Information Cards, access governance, and Human Identity Systems

11/19/08

In addition to the Internet Identity Workshop that I attended last week, it was also the third annual Gartner Group Identity and Access Management (Gartner IAM) conference, held in Orlando. Since I couldn't be on both coasts at the same time, I relied on a "proxy" visit to Florida.

When will we achieve the 'Big Bang' for identity?

11/17/08

I've just come from the first full day of sessions at the Internet Identity Workshop (IIW) and I've got a feeling unlike any I've had before after IIW. From the first of the twice yearly gatherings, back in late 2005, I've always come away with a feeling that we're on the right path and the breakthrough event is just around the corner. This time, though, I'm despairing that we may never get there.

NetPro loyalists disgruntled over merger with Quest; Centrify releases DirectAuthorize

11/12/08

This week is the Fall Internet Identity Workshop (IIW), the twice-yearly gathering of identity folk, primarily from the user-centric camp but with a large contingent from the enterprise world (especially the enterprise federation space). I'll have a lot to say about these sessions in the coming weeks, but for today I'd like to catch up on recent news about the Quest/NetPro merger, SURFnet, Microsoft's Geneva, and a new role-based entitlements product from Centrify.

Google revises its OpenID implementation to accept all Relying Parties

11/10/08

Google got to its position in the pantheon of technology companies by not being always right. It has made mistakes as often as, and as big as, anyone else in the industry. But what got Google its leadership position (in addition, of course, to a great search engine) is its ability to admit when it has made a mistake and then to correct it. Last week I mentioned that Google's implementation of OpenID had caused quite a stir in the OpenID community. There was happiness that Google - the Midas of technology companies - had touched their pet project but also despair that it wasn't a pristine implementation. One major sticking point was that your Google OpenID would not be usable at just any site that accepted OpenIDs (called "Relying Parties" or RPs).

PingID releases PingConnect for cloud-based identity

11/05/08

I mentioned some of last week's announcements from Microsoft and Google in the last issue but there was another important one concerning Google and Ping Identity. Meanwhile, Microsoft continued to surprise me with more announcements this week surrounding Intelligent Application Gateway and Identity Lifecycle Manager.

Microsoft, Google make moves in identity management

11/03/08

Microsoft and Google, OpenID and CardSpace - and even a bit of SAML - featured prominently in last week's identity-related announcements. Microsoft made a couple of brilliant moves while Google appeared to stub its toe by irritating the OpenID community even as it was trying to ingratiate itself with them.

How you can use identity management to decide where to invest your hard-earned cash

10/29/08

I came across an interesting posting from Kuppinger Cole's Martin Kuppinger the other day which sought to explain the recent economic turmoil in terms of identity management implementations. Or, as Martin called it: "The economic turmoil - and its relationship to IT Risk Management". Let's delve into his interesting theory a bit more.

Oracle delivers the fruit of its Bharosa acquisition

10/27/08

Regular readers will know that I'm a big fan of context-based authentication (see, for example, Putting Context in Identity). I applauded Oracle last year on its acquisition of Bharosa because Bharosa provided one of the first context-aware authentication services. I've been eager for the first release of the product (formerly Bharosa Tracker) under the Oracle aegis with true Oracle Identity integration. That happened last month.

Novell, Aveksa unveil Novell Access Governance Suite; Quest details NetPro roadmap

10/22/08

There have been quite a few product announcements recently which I haven't gotten to as yet but I wouldn't want you to think they aren't important, or at least useful. So today I'll give a quick rundown of them with pointers to where you can find out more. The announcements involve Novell Access Governance Suite, Sun's Identity Compliance Manager, Courion's PasswordCourier Jump Start, and a roadmap for NetPro.

The U.S. President and his role in identity management

10/20/08

It's the silly season here in North America. That is, there are national election campaigns under way in both the United States and Canada. So, in the spirit of turning that lemon into a refreshing thirst quenching drink, we'll use the U.S. government as a good example of roles and how they work in identity management.

Three potential scenarios for the future of identity federation

10/15/08

I spent a day last week with SURFnet. And, no, SURFnet has nothing to do with Moondoggie, Gidget, or the Beach Boys and it wasn't in Huntington Beach. It's actually all about eductation, and this day was about identity. SURFnet is the organization that operates the Dutch National Research and Education Network. It connects universities, hospitals, research institutions and other non-commercial organizations and, in turn, connects to other European and world-wide NRENs. One area that SURFnet has pioneered is in federated identity services. But the organization thought that it was time to plan for the future, and that's what last week's meeting was about.

Parity rolls out free Information Card issuing service

10/13/08

One thing that's led to a slow uptake in the adoption of Information Card technology is the cost and complexity - or at least a perceived complexity - of Microsoft's CardSpace software. Oh, and the fact that it's not really available yet. Well, that's no longer the stumbling block as new kid on the block Parity has just released CardPress, the world's first service for issuing Information Cards. Not only is there now a service available to issue managed cards it's also free!

Why eliminate administrator rights?

10/08/08

In the 20-plus years I've spent consulting, hand-holding, troubleshooting and securing networks one of the most frequently asked questions I hear from business leaders is "How do I keep sensitive data from the prying eyes of the network administrators?" The answer has always been "trust." It was that way because we really had no way to remove administrative privileges from the administrators. But a new e-book by IT consultant Greg Shields promises to help. In fact, it's titled "Eliminating Administrator Rights" and is a part of Realtime Publishers' Essentials series. If you have a Windows network, this is essential for you.

The two-pronged attack to push Information Cards

10/06/08

Back in July I told you about the formation of the Information Card Foundation (see "The call for a new identity standard"). In announcing the new group, Executive Director Charles Andres was quick to point out that it would NOT be a standards body, and would not produce specifications. Rather, the organization was intended to advance the use of the Information Card metaphor. Let's consider that the first shoe dropping, shall we? The second dropped last week.

Oracle puts identity front and center at Oracle OpenWorld

10/01/08

Oracle had a very low-profile presence at Digital ID World, but not because it had nothing to talk about. Instead, it kept its press releases and official announcements for last week's Oracle OpenWorld conference in San Francisco, where identity was front and center.

Radiant Logic, SailPoint give their products an 'identity change'

09/29/08

Before completely leaving the events of the recent Digital ID World show there were a couple of announcements that I wanted to point out since they concerned identity and identity products on multiple levels. Two old friends of this newsletter, Radiant Logic and SailPoint, announced upgrades to their flagship products. They also announced what could be called an "identity change" for the products.

Two identity management papers worth reading

09/24/08

The days are growing shorter and the nights longer as we head into fall. Less time for outdoor play, more time to sit inside and cozy up by the fire with a libation and something to read. I can't provide the tipple, but I can point out some deserving reading material. No pot-boilers, I'm afraid, but a couple of recent white papers that are both educational as well as thought provoking. Not a bad combination.

Quest/NetPro: Two classy organizations are now one

09/22/08

I want to discuss the big merger/aquisition announcement last week between Quest and NetPro, but before getting to that, there's a bit of a clarification about the last issue. Joerg Resch, senior partner at German-based analyst firm Kuppinger Cole, punctured my bubble this past week when he pointed out that the "fun" in Fun Communications (mentioned in the last issue) wasn't necessarily a reference to the joie de vivre spirit of the organization, but was an acronym for the founders - Feulner and [in German, "und"] Nahr. Of course, just to show that the Germans do have a sense of humor, he titled the e-mail "It's always FUN to read your newsletter."

Sun working on Sun SPOT for personalization based on identity

09/17/08

While sitting in the airport waiting to come home after last week's Digital ID World, I ran into Sun's Pat Patterson, best known, to me, for aggregating lots of ID stuff at Planet Identity, and Mark Dixon, who heads up Sun's Project Destination. Mark was willing to share valuable information, such as attributing his weight loss to the Wii Fit, but he also wanted to tell us about something he'd recently seen in another Sun lab.

Putting the Fun in virtual loyalty cards

09/15/08

Towards the end of last week's Digital ID World show, as at most such gatherings, people greet you with "How're you doin'? Have you seen anything interesting?" Frequently the answer is no, there's just more of the same (and there was a lot of that at the event). But I did see something that got me a bit excited. But, oddly enough, I didn't see it "at" the show. It was - wonder of wonders - a press release that crossed my desk from Germany's engagingly named Fun Communications announcing the launch of its information card service.

The Gartner Magic Quadrant double standards, plus how to properly read the MQ

09/10/08

It never fails. Each year, at events like Digital ID World that's happening this week, I hear, privately, from a number of vendors - who don't wish to be quoted - about how superficial and meaningless are the Gartner Group's "Magic Quadrant" proclamations. I then get a press release from these same vendors trumpeting their placement in one quadrant or another.

Winners of Digital ID World's Iddy Awards

09/08/08

This week I'm at Digital ID World which means I get to chat with folks I haven't seen in a while but it also means it's officially awards season. In a session worthy of the Daytime Emmys, the Liberty Alliance once again passed out its awards to "…identity-based applications built using Liberty Federation (including SAML 2.0), Liberty Web Services, Liberty People Service and Liberty Advanced Client specifications." Yes, it's time once again for the Iddy Awards!

Digital ID World is no cartoon stuff

09/03/08

Digital ID World takes place in Anaheim next week and it's sure to be, once again, a hot bed of discussion about identity topics. While I hope all the attendees will try to fight their way into the two sessions I'll be doing, there's also a lot of other stuff going on that should whet your appetite for learning.

The nitty-gritty of information cards and OpenID interoperability

09/01/08

Sometimes an idea occurs simply because it's time for it to occur. It occurs to multiple people in multiple places at, roughly, the same time. Often those ideas, brilliant though they may be in their own right, are simply the extension of the ideas of others - a synthesis of many thoughts to arrive at a new conclusion. That appears to be happening in identity right now. The last two issues have talked about the grand unified theory of so-called "enterprise-centric" and "user-centric" identity. Now comes a paper talking about the interoperability of the two major user-centric models: information cards and OpenID.

Why there's no 'user-centric' or 'enterprise-centric' identity

08/27/08

Last issue, we examined the difference between what are termed "user-centric" and "enterprise-centric" identity management schemes. Enterprise-centric identity management, we postulated, is really all about tying together all the activities and attributes of a single entity into a readily accessible (and reportable and auditable) form; while user-centric identity is about keeping various parts of your online life totally separated so that they aren't accessible and no report can be drawn. I ended the newsletter by asking if there was a way to unify these two seemingly disparate objectives. And I believe there is.

More

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.