Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Validation, authorization: The next steps to identity management

Why the identity management industry should now be working on validation, authorization
Security: Identity Management Alert By Dave Kearns , Network World , 08/20/2008
Kearns
Sign up for this newsletter now!

Dave Kearns provides the information you need to evaluate, install and maintain your corporate identity management system.

  • Share/Email
  • Tweet This
  • Comment
  • Print

As someone pointed out to me last week, we're still spending an inordinate amount of time talking about authentication, and still trying to find a way to obviate the need for users to either memorize or write down lists of passwords and account names. Certainly that issue has come up in this newsletter a number of times over the past few weeks and months.

This all seemed to come to a head last week as I carried on conversations with Kuppinger Cole analyst Felix Gaehtgens and Metapass CEO David Dupouy, as well as in things I read in a New York Times column (Goodbye, Passwords. You Aren’t a Good Defense – note: registration required) and the various reactions to it on numerous blogs.

Demystifying Green IT - How Aspen Skiing Company Gets Green Done: View now

There is a lot of agreement that passwords are never going to be the best way to authenticate, no matter how strong we make them. Other authentication factors - biometrics, software tokens, out-of-band responses and hardware devices - are all better but require greater or lesser degrees of action on the part of users. And users, as most of us know, are more reluctant to change than a baseball player on a hitting streak. Getting the changes implemented is going to be a slow slog, but there should be steady progress. So what else should we be working on?

One area that Dupouy and I discussed at length was validation - ensuring that the account that gets created accurately reflects the true identity of the entity that it's created for. This step can overcome much of the identity fraud (what the popular press calls “identity theft”) that is prevalent today.

Related Content

But we also mentioned - and Gaehtgens emphasized - that beyond authentication comes authorization. Getting people to the proper resources - the ones they need as well as the ones they should be allowed to access - is the next big thing. It’s time for the entitlement management people to take the center ring and show us what tricks they have. The audience is ready. Perhaps we’ll hear some amazing things at next month’s Digital ID World in Anaheim.

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comments (1)
Login
Forgot your account info?

Do you consider identity-based networking as a...By trentf@avendasys.com on February 6, 2009, 11:57 pmstarting point or something that should also be considered when looking at identity management? Basic user authentication can happen at the endpoint-network level...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed