A Journal of
Identity Management
| HOME | EVENTS | RESOURCES | NEWSLETTERS | IDENTORATI | ABOUT |
|
|
|
A Journal of |
|
Departments Home
|
Recently Added Resources Using claims for driving web sites... without writing any codeHow-to TOPIC: SSO Written/presented by: Vittorio Bertocci thanks to the Geneva Framework and a small sample ASP.NET control, the developer will be able to leverage identity information for driving the behavior of his page... without writing a single line of code and practically without knowing anything about identity management ! You can try this yourself on your own machine by downloading the sample code on Code Gallery. SPONSOR: Microsoft Reining In Sharepoint White Paper TOPIC: OTHER Written/presented by: This white paper outlines some best practices that have evolved to help protect SharePoint sites. It also describes the capabilities of Courion’s identity-aware solutions that enable IT administrators and security managers to locate, analyze and remediate SharePoint sites with users who hold access rights that are inconsistent with best practices, corporate policy, or regulatory requirements. SPONSOR: Courion Access Assurance: Ensuring only the right people have the right access to the right resources and ar White Paper TOPIC: Identity management Written/presented by: Access Assurance is a unique approach that ensures only the right people have the right access to the right resources and are doing the right things. This white paper defines the Access Assurance lifecycle and identifies three core components— Access Governance, Access Provisioning and Access Compliance—which enable companies with even the most complex, heterogeneous environments to increase operational efficiency and transparency, strengthen security and improve compliance, while delivering lower total cost of ownership. SPONSOR: Courion How Can Identity and Access Management Help Me with PCI Compliance White Paper TOPIC: Regulatory Compliance Written/presented by: PCI Compliance has become a business requirement for any company involved in the processing of credit card information. It requires strong security controls over all systems and applications that process or store cardholder information. These controls serve to manage vulnerabilities and to control access to all confidential information. PCI Compliance therefore requires comprehensive security across a range of systems and applications. CA Identity & Access Management (CA IAM) provides a comprehensive and proven solution for assuring PCI compliance, by ensuring the privacy of all confidential cardholder information. CA IAM provides strong control over access to all Web applications, systems, and data. SPONSOR: CA The Information Card Ecosystem: White Paper TOPIC: SSO Written/presented by: Craig Burton The emergence of a long-awaited digital identity layer for the Internet means the evolution from an identity model based on one-dimensional cookies and passwords to a new model based on two-dimensional Information Cards. These user-authorized packages of identity data are controlled and managed by a new software tool called a selector. The card/selector model gives rise to a new identity ecosystem of card providing sites (identity providers) and accepting sites (relying parties). It also ushers in a new capability—cross-site context sensitivity—that will quickly become an essential feature of next-generation browsing. The paper concludes by looking at the next steps in the evolution of this ecosystem, particularly how it will integrate and adapt to multiple identity protocols. SPONSOR: Information Card Foundation Roles-Based Access Governance: Methodology & Best Practices Webinar TOPIC: Roles Written/presented by: Brian Cleary, Vice President, Products and Marketing, Aveksa Although roles-based access control (RBAC) has been the subject of much interest in the past, companies are still dealing with the complexity of managing roles at the technical infrastructure level (applications & provisioning). For some organizations, this complexity is an obstacle to deploying effective roles-based access governance. In this brief 10 minute webcast, Brian Cleary, Vice President of Products and Marketing will discuss the best practices for continuous roles lifecycle management... SPONSOR: Aveksa Management of IT security risk White Paper TOPIC: OTHER Written/presented by: The proposed prudential practice guide (PPG) seeks to address those areas of IT security that APRA has identified, through its ongoing supervision, as the main areas of potential weakness. It provides a set of principles that are considered to represent better practice for safeguarding IT assets through sound risk management and control frameworks. SPONSOR: Australian Prudential Regulation Authority Jan Alexander on the claims transformation language in Geneva Server beta 2 Video TOPIC: Identity Federation Written/presented by: Jan Alexander In this episode Jan Alexander, Sr. Program Manager, Federated Identity, takes a deep dive into the powerful, all new claims transformation language in Geneva Server beta 2. This language is used in claims processing, acceptance and issuance, and Jan provides a primer on the flexibility and capabilities of this domain specific language. SPONSOR: Microsoft MICROSOFT® “GENEVA” SERVER AND SUN OPENSSO White Paper TOPIC: Identity Federation Written/presented by: Interoperability between heterogeneous technologies is becoming increasingly important as organizations that run different kinds of applications seek to collaborate with each other. Sun and Microsoft are addressing this issue with solutions for identity federation that support the SAML federation standard. SPONSOR: Sun Microsystems Leading Practices for Driving Down the Costs of Managing Your Oracle Identity and Access Management White Paper TOPIC: Identity management Written/presented by: The paper covers three distinct phases of an Oracle Identity Management system deployment– Implement, Manage and Optimize, and provides an overview of the various tools and methods that you can use to achieve a superior ownership experience while keeping a lid on the systems management costs. SPONSOR: Oracle Role Based Access Control: What is it, why bother and how to implement it? White Paper TOPIC: Roles Written/presented by: This document is intended to introduce readers to role based access control (RBAC), as applied to large numbers of users and multiple IT systems. It is organized into five distinct parts: 1. Development of RBAC concepts from a simple model to a complex but realistic privilege management infrastructure. 2. Business drivers to motivate organizations to use an RBAC system to manage security privileges. 3. Process for deploying RBAC into an organization. 4. Maintenance tasks for keeping a deployed RBAC system functioning smoothly. 5. Organizational impact of the deployment project and of the running RBAC system. SPONSOR: M-tech On Identity Assurance in the Presence of Federated Identity Management Systems White Paper TOPIC: Identity Federation Written/presented by: Baldwin, Adrian; Casassa Mont, Marco; Beres, Yolanta; Shiu, Simon In this paper we address the appropriate management of risk in federated identity management systems by presenting an identity assurance framework and supporting technologies. We start by discussing the risk mitigation framework that should be part of any identity assurance solution. We then demonstrate how our model based assurance technologies can be used to report success of an identity assurance programme. We discuss how this approach can be used to gain trust within a federated identity management solution both by communicating the nature of the assurance framework and that risks are successfully being mitigated. Finally, we show the importance of automation of controls in easing operational costs; providing improved audit information and changing the risk mitigation landscape. SPONSOR: HP Identity Management (IdM) Slides TOPIC: Identity management Written/presented by: Identity management is moving ahead rapidly. Shibboleth and InCommon are making great strides. Representatives from the banking and credit card industries are sitting around the table with federal and state government agencies in the Electronic Identity Assurance Expert Group (EIAEG) within the Liberty Alliance. The Credential Assessment Framework, developed by NIST, the National Institute of Standards and Technology, is being applied to an expanding federation of public and private institutions, including a number of campuses. The Identity Management working group will review these and other current activities of interest and chart a path for future action. SPONSOR: Educause A Case for Collaborative Identity Management in a Complex Decentralized Environment Slides TOPIC: Identity management Written/presented by: Andrea Beesing (Cornell University) and David S. Yeh (Cornell University) Using the identity life cycle of the Cornell student as a use case, we will discuss the value of approaching identity management as a collective responsibility. The business and IT sides of the house must partner to meet rising expectations for streamlined access to information in a world where services are distributed not only across multiple campus units but also across multiple institutions. SPONSOR: Educause Courion Perspective – Role Management White Paper TOPIC: Roles Written/presented by: Role management can be both very challenging and very rewarding to customers seeking simplified user administration, efficient user provisioning, and improved compliance and risk management. Download an informative and educational white paper detailing best practices and considerations around the business and technology aspects of role management, and Courion’s experience-based approach to helping customers achieve their desired results. SPONSOR: Courion Courion Perspective – User Provisioning White Paper TOPIC: eProvisioning Written/presented by: User provisioning is the core component of a successful identity management program. Organizations need to control who has access to enterprise resources, what level of access individuals have, and who is authorized to grant access. Download an informative and educational white paper from Courion, the provisioning experts, detailing best practices for developing a user provisioning and access management strategy, key considerations when selecting an automated provisioning solution, and Courion’s results-oriented approach to automated user provisioning. SPONSOR: Courion Living List of Identity Management Forums White Paper TOPIC: Identity management Written/presented by: Incomplete, but useful listing of standards and discussion groups in IdM SPONSOR: ITU Effectively manage access to systems and information to help optimize integrity and facilitate compl White Paper TOPIC: Entitlement management Written/presented by: In the face of growing numbers of complex regulatory requirements, organizations must find a way to protect their information and systems while giving ever-growing numbers of users access to the systems and applications they need. This is particularly critical when it comes to the continually growing business requirement to increase employee, customer and trading-partner access to valuable data and resources, such as in a service oriented architecture (SOA) environment. SPONSOR: IBM Surviving an Identity Audit White Paper TOPIC: Regulatory Compliance Written/presented by: Matt Flynn In this whitepaper, I tried to help people at smaller organizations get their arms around some of the big challenges related to compliance. Specifically, the focus is on the identity portion of an IT audit. Regulations such as SOX, HIPAA, GLBA and PCI-DSS have requirements and/or guidance that relate directly to IT – more specifically to information security. And digital identities are at the core of information security. So, an audit of an organization's identity infrastructure is a vital component of an IT audit or a larger regulatory audit. In this paper, I cover the Identity Audit project lifecycle, leveraging a multi-regulatory approach, and creating a culture of compliance. SPONSOR: NetVision A Guide to Active Directory Replication How-to TOPIC: Directory issues Written/presented by: Laura E. Hunter * Transitioning to Active Directory * Maintaining consistency * Handling conflict resolution * Changes in Windows Server 2008 SPONSOR: Microsoft TechNet |
To see the resources for a particular topic, just choose it from this list: |
© Copyright 2003 - 2007, The Virtual Quill
