Two identity management papers worth reading

The foundation for security and enterprise management

The days are growing shorter and the nights longer as we head into fall. Less time for outdoor play, more time to sit inside and cozy up by the fire with a libation and something to read. I can't provide the tipple, but I can point out some deserving reading material. No pot-boilers, I'm afraid, but a couple of recent white papers that are both educational as well as thought provoking. Not a bad combination.

First up is “Strategies for Creating an Authoritative Store” from Matthew Pollicove at Secude Global Consulting. Secude is an SAP partner and the paper is a strategy briefing for SAP NetWeaver Identity Management (formerly MaXware) clients. The paper is summarized as:

“Creation of an Authoritative Store is a key component of an Identity Management Infrastructure. The Authoritative Store can be created using a number of different strategies. The determination of the best strategy is by a thorough analysis of sources, database resources, available data synchronization tools and the IAM tools in use by the organization.” In other words, it’s all about creating a centralized directory structure upon which to base your provisioning system. This is a good background, basic structure piece for any team that’s considering provisioning for their organization. The only surprise is that Pollicove, who came from MaXware, a leading virtual directory house, doesn’t actually mention the words “virtual directory,” though he does talk about metadirectories. Still, everything he writes is applicable to a standard virtual directory solution.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

The days are growing shorter and the nights longer as we head into fall. Less time for outdoor play, more time to sit inside and cozy up by the fire with a libation and something to read. I can't provide the tipple, but I can point out some deserving reading material. No pot-boilers, I'm afraid, but a couple of recent white papers that are both educational as well as thought provoking. Not a bad combination.

First up is “Strategies for Creating an Authoritative Store” from Matthew Pollicove at Secude Global Consulting. Secude is an SAP partner and the paper is a strategy briefing for SAP NetWeaver Identity Management (formerly MaXware) clients. The paper is summarized as:

“Creation of an Authoritative Store is a key component of an Identity Management Infrastructure. The Authoritative Store can be created using a number of different strategies. The determination of the best strategy is by a thorough analysis of sources, database resources, available data synchronization tools and the IAM tools in use by the organization.” In other words, it’s all about creating a centralized directory structure upon which to base your provisioning system. This is a good background, basic structure piece for any team that’s considering provisioning for their organization. The only surprise is that Pollicove, who came from MaXware, a leading virtual directory house, doesn’t actually mention the words “virtual directory,” though he does talk about metadirectories. Still, everything he writes is applicable to a standard virtual directory solution.

You’ll need to register for the paper, but it’s worth it. Follow the links from Matt’s blog entry to get to the latest version.

Also worth reading is a new paper from Microsoft’s Trustworthy Computing initiative about identity privacy and security on the Internet. I do wince a bit at the title “Online Identity Theft: Changing the Game” since the reality is that identities aren’t “stolen” they’re misused to commit identity fraud. But if you can overlook that obviously marketing-driven title, the paper is a very good presentation of information card technology – and not just Microsoft’s own CardSpace. As the summary puts it: “A new approach to securely managing online identity is essential - namely, a system that uses an interoperable, vendor-neutral framework and gives end users more direct control over their digital identity. One key component of this system is a new technology called an ‘Information Card,’ which enables the creation of very secure digital entities.”

“Interoperable” and “vendor neutral” are hardly terms we would have expected from Microsoft even five years ago, but a lot has changed in Redmond and there is growing awareness that not everyone uses a Microsoft platform but it is necessary for everyone to have access to key technologies. We can be proud that it is especially in our area – call it the “identity layer” the “identity sector” or the “identity niche” – that this enlightenment is breaking out. The paper even includes a three step “call to action”:

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.