|
Building an Identity Bus, Part 2
05/07/08
Last time out I told you about an informal discussion I had with Microsoft's Kim Cameron, Novell's Dale Olds, Quest's Jackson
Shaw hosted by Kuppinger-Cole's Felix Gaehtgens all about the so-called "Identity Bus." I said that we reached a conclusion
about the best way to move forward, but perhaps it's better to say we identified a couple of paths that might be worth taking.
Building an Identity Bus, Part 1
05/05/08
One of the most interesting "panel discussions" I had at the European Identity Conference didn't have anyone in the audience.
Kuppinger & Cole senior analyst Felix Gaehtgens gathered Microsoft's Kim Cameron, Quest's Jackson Shaw (former colleagues
at Zoomit) and Novell's Dale Olds for a video interview (which may or may not show up at the KCP Web site) about the "Identity
Bus."
Putting Context in Identity
04/30/08
I had a wonderful time at last week's 2nd annual European Identity Conference in Munich. Martin Kuppinger and his crew at
Kuppinger Cole + Partner for putting on an excellent conference, one which I highly recommend you add to your calendar for
next year. I'd also like to thank the great guys who put themselves in harm's way (well, harm to their reputations) by participating
in the three hour long panel sessions I moderated on the general topic of "Putting Context in Identity."
Tracking regulatory changes without the eye-strain
04/28/08
Governance and compliance are some of the least glamorous and most arduous parts of the identity management field. It's thankless
work with little reward. Especially hard is the seemingly simple job of deciding which regulations apply to your enterprise,
and what new things you need to implement as new regulations are promulgated and old ones are revised. And, of course, no
one is subject to only one set of regulations, are they? What can you do about gaps and overlaps - and how can you find them?
That's a lot of lemons, so it's not surprising that someone is making lemonade out of it.
OpenPages takes on the least glamorous parts of identity managment
04/23/08
Last issue I promised a look at a veteran company in the governance, risk and compliance sector that I'd been planning a closer
look at for over a year. And today we're actually going to take a look at OpenPages, a company that's been around since 1996
and yet still might be considered an "overnight success."
Context in identity
04/21/08
Today I want to talk about a company I mentioned a year ago, with all intentions of telling you more about them. But even
as I try to get them into today's newsletter, there's a timely issue to tell you about first, especially if you're in Munich
this week for the 2nd annual European Identity Conference.
Hitachi to take Larry Ellison approach to identity management - buy, buy, buy
04/16/08
My phone rang at 8:30 a.m. one day last week, which isn't that strange an occurrence. East coast PR people sometimes seem
to think that, since Network World publishes my stuff I must live in Massachusetts. But this call was from someone in the
Mountain Time zone who happened to be in California that day. It was Idan Shoham, M-Tech Technology's CTO, and he wanted to
make sure I was OK since I wasn't on the list for his press conference that morning. The event would be "interesting" was
all that he would say about it. And it sure was. The conference was to announce that Hitachi had bought a majority interest
in M-Tech which will henceforth be known as Hitachi-ID. An interesting announcement on many levels.
Oracle centralizes security processes into Service-Oriented Security
04/14/08
Last week I told you about RSA's (that's RSA, The Security Division of EMC, of course) announcements at the RSA 2008 Conference.
Today we'll cover a few more and try to get to the rest in the next issue. Next week we'll begin coverage of the 2nd European
Identity Conference which begins on April 22. But let's start off by looking at what Oracle did, and didn't, announce at RSA.
RSA updates Authentication Manager with business continuity, extended authentication methods
04/09/08
This week is the annual RSA Conference in San Francisco and there are lots of announcements by the participants. We covered
one of the host's announcements last time - RSA's Identity Assurance platform. Today we're taking a closer look at a second
announcement by RSA, Version 7.1 of RSA Authentication Manager, which supports Identity Assurance.
RSA updates Authentication Manager with business continuity, extended authentication methods
04/07/08
It's RSA week in San Francisco, so that means lots of announcements, even if they're only of the "I'm waving so you know I'm
still here" variety. I fondly remember one such announcement from a few years ago that, in essence, said: "We added four new
customers last quarter, none of whom you ever heard of. So we're not jumping the shark just yet." Actually, a press release
like that means you have jumped the shark, and - as proof - that company wasn't around a year later.
Mailbag: Is the metadirectory dead?; Oracle's 2 billion entry directory
04/02/08
Today I want to dip into the mailbag and share some readers' comments on recent newsletters. People had lots to say about
the death of the metadirectory, the identity hub/bus and Oracle's 2 billion entry directory. So let's dive right in.
IBM buys Encentuate: What options do IBM single sign-on customers have at upgrade time?
03/31/08
Now that the dust has settled on IBM's purchase of Encentuate, it's intriguing to speculate on what IBM's current customers
- who are using Tivoli Access Manager for Enterprise Single Sign-On (TAM ESSO) - will do when it's time to "upgrade."
The 2 billion entry directory tree
03/26/08
It's deja vu. I got a note from Oracle's Technology media marvel (and soon to be media mother) Rebecca Hahn touting a new
study, commissioned by Oracle, from the Performance Engineering Group at Persistent Systems. It's titled "2 Billion Entry
Directory Benchmark." I thought I was back in the 90's!
The perfect vehicle for identity
03/24/08
At the recent Directory Experts Conference (DEC), Microsoft's Stuart Kwan spoke of what's been called the "identity bus."
His contention was that the Microsoft Identity Metasystem was the perfect vehicle (pun intended) for this purpose.
Microsoft's Credentica purchase helps it sprint ahead of OpenID
03/19/08
Last issue I talked about the two recent acquisitions in the enterprise single sign-on and software-as-a-service sectors but
there was more happening last week, and it was in the user-centric identity space. One was the acquisition by Microsoft of
Credentica and the other a launch of yet another OpenID provider, Clickpass.
Ping, IBM acquisitions make for a busy time in the single sign-on sector
03/17/08
Last issue I promised a further look at Microsoft and its (non-) support of standard protocols such as SAML, SPML and XACML.
And I will get back to that. But last week's news of a couple of acquisitions by Ping Identity and IBM/Tivoli in the single
sign-on space as well as a launch in the user-centric sector are going to use up all the digital ink I've been allocated for
this week. But we will return to the standards issues.
Why won't Microsoft commit to identity management standards?
03/12/08
In January, I commented that Bill Gates had never warmed up to identity issues and judging by his keynote address at the Consumer
Electronics Show, he never will. In the last newsletter, I talked about Microsoft's evident blind spot regarding metadirectories
and virtual directories. Today I want to talk about Microsoft and identity management standards.
Is the metadirectory dead?
03/10/08
Last week's Directory Experts Conference had eight vendor sponsors - and two of those were virtual directory companies! One
was the grand-daddy of virtual directory vendors, Radiant Logic while the other was the "new kid on the block," Optimal IdM.
Veteran readers of this newsletter should be very familiar with Radiant Logic and its offerings but this is Optimal's first
visit to these august pages so let's look a little closer at its products.
Dot Net Factory aims to simplify SharePoint permission management; Uniloc strengthens SCADA systems
03/05/08
Today I want to tell you about two new releases, from two different vendors. One covers a traditional market, the other a
non-traditional one. Both, though, have to do with authentication and authorization with one designed to protect your data
while the other works to protect the infrastructure.
Tantra Nightclub: Where everybody knows your name - and your identity
03/03/08
Usually when Calgary, Alberta is mentioned in this newsletter it's something about Pamela Dingle, doyenne of the Pamela Project,
but not this time. This time I want to tell you about a bar. Calgary's Tantra Nightclub thought it had hit on a way to keep
the violence down by scanning patrons' driver's licenses as they entered. According to a story in the Calgary Sun, this was
Tantra's way of contributing to Alberta's "Cage Your Rage" campaign and bouncer training program. But the city's Information
and Privacy Commissioner recently ruled that this was a privacy violation and could no longer be allowed. This was applauded
by many, including Microsoft's identity guru, Kim Cameron. However, I'm going to side with the night club.
MetaPass' single sign-on package enables administrators to create scripts visually
02/27/08
It seems every time I think that single sign-on is becoming old hat something comes along that makes me open my eyes. WIDE.
I sat down with Metapass CEO David Dupouy last week while he showed off his excellent solution for single sign-on. And I do
mean "single sign-on" literally. It's not "simplified" sign-on or "reduced" sign-on - it's perhaps the only contender for
the "it works with everything" prize. But don't just take my word for it.
Eclipse finally delivers its Higgins open source identity framework
02/25/08
The average gestation period for a human baby is nine months. The average gestation period for an elephant is just a tad under
two years. But that's almost instantaneous when compared to a software project. Still, after being talked about, chewed over
and discussed for much longer than an elephant's gestation period, the Eclipse Foundation has finally released Higgins framework,
Version 1.0, an open source identity framework.
Using smart cards vs. passwords for identification
02/20/08
A recent Datamonitor survey showed that 62% of enterprises have experienced problems relating to passwords being shared, borrowed
or stolen from within their organizations. The survey of 200 enterprises also found that only 21% of the respondents are confident
that passwords will provide sufficient user authentication for their businesses over the next five years. Yet most of us are
still using passwords. Isn't there a better way?
Ping Identity claims to speed up connections for secure single sign-on
02/18/08
Safe, secure and easy to deploy - what more could you ask from a federation server? Ping Identity's newest version of the
PingFederate server (Version 5.0) promises just that. The "easy" part is Auto-Connect, a major new feature of the latest version
of the industry's first third-party federation server, that promises to significantly speed up the time it takes to establish
SAML connections.
Was it lack of governance at Societe Generale that allowed rogue trader to do harm?
02/13/08
The recent Societe Generale trading scandal is being portrayed by many as another example of the poor security that passwords
provide (see, for example, "Forgotten IT chores may have led to bank meltdown"). But digging further into the tale of "rogue"
trader Jerome Kerviel reveals another distinctly plausible cause of the problem.
More articles
»
|
[1,407]
