- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
Validation, authorization: The next steps to identity management
Why the identity management industry should now be working on validation, authorization
Sign up for this newsletter now!
Dave Kearns provides the information you need to evaluate, install and maintain your corporate identity management system.
As someone pointed out to me last week, we're still spending an inordinate amount of time talking about authentication, and still trying to find a way to obviate the need for users to either memorize or write down lists of passwords and account names. Certainly that issue has come up in this newsletter a number of times over the past few weeks and months.
This all seemed to come to a head last week as I carried on conversations with Kuppinger Cole analyst Felix Gaehtgens and Metapass CEO David Dupouy, as well as in things I read in a New York Times column (Goodbye, Passwords. You Aren’t a Good Defense – note: registration required) and the various reactions to it on numerous blogs.
There is a lot of agreement that passwords are never going to be the best way to authenticate, no matter how strong we make them. Other authentication factors - biometrics, software tokens, out-of-band responses and hardware devices - are all better but require greater or lesser degrees of action on the part of users. And users, as most of us know, are more reluctant to change than a baseball player on a hitting streak. Getting the changes implemented is going to be a slow slog, but there should be steady progress. So what else should we be working on?
One area that Dupouy and I discussed at length was validation - ensuring that the account that gets created accurately reflects the true identity of the entity that it's created for. This step can overcome much of the identity fraud (what the popular press calls “identity theft”) that is prevalent today.
But we also mentioned - and Gaehtgens emphasized - that beyond authentication comes authorization. Getting people to the proper resources - the ones they need as well as the ones they should be allowed to access - is the next big thing. It’s time for the entitlement management people to take the center ring and show us what tricks they have. The audience is ready. Perhaps we’ll hear some amazing things at next month’s Digital ID World in Anaheim.
Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.
Most Read
Videos
Rss FeedLatest News
Rss Feed
Sponsored Links
- Linux and Unix in Your Environment? Don’t Leave Security to Chance- Quest Software
- Securing Virtualized Data Centers - eBook - Trend Micro
- Efficiency goes up. Costs come down.- Microsoft
- SQL Server Experts: Virtually unstoppable- Microsoft
- Stay informed with custom newsletters from Tech Dispenser- Tech Dispenser
- FREE LCD Console and 16 node central management tool with purchase of any KN4 series IP KVM- ATEN
- Drive down operating expenses and mitigate risk with app centralization - Live May 12.- Juniper Networks
- The Next Generation of Content Security Has Arrived! Learn More!- Websense, Inc.
- Reduce costs by 49%, Increase capacity utilization by 33%. Make the HP LeftHand SAN work for you.- HP LeftHand SAN
- Connexion saves costs with Microsoft & Novell- Novell Microsoft
-
Network World, Inc
The Leader in Network Knowledge
Comments (1)
Do you consider identity-based networking as a...By trentf@avendasys.com on February 6, 2009, 11:57 pmstarting point or something that should also be considered when looking at identity management? Basic user authentication can happen at the endpoint-network level...
Reply | Read entire comment
View all comments