimes a clarification succeeds only in further muddying the waters. That's what I did last week, not for the first time either. Probably won't be the last, though. It's concerning that issue of re-using identifiers and re-using employee ID numbers. At the risk of further muddying things, let's take a final look (for now) at the issues.

Provisioning/de-provisioning in the education sector
06/23/08
Provisioning/de-provisioning in the education sector.

Identity Bus discussion focuses on re-hires
06/18/08
Last week's newsletter about the Identity Bus raised a number of issues in the Network World forums, some of which I addressed last newsletter. But there was another issue raised that deserves its own discussion.

Identity Bus topic sparks community discussion
06/16/08
Last week's newsletter re-visiting the Identity Bus contrasting virtual data storage with persistent data storage brought forth a number of comments on the Network World Web site, which I’d like to address today.

Dealing with orphan accounts and de-provisioning
06/11/08
I want to add just a bit more on orphan accounts and de-provisioning before we move on to the next round of conferences (Burton's Catalyst in two weeks, then next month's inaugural SSO Summit get together).

Re-visiting the Identity Bus/Hub issue
06/09/08
Today I want to re-visit the Identity Bus/Hub issue, which is also caught up with the choice between completely virtual directories and persistent storage metadirectories.

Time to investigate orphaned accounts
06/04/08
De-provisioning is the act of removing access for a user's account while not necessarily removing the account (which most likely will still be needed for a while for compliance auditing and other reasons). Almost all current provisioning software includes modules to de-provision accounts, but that hasn't always been the case. As I noted in an article about the first identity provisioning application, back in 1999, de-provisioning was in the road map for the second release. By now I'd expected that a) just about everyone would have installed provisioning software; and b) most of those would include de-provisioning as a feature. I was wrong.

What's hot and what's not for role management
06/02/08
Roles are not necessary for governance, risk, compliance and entitlement (GRCE) management, just as roads aren't necessary in order to drive cars. And just as it would be foolish to consider driving from, say, San Francisco to New York without using roads so too would it be foolish to consider implementing GRCE management without roles. I was reminded of this when a press release crossed my desk a couple of weeks ago.

Access Agents solve digital identity problems
05/28/08
In all the discussion of IBM's recent purchase of Encentuate, I seem to have concentrated on its effect on IBM/Tivoli customers as well as on Passlogix, previous supplier of single sign-on technology for those customers. I've said very little about Encentuate, though. Not that I'm going to do so today. (Although it does appear to be a good deal for that company) Instead, I want to look at something that Peng Ong, the founder of Encentuate, said recently.

Interoperability appears to be the 'new religion' in identity
05/26/08
There were a couple of recent announcements that should be brought to your attention, one to "close the circle" on something while the other leaves the circle open and ambiguous.

What does an Identity Hub look like?
05/21/08
A question I've been getting lately is "what does an Identity Hub look like?" As regular readers will know, the Identity Hub/Identity Bus is a topic we've talked a lot about recently (click here if you're not familiar with the topic). So far, though, there's nothing even close "in the field." There are a couple of things, both still theoretical at this point, that encompass some of the functionality, though. One I've mentioned before and one I should have.

Venues for enterprise identity practitioners
05/19/08
Last week's Internet Identity Workshop (IIW) was, as always, the hotbed of user-centric identity, privacy protection, open source identity and social networking data exchange. As the meeting's charter reads: "The heart of the workshop is a practical idealism in working towards the shared vision of a decentralized, user-oriented identity layer for the Internet." And, afterall, this is where the OpenID Foundation was born. So I was intrigued to see a session called "Enterprise Identity Roadmap for enterprise identity architects: a discussion."

The Identity Bus vs. the virtual directory
05/14/08
An anonymous reader posted to the Network World forum asking about the Identity Bus: "Using LDAP as the name or protocol for the Identity Bus makes it sound like a virtual directory to me. What would be the difference? How would an Identity Bus be different than a virtual directory?" A perfectly good question, which shows the interest in the concept, but also the need to explain it all just a bit better.

Why does identity data need its own special bus?
05/12/08
In the last two issues I talked about the "Identity Bus" and the discussion that Kuppinger-Cole's Felix Gaehtgens led at the recent European Identity Conference. Now, in response to popular demand (Felix's boss wanted to see what he was up to), the entire interview (in five parts) has been posted online - complete and unedited, a raw look at some familiar talking heads in an informal environment. It runs almost 40 minutes, so get some coffee and give it a look. I'll be talking more about some of these same characters after this week's Internet Identity Workshop.

Building an Identity Bus, Part 2
05/07/08
Last time out I told you about an informal discussion I had with Microsoft's Kim Cameron, Novell's Dale Olds, Quest's Jackson Shaw hosted by Kuppinger-Cole's Felix Gaehtgens all about the so-called "Identity Bus." I said that we reached a conclusion about the best way to move forward, but perhaps it's better to say we identified a couple of paths that might be worth taking.

Building an Identity Bus, Part 1
05/05/08
One of the most interesting "panel discussions" I had at the European Identity Conference didn't have anyone in the audience. Kuppinger & Cole senior analyst Felix Gaehtgens gathered Microsoft's Kim Cameron, Quest's Jackson Shaw (former colleagues at Zoomit) and Novell's Dale Olds for a video interview (which may or may not show up at the KCP Web site) about the "Identity Bus."

Putting Context in Identity
04/30/08
I had a wonderful time at last week's 2nd annual European Identity Conference in Munich. Martin Kuppinger and his crew at Kuppinger Cole + Partner for putting on an excellent conference, one which I highly recommend you add to your calendar for next year. I'd also like to thank the great guys who put themselves in harm's way (well, harm to their reputations) by participating in the three hour long panel sessions I moderated on the general topic of "Putting Context in Identity."

Tracking regulatory changes without the eye-strain
04/28/08
Governance and compliance are some of the least glamorous and most arduous parts of the identity management field. It's thankless work with little reward. Especially hard is the seemingly simple job of deciding which regulations apply to your enterprise, and what new things you need to implement as new regulations are promulgated and old ones are revised. And, of course, no one is subject to only one set of regulations, are they? What can you do about gaps and overlaps - and how can you find them? That's a lot of lemons, so it's not surprising that someone is making lemonade out of it.

OpenPages takes on the least glamorous parts of identity managment
04/23/08
Last issue I promised a look at a veteran company in the governance, risk and compliance sector that I'd been planning a closer look at for over a year. And today we're actually going to take a look at OpenPages, a company that's been around since 1996 and yet still might be considered an "overnight success."

Context in identity
04/21/08
Today I want to talk about a company I mentioned a year ago, with all intentions of telling you more about them. But even as I try to get them into today's newsletter, there's a timely issue to tell you about first, especially if you're in Munich this week for the 2nd annual European Identity Conference.

Hitachi to take Larry Ellison approach to identity management - buy, buy, buy
04/16/08
My phone rang at 8:30 a.m. one day last week, which isn't that strange an occurrence. East coast PR people sometimes seem to think that, since Network World publishes my stuff I must live in Massachusetts. But this call was from someone in the Mountain Time zone who happened to be in California that day. It was Idan Shoham, M-Tech Technology's CTO, and he wanted to make sure I was OK since I wasn't on the list for his press conference that morning. The event would be "interesting" was all that he would say about it. And it sure was. The conference was to announce that Hitachi had bought a majority interest in M-Tech which will henceforth be known as Hitachi-ID. An interesting announcement on many levels.

Oracle centralizes security processes into Service-Oriented Security
04/14/08
Last week I told you about RSA's (that's RSA, The Security Division of EMC, of course) announcements at the RSA 2008 Conference. Today we'll cover a few more and try to get to the rest in the next issue. Next week we'll begin coverage of the 2nd European Identity Conference which begins on April 22. But let's start off by looking at what Oracle did, and didn't, announce at RSA.

RSA updates Authentication Manager with business continuity, extended authentication methods
04/09/08
This week is the annual RSA Conference in San Francisco and there are lots of announcements by the participants. We covered one of the host's announcements last time - RSA's Identity Assurance platform. Today we're taking a closer look at a second announcement by RSA, Version 7.1 of RSA Authentication Manager, which supports Identity Assurance.

More articles  »

 


Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.

Receive Network World's Security: Identity Management Alert Newsletter

Browse Newsletter categories: Branch Office Best Practices Alert | Convergence & VoIP Alert | IT Careers and Training Alert | IT Leadership Alert | Network Architecture Alert | Network Optimization Alert | Network/Systems Management Alert | Security Strategies Alert | Security: Identity Management Alert | Security: Network Access Control Alert | Security: Threat Alert | Small Business Technology Alert | Storage Alert | Technology Executive Alert | Unified Communications Alert | Web Applications Alert | Wide Area Networking Alert | Wireless Alert |