A Journal of Identity Managementhttp://idmjournal.com/Copyright 2007, the Virtual Quill I like to think I am a realist, and my initial take on the xAuth idea was that it was a good idea necessary to solve the usability issues holding back the widespread adoption of federated consumer authentication. http://blog.talkingidentity.com/2010/04/the-x-in-xauth-stands-for.html Wed, 21 Apr 2010 12:46:40 PDT Creating a new consolidated non-profit for open identity that would combine existing groups and thereby create something quite different and new is an obvious and unoriginal idea. The question, as ever, is one of timing. Is now the moment? Kantara tried to pull this off a couple years ago, but that was too early.http://www.incontextblog.com/?p=581&preview=true Wed, 21 Apr 2010 12:29:46 PDT ACLs are at least somewhat understood, claims are new. There has to be a migration path and compatibility. But if we look at all the options we have, claims appear to be the most promising concept for the future security at the operating system level. http://blogs.kuppingercole.com/kuppinger/2010/04/21/why-we-need-claims-in-windows/ Wed, 21 Apr 2010 06:35:19 PDT XAuth, if it succeeds, will be the antithesis of user-centric identity. It is what happens when companies with businesses to run finally realize that asking users is a thankless, hopeless task that can only get in the way. We all know it is easier to ask forgiveness than permission – for better or worse, XAuth is that principle, taken to its logical conclusion.http://eternallyoptimistic.com/2010/04/20/xauth-first-take/ Tue, 20 Apr 2010 09:18:13 PDT When you have any sort of Web-based business, you really don't know who is on the other end of the network. For many interactive Web applications, it's critical to verify the true identity of the consumer. Just ask Sarah Palin...http://www.networkworld.com/newsletters/techexec/2010/041910bestpractices.html Fri, 16 Apr 2010 10:52:29 PDT I've always felt that way, but still got irritated at having to remember all of those passwords. So I've been a big user of SSO tools that store username/password credentials (encrypted, of course) and present them on your behalf during an authentication ceremony. http://www.networkworld.com/newsletters/dir/2010/041910id1.html?hpg1=bn Fri, 16 Apr 2010 10:46:21 PDT IDENTIKEY’s standard technology featuring DIGIPASS generated one-time passwords and e-signature authentication, is now compatible for online banking services. The HSM will validate the OTP or e-signature and grant the user access to the system. http://www.digitalidnews.com/2010/04/15/identikey-server-banking-edition-offers-complete-solution-for-secure-online-banking Thu, 15 Apr 2010 11:34:35 PDT Flexibility is key. Flexibility for architectures, where Identity Provisioning and Access Governance tools are just one element – there might be more than one Provisioning tool, there might be SRM, existing workflows, the integration of Provisioning and Access Governance, interfaces to Enterprise Portals, and so on. And flexibility for connections to systems, by not only relying on automation.http://blogs.kuppingercole.com/kuppinger/2010/04/15/there-is-more-than-automation/ Thu, 15 Apr 2010 09:12:17 PDT Of no surprise -a t least to me- is the fact that at the heart of many of these challenges is the issue of how individuals are actually identified. This very issue remains a fundamental roadblock for mass adoption and, whether due to cost, privacy, or technology, all of which are essential in creating a tipping point effect that can represent a much needed paradigm shift.http://ow.ly/174r7c Wed, 14 Apr 2010 15:51:14 PDT Trust is one of the biggest factors when it comes to cloud security. It encompasses everything from a choosing a trusted cloud provider to establishing trust that you are who you say you are. http://community.ca.com/blogs/iam/archive/2010/04/14/trust-and-the-cloud-identities-are-critical.aspx Wed, 14 Apr 2010 11:32:45 PDT You will need a computer password today, maybe a half dozen or more — those secret sign-ins that serve as sentries for everything from Amazon shopping carts to work files to online bank accounts. Just when you have them all sorted out, along comes another “urgent” directive from the bank or IT department — time to reset those codes, for safety’s sake. And the latest lineup of log-ins you’ve concocted won’t last for long, either. Some might temporarily stay in your head, others are jotted on scraps of paper and stuffed in a wallet. A few might be taped to your computer monitor in plain view (or are those are from last year’s batch? Who can remember?).http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/ Tue, 13 Apr 2010 15:47:17 PDT The tokens are costly for large populations of users and hard to manage for users outside the organization, like customers and contract workers. This is because in order to use these devices, companies are required to first purchase the hardware tokens, put in place processes for provisioning them, educate users on their physical protection and usage, and manage the problem of careless users losing their devices.http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1508200,00.html Tue, 13 Apr 2010 11:15:32 PDT When the Obama Administration did its Cyberspace Policy Review last May, one of its key recommendations was that the U.S. needs to build an identity management vision and strategy for the nation. This level of attention at a national level is what Smedinghoff thinks is attracting a lot of attention both domestically and internationally as a key solution to really scaling electronic commerce and electronic business activities to a higher level. http://www.bankinfosecurity.com/articles.php?art_id=2413 Tue, 13 Apr 2010 08:54:28 PDT Federating identity management makes sense, especially in a cloud environment where users are logging onto to multiple systems within and outside the firewall, Kramer acknowledged. Internal IDM is all about account provisioning, assigning user access to systems and resetting end user passwords; interbusiness IDM is about identity mapping within a partner's context.http://searchcio.techtarget.com/news/article/0,289142,sid182_gci1509770,00.html Tue, 13 Apr 2010 08:52:51 PDT I recently completed a move into a newly-built home, my first (and hopefully only) experience with building a home. In all of the chaos of getting things done, it struck me how there are similarities in moving and the IAM market. Yes, I know you can make analogies about almost anything, but stay with me here. http://blogs.gartner.com/earl-perkins/2010/04/12/handling-change-in-iam-vendors-and-customers/ Mon, 12 Apr 2010 09:34:11 PDT