You’ve seen me blog a whole lot about Service-Oriented Security over the years; now you can also hear me talk about it. I’ll be doing a live webcast on “Service-Oriented Security: Blazing a New Trail of Innovation in Application Security” on Wednesday, August 25th (that’s tomorrow!) at 11:00 a.m. PT/2:00 p.m. ET . In it, [...]
Posts in ‘2010’
Pushing forward on Standards-based Provisioning
Lest all the recent posts about “pull”-based identity make you think that I have completely forgotten about good old “push”-based identity provisioning, here is some news on that. As I have discussed here in the past, SPML has been under a cloud in recent years, with low adoption and a litany of issues being documented. [...]
Identity Services should be like Vitamins, not Crack
OK, so it’s a ridiculous title. But hear me out.
Matt Flynn brought to my attention an article in which Dale Olds talks about the need for hosters (companies that provide the platform on which you deploy your Cloud/SaaS applications) to provide identity services (and as Matt points out, security services in general) as part of [...]
“Pull” is about Evolution, not Revolution
Ben has responded to my response by vigorously defending his stance against the pull movement. His statement that “…this will take more effort than it will return in value” is correct in identifying what enterprises should focus on – a cost-benefit analysis – but not in his estimation of how to do the valuation. I [...]
“Push vs Pull” in Identity Management
My friend Ben Goodman over at Novell recently wrote a blog post arguing against the “future of identity is pull” movement that seems to be sweeping the nation (well, at least the hallways at the recent Catalyst conference). I’ll give him credit for having the conviction to go against the grain here, since the idea [...]
Beyond SPML: Access Provisioning in a Services World
Another Burton Group Catalyst conference has come to a close, and as always it was a treasure trove of stories, ideas and conversations. Which is why it was great to have the uncertainty around the conference laid to rest when it was announced that it will be back next year (July 26-29 in San Diego, [...]
Time to Catalyse Some Change in Provisioning
It’s Burton Group Catalyst time again, and I will be pushing forward in my quest to advance access provisioning to the next level. I will be giving a talk on “Beyond SPML: Access Provisioning in a Services World” tomorrow (Wednesday, July 28 2010) at 11:20 am, part of the “provisioning needs to change” block (it [...]
The Challenge of Security Questions
Jackson Shaw just wrote about a website called goodsecurityquestions.com. As the name indicates, it’s a site that purports to distinguish between good and bad questions to employ when setting up for your identity re-verification challenges (for when you forget your password or need to execute a high-value transaction, for instance). The same site also (correctly) [...]
Announcing Oracle Identity Management 11g
Well, the press release went out a few hours ago, and the launch webcast just finished minutes ago, announcing the arrival of Oracle Identity Management 11g, the next phase in our rollout of the most complete, integrated and open suite of identity management products. As Amit Jasuja shared in the webcast, there is over 750 [...]
It’s All in the Cooking – 11g Drops Today
Last week I was at Oracle HQ for our annual Identity Management Customer Advisory Board meeting. It was an absolutely jam-packed two and a half days. I cannot tell you how great it was to spend time with our customers, those that have been with us for a while, and those that just joined the [...]
